// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; import * as enums from "../types/enums"; import * as utilities from "../utilities"; import {RoutingRule} from "../s3"; export interface GetAvailabilityZoneFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetAvailabilityZoneFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetAvailabilityZonesFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetAvailabilityZonesFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeAvailabilityZones API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetRegionsFilter { /** * Name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1]. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetRegionsFilterArgs { /** * Name of the filter field. Valid values can be found in the [describe-regions AWS CLI Reference][1]. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface ProviderAssumeRole { /** * The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m. */ duration?: pulumi.Input; /** * A unique identifier that might be required when you assume a role in another account. */ externalId?: pulumi.Input; /** * IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. */ policy?: pulumi.Input; /** * Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. */ policyArns?: pulumi.Input[]>; /** * Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls. */ roleArn?: pulumi.Input; /** * An identifier for the assumed role session. */ sessionName?: pulumi.Input; /** * Source identity specified by the principal assuming the role. */ sourceIdentity?: pulumi.Input; /** * Assume role session tags. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Assume role session tag keys to pass to any subsequent sessions. */ transitiveTagKeys?: pulumi.Input[]>; } export interface ProviderAssumeRoleWithWebIdentity { /** * The duration, between 15 minutes and 12 hours, of the role session. Valid time units are ns, us (or µs), ms, s, h, or m. */ duration?: pulumi.Input; /** * IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. */ policy?: pulumi.Input; /** * Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. */ policyArns?: pulumi.Input[]>; /** * Amazon Resource Name (ARN) of an IAM Role to assume prior to making API calls. */ roleArn?: pulumi.Input; /** * An identifier for the assumed role session. */ sessionName?: pulumi.Input; webIdentityToken?: pulumi.Input; webIdentityTokenFile?: pulumi.Input; } export interface ProviderDefaultTags { /** * Resource tags to default across all resources. Can also be configured with environment variables like `TF_AWS_DEFAULT_TAGS_`. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ProviderEndpoint { /** * Use this to override the default service endpoint URL */ accessanalyzer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ account?: pulumi.Input; /** * Use this to override the default service endpoint URL */ acm?: pulumi.Input; /** * Use this to override the default service endpoint URL */ acmpca?: pulumi.Input; /** * Use this to override the default service endpoint URL */ amg?: pulumi.Input; /** * Use this to override the default service endpoint URL */ amp?: pulumi.Input; /** * Use this to override the default service endpoint URL */ amplify?: pulumi.Input; /** * Use this to override the default service endpoint URL */ apigateway?: pulumi.Input; /** * Use this to override the default service endpoint URL */ apigatewayv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appautoscaling?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appconfig?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appfabric?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appflow?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appintegrations?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appintegrationsservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ applicationautoscaling?: pulumi.Input; /** * Use this to override the default service endpoint URL */ applicationinsights?: pulumi.Input; /** * Use this to override the default service endpoint URL */ applicationsignals?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appmesh?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appregistry?: pulumi.Input; /** * Use this to override the default service endpoint URL */ apprunner?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appstream?: pulumi.Input; /** * Use this to override the default service endpoint URL */ appsync?: pulumi.Input; /** * Use this to override the default service endpoint URL */ athena?: pulumi.Input; /** * Use this to override the default service endpoint URL */ auditmanager?: pulumi.Input; /** * Use this to override the default service endpoint URL */ autoscaling?: pulumi.Input; /** * Use this to override the default service endpoint URL */ autoscalingplans?: pulumi.Input; /** * Use this to override the default service endpoint URL */ backup?: pulumi.Input; /** * Use this to override the default service endpoint URL */ batch?: pulumi.Input; /** * Use this to override the default service endpoint URL */ bcmdataexports?: pulumi.Input; /** * Use this to override the default service endpoint URL */ beanstalk?: pulumi.Input; /** * Use this to override the default service endpoint URL */ bedrock?: pulumi.Input; /** * Use this to override the default service endpoint URL */ bedrockagent?: pulumi.Input; /** * Use this to override the default service endpoint URL */ budgets?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ce?: pulumi.Input; /** * Use this to override the default service endpoint URL */ chatbot?: pulumi.Input; /** * Use this to override the default service endpoint URL */ chime?: pulumi.Input; /** * Use this to override the default service endpoint URL */ chimesdkmediapipelines?: pulumi.Input; /** * Use this to override the default service endpoint URL */ chimesdkvoice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cleanrooms?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloud9?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudcontrol?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudcontrolapi?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudformation?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudfront?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudfrontkeyvaluestore?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudhsm?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudhsmv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudsearch?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudtrail?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatch?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchevents?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchevidently?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchlog?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchlogs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchobservabilityaccessmanager?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cloudwatchrum?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codeartifact?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codebuild?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codecatalyst?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codecommit?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codeconnections?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codedeploy?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codeguruprofiler?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codegurureviewer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codepipeline?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codestarconnections?: pulumi.Input; /** * Use this to override the default service endpoint URL */ codestarnotifications?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cognitoidentity?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cognitoidentityprovider?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cognitoidp?: pulumi.Input; /** * Use this to override the default service endpoint URL */ comprehend?: pulumi.Input; /** * Use this to override the default service endpoint URL */ computeoptimizer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ config?: pulumi.Input; /** * Use this to override the default service endpoint URL */ configservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ connect?: pulumi.Input; /** * Use this to override the default service endpoint URL */ connectcases?: pulumi.Input; /** * Use this to override the default service endpoint URL */ controltower?: pulumi.Input; /** * Use this to override the default service endpoint URL */ costandusagereportservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ costexplorer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ costoptimizationhub?: pulumi.Input; /** * Use this to override the default service endpoint URL */ cur?: pulumi.Input; /** * Use this to override the default service endpoint URL */ customerprofiles?: pulumi.Input; /** * Use this to override the default service endpoint URL */ databasemigration?: pulumi.Input; /** * Use this to override the default service endpoint URL */ databasemigrationservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ databrew?: pulumi.Input; /** * Use this to override the default service endpoint URL */ dataexchange?: pulumi.Input; /** * Use this to override the default service endpoint URL */ datapipeline?: pulumi.Input; /** * Use this to override the default service endpoint URL */ datasync?: pulumi.Input; /** * Use this to override the default service endpoint URL */ datazone?: pulumi.Input; /** * Use this to override the default service endpoint URL */ dax?: pulumi.Input; /** * Use this to override the default service endpoint URL */ deploy?: pulumi.Input; /** * Use this to override the default service endpoint URL */ detective?: pulumi.Input; /** * Use this to override the default service endpoint URL */ devicefarm?: pulumi.Input; /** * Use this to override the default service endpoint URL */ devopsguru?: pulumi.Input; /** * Use this to override the default service endpoint URL */ directconnect?: pulumi.Input; /** * Use this to override the default service endpoint URL */ directoryservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ dlm?: pulumi.Input; /** * Use this to override the default service endpoint URL */ dms?: pulumi.Input; /** * Use this to override the default service endpoint URL */ docdb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ docdbelastic?: pulumi.Input; /** * Use this to override the default service endpoint URL */ drs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ds?: pulumi.Input; /** * Use this to override the default service endpoint URL */ dynamodb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ec2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ecr?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ecrpublic?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ecs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ efs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ eks?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticache?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticbeanstalk?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticloadbalancing?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticloadbalancingv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticsearch?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elasticsearchservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elastictranscoder?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ elbv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ emr?: pulumi.Input; /** * Use this to override the default service endpoint URL */ emrcontainers?: pulumi.Input; /** * Use this to override the default service endpoint URL */ emrserverless?: pulumi.Input; /** * Use this to override the default service endpoint URL */ es?: pulumi.Input; /** * Use this to override the default service endpoint URL */ eventbridge?: pulumi.Input; /** * Use this to override the default service endpoint URL */ events?: pulumi.Input; /** * Use this to override the default service endpoint URL */ evidently?: pulumi.Input; /** * Use this to override the default service endpoint URL */ finspace?: pulumi.Input; /** * Use this to override the default service endpoint URL */ firehose?: pulumi.Input; /** * Use this to override the default service endpoint URL */ fis?: pulumi.Input; /** * Use this to override the default service endpoint URL */ fms?: pulumi.Input; /** * Use this to override the default service endpoint URL */ fsx?: pulumi.Input; /** * Use this to override the default service endpoint URL */ gamelift?: pulumi.Input; /** * Use this to override the default service endpoint URL */ glacier?: pulumi.Input; /** * Use this to override the default service endpoint URL */ globalaccelerator?: pulumi.Input; /** * Use this to override the default service endpoint URL */ glue?: pulumi.Input; /** * Use this to override the default service endpoint URL */ gluedatabrew?: pulumi.Input; /** * Use this to override the default service endpoint URL */ grafana?: pulumi.Input; /** * Use this to override the default service endpoint URL */ greengrass?: pulumi.Input; /** * Use this to override the default service endpoint URL */ groundstation?: pulumi.Input; /** * Use this to override the default service endpoint URL */ guardduty?: pulumi.Input; /** * Use this to override the default service endpoint URL */ healthlake?: pulumi.Input; /** * Use this to override the default service endpoint URL */ iam?: pulumi.Input; /** * Use this to override the default service endpoint URL */ identitystore?: pulumi.Input; /** * Use this to override the default service endpoint URL */ imagebuilder?: pulumi.Input; /** * Use this to override the default service endpoint URL */ inspector?: pulumi.Input; /** * Use this to override the default service endpoint URL */ inspector2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ inspectorv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ internetmonitor?: pulumi.Input; /** * Use this to override the default service endpoint URL */ iot?: pulumi.Input; /** * Use this to override the default service endpoint URL */ iotanalytics?: pulumi.Input; /** * Use this to override the default service endpoint URL */ iotevents?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ivs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ivschat?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kafka?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kafkaconnect?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kendra?: pulumi.Input; /** * Use this to override the default service endpoint URL */ keyspaces?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kinesis?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kinesisanalytics?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kinesisanalyticsv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kinesisvideo?: pulumi.Input; /** * Use this to override the default service endpoint URL */ kms?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lakeformation?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lambda?: pulumi.Input; /** * Use this to override the default service endpoint URL */ launchwizard?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lex?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lexmodelbuilding?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lexmodelbuildingservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lexmodels?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lexmodelsv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lexv2models?: pulumi.Input; /** * Use this to override the default service endpoint URL */ licensemanager?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lightsail?: pulumi.Input; /** * Use this to override the default service endpoint URL */ location?: pulumi.Input; /** * Use this to override the default service endpoint URL */ locationservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ logs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ lookoutmetrics?: pulumi.Input; /** * Use this to override the default service endpoint URL */ m2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ macie2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ managedgrafana?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mediaconnect?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mediaconvert?: pulumi.Input; /** * Use this to override the default service endpoint URL */ medialive?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mediapackage?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mediapackagev2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mediastore?: pulumi.Input; /** * Use this to override the default service endpoint URL */ memorydb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mq?: pulumi.Input; /** * Use this to override the default service endpoint URL */ msk?: pulumi.Input; /** * Use this to override the default service endpoint URL */ mwaa?: pulumi.Input; /** * Use this to override the default service endpoint URL */ neptune?: pulumi.Input; /** * Use this to override the default service endpoint URL */ neptunegraph?: pulumi.Input; /** * Use this to override the default service endpoint URL */ networkfirewall?: pulumi.Input; /** * Use this to override the default service endpoint URL */ networkmanager?: pulumi.Input; /** * Use this to override the default service endpoint URL */ networkmonitor?: pulumi.Input; /** * Use this to override the default service endpoint URL */ oam?: pulumi.Input; /** * Use this to override the default service endpoint URL */ opensearch?: pulumi.Input; /** * Use this to override the default service endpoint URL */ opensearchingestion?: pulumi.Input; /** * Use this to override the default service endpoint URL */ opensearchserverless?: pulumi.Input; /** * Use this to override the default service endpoint URL */ opensearchservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ opsworks?: pulumi.Input; /** * Use this to override the default service endpoint URL */ organizations?: pulumi.Input; /** * Use this to override the default service endpoint URL */ osis?: pulumi.Input; /** * Use this to override the default service endpoint URL */ outposts?: pulumi.Input; /** * Use this to override the default service endpoint URL */ paymentcryptography?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pcaconnectorad?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pcs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pinpoint?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pinpointsmsvoicev2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pipes?: pulumi.Input; /** * Use this to override the default service endpoint URL */ polly?: pulumi.Input; /** * Use this to override the default service endpoint URL */ pricing?: pulumi.Input; /** * Use this to override the default service endpoint URL */ prometheus?: pulumi.Input; /** * Use this to override the default service endpoint URL */ prometheusservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ qbusiness?: pulumi.Input; /** * Use this to override the default service endpoint URL */ qldb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ quicksight?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ram?: pulumi.Input; /** * Use this to override the default service endpoint URL */ rbin?: pulumi.Input; /** * Use this to override the default service endpoint URL */ rds?: pulumi.Input; /** * Use this to override the default service endpoint URL */ recyclebin?: pulumi.Input; /** * Use this to override the default service endpoint URL */ redshift?: pulumi.Input; /** * Use this to override the default service endpoint URL */ redshiftdata?: pulumi.Input; /** * Use this to override the default service endpoint URL */ redshiftdataapiservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ redshiftserverless?: pulumi.Input; /** * Use this to override the default service endpoint URL */ rekognition?: pulumi.Input; /** * Use this to override the default service endpoint URL */ resiliencehub?: pulumi.Input; /** * Use this to override the default service endpoint URL */ resourceexplorer2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ resourcegroups?: pulumi.Input; /** * Use this to override the default service endpoint URL */ resourcegroupstagging?: pulumi.Input; /** * Use this to override the default service endpoint URL */ resourcegroupstaggingapi?: pulumi.Input; /** * Use this to override the default service endpoint URL */ rolesanywhere?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53domains?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53profiles?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53recoverycontrolconfig?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53recoveryreadiness?: pulumi.Input; /** * Use this to override the default service endpoint URL */ route53resolver?: pulumi.Input; /** * Use this to override the default service endpoint URL */ rum?: pulumi.Input; /** * Use this to override the default service endpoint URL */ s3?: pulumi.Input; /** * Use this to override the default service endpoint URL */ s3api?: pulumi.Input; /** * Use this to override the default service endpoint URL */ s3control?: pulumi.Input; /** * Use this to override the default service endpoint URL */ s3outposts?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sagemaker?: pulumi.Input; /** * Use this to override the default service endpoint URL */ scheduler?: pulumi.Input; /** * Use this to override the default service endpoint URL */ schemas?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sdb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ secretsmanager?: pulumi.Input; /** * Use this to override the default service endpoint URL */ securityhub?: pulumi.Input; /** * Use this to override the default service endpoint URL */ securitylake?: pulumi.Input; /** * Use this to override the default service endpoint URL */ serverlessapplicationrepository?: pulumi.Input; /** * Use this to override the default service endpoint URL */ serverlessapprepo?: pulumi.Input; /** * Use this to override the default service endpoint URL */ serverlessrepo?: pulumi.Input; /** * Use this to override the default service endpoint URL */ servicecatalog?: pulumi.Input; /** * Use this to override the default service endpoint URL */ servicecatalogappregistry?: pulumi.Input; /** * Use this to override the default service endpoint URL */ servicediscovery?: pulumi.Input; /** * Use this to override the default service endpoint URL */ servicequotas?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ses?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sesv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sfn?: pulumi.Input; /** * Use this to override the default service endpoint URL */ shield?: pulumi.Input; /** * Use this to override the default service endpoint URL */ signer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ simpledb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sns?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sqs?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssm?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssmcontacts?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssmincidents?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssmquicksetup?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssmsap?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sso?: pulumi.Input; /** * Use this to override the default service endpoint URL */ ssoadmin?: pulumi.Input; /** * Use this to override the default service endpoint URL */ stepfunctions?: pulumi.Input; /** * Use this to override the default service endpoint URL */ storagegateway?: pulumi.Input; /** * Use this to override the default service endpoint URL */ sts?: pulumi.Input; /** * Use this to override the default service endpoint URL */ swf?: pulumi.Input; /** * Use this to override the default service endpoint URL */ synthetics?: pulumi.Input; /** * Use this to override the default service endpoint URL */ timestreaminfluxdb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ timestreamwrite?: pulumi.Input; /** * Use this to override the default service endpoint URL */ transcribe?: pulumi.Input; /** * Use this to override the default service endpoint URL */ transcribeservice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ transfer?: pulumi.Input; /** * Use this to override the default service endpoint URL */ verifiedpermissions?: pulumi.Input; /** * Use this to override the default service endpoint URL */ vpclattice?: pulumi.Input; /** * Use this to override the default service endpoint URL */ waf?: pulumi.Input; /** * Use this to override the default service endpoint URL */ wafregional?: pulumi.Input; /** * Use this to override the default service endpoint URL */ wafv2?: pulumi.Input; /** * Use this to override the default service endpoint URL */ wellarchitected?: pulumi.Input; /** * Use this to override the default service endpoint URL */ worklink?: pulumi.Input; /** * Use this to override the default service endpoint URL */ workspaces?: pulumi.Input; /** * Use this to override the default service endpoint URL */ workspacesweb?: pulumi.Input; /** * Use this to override the default service endpoint URL */ xray?: pulumi.Input; } export interface ProviderIgnoreTags { /** * Resource tag key prefixes to ignore across all resources. Can also be configured with the TF_AWS_IGNORE_TAGS_KEY_PREFIXES environment variable. */ keyPrefixes?: pulumi.Input[]>; /** * Resource tag keys to ignore across all resources. Can also be configured with the TF_AWS_IGNORE_TAGS_KEYS environment variable. */ keys?: pulumi.Input[]>; } export namespace accessanalyzer { export interface AnalyzerConfiguration { /** * A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below */ unusedAccess?: pulumi.Input; } export interface AnalyzerConfigurationUnusedAccess { /** * The specified access age in days for which to generate findings for unused access. */ unusedAccessAge?: pulumi.Input; } export interface ArchiveRuleFilter { /** * Contains comparator. */ contains?: pulumi.Input[]>; /** * Filter criteria. */ criteria: pulumi.Input; /** * Equals comparator. */ eqs?: pulumi.Input[]>; /** * Boolean comparator. */ exists?: pulumi.Input; /** * Not Equals comparator. */ neqs?: pulumi.Input[]>; } } export namespace acm { export interface CertificateDomainValidationOption { /** * Fully qualified domain name (FQDN) in the certificate. */ domainName?: pulumi.Input; /** * The name of the DNS record to create to validate the certificate */ resourceRecordName?: pulumi.Input; /** * The type of DNS record to create */ resourceRecordType?: pulumi.Input; /** * The value the DNS record needs to have */ resourceRecordValue?: pulumi.Input; } export interface CertificateOptions { /** * Whether certificate details should be added to a certificate transparency log. Valid values are `ENABLED` or `DISABLED`. See https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency for more details. */ certificateTransparencyLoggingPreference?: pulumi.Input; } export interface CertificateRenewalSummary { /** * The status of ACM's managed renewal of the certificate */ renewalStatus?: pulumi.Input; /** * The reason that a renewal request was unsuccessful or is pending */ renewalStatusReason?: pulumi.Input; updatedAt?: pulumi.Input; } export interface CertificateValidationOption { /** * Fully qualified domain name (FQDN) in the certificate. */ domainName: pulumi.Input; /** * Domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `domainName` value or a superdomain of the `domainName` value. For example, if you request a certificate for `"testing.example.com"`, you can specify `"example.com"` for this value. */ validationDomain: pulumi.Input; } } export namespace acmpca { export interface CertificateAuthorityCertificateAuthorityConfiguration { /** * Type of the public key algorithm and size, in bits, of the key pair that your key pair creates when it issues a certificate. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html). */ keyAlgorithm: pulumi.Input; /** * Name of the algorithm your private CA uses to sign certificate requests. Valid values can be found in the [ACM PCA Documentation](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthorityConfiguration.html). */ signingAlgorithm: pulumi.Input; /** * Nested argument that contains X.500 distinguished name information. At least one nested attribute must be specified. */ subject: pulumi.Input; } export interface CertificateAuthorityCertificateAuthorityConfigurationSubject { /** * Fully qualified domain name (FQDN) associated with the certificate subject. Must be less than or equal to 64 characters in length. */ commonName?: pulumi.Input; /** * Two digit code that specifies the country in which the certificate subject located. Must be less than or equal to 2 characters in length. */ country?: pulumi.Input; /** * Disambiguating information for the certificate subject. Must be less than or equal to 64 characters in length. */ distinguishedNameQualifier?: pulumi.Input; /** * Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. Must be less than or equal to 3 characters in length. */ generationQualifier?: pulumi.Input; /** * First name. Must be less than or equal to 16 characters in length. */ givenName?: pulumi.Input; /** * Concatenation that typically contains the first letter of the `givenName`, the first letter of the middle name if one exists, and the first letter of the `surname`. Must be less than or equal to 5 characters in length. */ initials?: pulumi.Input; /** * Locality (such as a city or town) in which the certificate subject is located. Must be less than or equal to 128 characters in length. */ locality?: pulumi.Input; /** * Legal name of the organization with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length. */ organization?: pulumi.Input; /** * Subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. Must be less than or equal to 64 characters in length. */ organizationalUnit?: pulumi.Input; /** * Typically a shortened version of a longer `givenName`. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. Must be less than or equal to 128 characters in length. */ pseudonym?: pulumi.Input; /** * State in which the subject of the certificate is located. Must be less than or equal to 128 characters in length. */ state?: pulumi.Input; /** * Family name. In the US and the UK for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. Must be less than or equal to 40 characters in length. */ surname?: pulumi.Input; /** * Title such as Mr. or Ms. which is pre-pended to the name to refer formally to the certificate subject. Must be less than or equal to 64 characters in length. */ title?: pulumi.Input; } export interface CertificateAuthorityRevocationConfiguration { /** * Nested argument containing configuration of the certificate revocation list (CRL), if any, maintained by the certificate authority. Defined below. */ crlConfiguration?: pulumi.Input; /** * Nested argument containing configuration of * the custom OCSP responder endpoint. Defined below. */ ocspConfiguration?: pulumi.Input; } export interface CertificateAuthorityRevocationConfigurationCrlConfiguration { /** * Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. Must be less than or equal to 253 characters in length. */ customCname?: pulumi.Input; /** * Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. Defaults to `false`. */ enabled?: pulumi.Input; /** * Number of days until a certificate expires. Must be between 1 and 5000. */ expirationInDays?: pulumi.Input; /** * Name of the S3 bucket that contains the CRL. If you do not provide a value for the `customCname` argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You must specify a bucket policy that allows ACM PCA to write the CRL to your bucket. Must be between 3 and 255 characters in length. */ s3BucketName?: pulumi.Input; /** * Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. Defaults to `PUBLIC_READ`. */ s3ObjectAcl?: pulumi.Input; } export interface CertificateAuthorityRevocationConfigurationOcspConfiguration { /** * Boolean value that specifies whether a custom OCSP responder is enabled. */ enabled: pulumi.Input; /** * CNAME specifying a customized OCSP domain. Note: The value of the CNAME must not include a protocol prefix such as "http://" or "https://". */ ocspCustomCname?: pulumi.Input; } export interface CertificateValidity { /** * Determines how `value` is interpreted. Valid values: `DAYS`, `MONTHS`, `YEARS`, `ABSOLUTE`, `END_DATE`. */ type: pulumi.Input; /** * If `type` is `DAYS`, `MONTHS`, or `YEARS`, the relative time until the certificate expires. If `type` is `ABSOLUTE`, the date in seconds since the Unix epoch. If `type` is `END_DATE`, the date in RFC 3339 format. */ value: pulumi.Input; } } export namespace alb { export interface ListenerDefaultAction { /** * Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. See below. */ authenticateCognito?: pulumi.Input; /** * Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. See below. */ authenticateOidc?: pulumi.Input; /** * Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. */ fixedResponse?: pulumi.Input; /** * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below. */ forward?: pulumi.Input; /** * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. */ order?: pulumi.Input; /** * Configuration block for creating a redirect action. Required if `type` is `redirect`. See below. */ redirect?: pulumi.Input; /** * ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match. */ targetGroupArn?: pulumi.Input; /** * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. * * The following arguments are optional: */ type: pulumi.Input; } export interface ListenerDefaultActionAuthenticateCognito { /** * Query parameters to include in the redirect request to the authorization endpoint. Max: 10. See below. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Behavior if the user is not authenticated. Valid values are `deny`, `allow` and `authenticate`. */ onUnauthenticatedRequest?: pulumi.Input; /** * Set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * Name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * Maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * ARN of the Cognito user pool. */ userPoolArn: pulumi.Input; /** * ID of the Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * Domain prefix or fully-qualified domain name of the Cognito user pool. * * The following arguments are optional: */ userPoolDomain: pulumi.Input; } export interface ListenerDefaultActionAuthenticateOidc { /** * Query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Authorization endpoint of the IdP. */ authorizationEndpoint: pulumi.Input; /** * OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * OAuth 2.0 client secret. */ clientSecret: pulumi.Input; /** * OIDC issuer identifier of the IdP. */ issuer: pulumi.Input; /** * Behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * Set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * Name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * Maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * Token endpoint of the IdP. */ tokenEndpoint: pulumi.Input; /** * User info endpoint of the IdP. * * The following arguments are optional: */ userInfoEndpoint: pulumi.Input; } export interface ListenerDefaultActionFixedResponse { /** * Content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`. * * The following arguments are optional: */ contentType: pulumi.Input; /** * Message body. */ messageBody?: pulumi.Input; /** * HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`. */ statusCode?: pulumi.Input; } export interface ListenerDefaultActionForward { /** * Configuration block for target group stickiness for the rule. See below. */ stickiness?: pulumi.Input; /** * Set of 1-5 target group blocks. See below. * * The following arguments are optional: */ targetGroups: pulumi.Input[]>; } export interface ListenerDefaultActionForwardStickiness { /** * Time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). * * The following arguments are optional: */ duration: pulumi.Input; /** * Whether target group stickiness is enabled. Default is `false`. */ enabled?: pulumi.Input; } export interface ListenerDefaultActionForwardTargetGroup { /** * ARN of the target group. * * The following arguments are optional: */ arn: pulumi.Input; /** * Weight. The range is 0 to 999. */ weight?: pulumi.Input; } export interface ListenerDefaultActionRedirect { /** * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. */ host?: pulumi.Input; /** * Absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`. */ path?: pulumi.Input; /** * Port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`. */ port?: pulumi.Input; /** * Protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`. */ protocol?: pulumi.Input; /** * Query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to `#{query}`. */ query?: pulumi.Input; /** * HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`). * * The following arguments are optional: */ statusCode: pulumi.Input; } export interface ListenerMutualAuthentication { /** * Whether client certificate expiry is ignored. Default is `false`. */ ignoreClientCertificateExpiry?: pulumi.Input; /** * Valid values are `off`, `verify` and `passthrough`. */ mode: pulumi.Input; /** * ARN of the elbv2 Trust Store. */ trustStoreArn?: pulumi.Input; } export interface ListenerRuleAction { /** * Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`. */ authenticateCognito?: pulumi.Input; /** * Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`. */ authenticateOidc?: pulumi.Input; /** * Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`. */ fixedResponse?: pulumi.Input; /** * Configuration block for creating an action that distributes requests among one or more target groups. * Specify only if `type` is `forward`. * Cannot be specified with `targetGroupArn`. */ forward?: pulumi.Input; /** * Order for the action. * The action with the lowest value for order is performed first. * Valid values are between `1` and `50000`. * Defaults to the position in the list of actions. */ order?: pulumi.Input; /** * Information for creating a redirect action. Required if `type` is `redirect`. */ redirect?: pulumi.Input; /** * ARN of the Target Group to which to route traffic. * Specify only if `type` is `forward` and you want to route to a single target group. * To route to one or more target groups, use a `forward` block instead. * Cannot be specified with `forward`. */ targetGroupArn?: pulumi.Input; /** * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. */ type: pulumi.Input; } export interface ListenerRuleActionAuthenticateCognito { /** * The query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * The ARN of the Cognito user pool. */ userPoolArn: pulumi.Input; /** * The ID of the Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * The domain prefix or fully-qualified domain name of the Cognito user pool. */ userPoolDomain: pulumi.Input; } export interface ListenerRuleActionAuthenticateOidc { /** * The query parameters to include in the redirect request to the authorization endpoint. Max: 10. */ authenticationRequestExtraParams?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The authorization endpoint of the IdP. */ authorizationEndpoint: pulumi.Input; /** * The OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * The OAuth 2.0 client secret. */ clientSecret: pulumi.Input; /** * The OIDC issuer identifier of the IdP. */ issuer: pulumi.Input; /** * The behavior if the user is not authenticated. Valid values: `deny`, `allow` and `authenticate` */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. */ sessionTimeout?: pulumi.Input; /** * The token endpoint of the IdP. */ tokenEndpoint: pulumi.Input; /** * The user info endpoint of the IdP. */ userInfoEndpoint: pulumi.Input; } export interface ListenerRuleActionFixedResponse { /** * The content type. Valid values are `text/plain`, `text/css`, `text/html`, `application/javascript` and `application/json`. */ contentType: pulumi.Input; /** * The message body. */ messageBody?: pulumi.Input; /** * The HTTP response code. Valid values are `2XX`, `4XX`, or `5XX`. */ statusCode?: pulumi.Input; } export interface ListenerRuleActionForward { /** * The target group stickiness for the rule. */ stickiness?: pulumi.Input; /** * One or more target group blocks. */ targetGroups: pulumi.Input[]>; } export interface ListenerRuleActionForwardStickiness { /** * The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). */ duration: pulumi.Input; /** * Indicates whether target group stickiness is enabled. */ enabled?: pulumi.Input; } export interface ListenerRuleActionForwardTargetGroup { /** * The Amazon Resource Name (ARN) of the target group. */ arn: pulumi.Input; /** * The weight. The range is 0 to 999. */ weight?: pulumi.Input; } export interface ListenerRuleActionRedirect { /** * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. */ host?: pulumi.Input; /** * The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. Defaults to `/#{path}`. */ path?: pulumi.Input; /** * The port. Specify a value from `1` to `65535` or `#{port}`. Defaults to `#{port}`. */ port?: pulumi.Input; /** * The protocol. Valid values are `HTTP`, `HTTPS`, or `#{protocol}`. Defaults to `#{protocol}`. */ protocol?: pulumi.Input; /** * The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?". Defaults to `#{query}`. */ query?: pulumi.Input; /** * The HTTP redirect code. The redirect is either permanent (`HTTP_301`) or temporary (`HTTP_302`). */ statusCode: pulumi.Input; } export interface ListenerRuleCondition { /** * Contains a single `values` item which is a list of host header patterns to match. The maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. */ hostHeader?: pulumi.Input; /** * HTTP headers to match. HTTP Header block fields documented below. */ httpHeader?: pulumi.Input; /** * Contains a single `values` item which is a list of HTTP request methods or verbs to match. Maximum size is 40 characters. Only allowed characters are A-Z, hyphen (-) and underscore (\_). Comparison is case sensitive. Wildcards are not supported. Only one needs to match for the condition to be satisfied. AWS recommends that GET and HEAD requests are routed in the same way because the response to a HEAD request may be cached. */ httpRequestMethod?: pulumi.Input; /** * Contains a single `values` item which is a list of path patterns to match against the request URL. Maximum size of each pattern is 128 characters. Comparison is case sensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). Only one pattern needs to match for the condition to be satisfied. Path pattern is compared only to the path of the URL, not to its query string. To compare against the query string, use a `queryString` condition. */ pathPattern?: pulumi.Input; /** * Query strings to match. Query String block fields documented below. */ queryStrings?: pulumi.Input[]>; /** * Contains a single `values` item which is a list of source IP CIDR notations to match. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. Condition is satisfied if the source IP address of the request matches one of the CIDR blocks. Condition is not satisfied by the addresses in the `X-Forwarded-For` header, use `httpHeader` condition instead. * * > **NOTE::** Exactly one of `hostHeader`, `httpHeader`, `httpRequestMethod`, `pathPattern`, `queryString` or `sourceIp` must be set per condition. */ sourceIp?: pulumi.Input; } export interface ListenerRuleConditionHostHeader { values: pulumi.Input[]>; } export interface ListenerRuleConditionHttpHeader { /** * Name of HTTP header to search. The maximum size is 40 characters. Comparison is case insensitive. Only RFC7240 characters are supported. Wildcards are not supported. You cannot use HTTP header condition to specify the host header, use a `host-header` condition instead. */ httpHeaderName: pulumi.Input; /** * List of header value patterns to match. Maximum size of each pattern is 128 characters. Comparison is case insensitive. Wildcard characters supported: * (matches 0 or more characters) and ? (matches exactly 1 character). If the same header appears multiple times in the request they will be searched in order until a match is found. Only one pattern needs to match for the condition to be satisfied. To require that all of the strings are a match, create one condition block per string. */ values: pulumi.Input[]>; } export interface ListenerRuleConditionHttpRequestMethod { values: pulumi.Input[]>; } export interface ListenerRuleConditionPathPattern { values: pulumi.Input[]>; } export interface ListenerRuleConditionQueryString { /** * Query string key pattern to match. */ key?: pulumi.Input; /** * Query string value pattern to match. */ value: pulumi.Input; } export interface ListenerRuleConditionSourceIp { values: pulumi.Input[]>; } export interface LoadBalancerAccessLogs { /** * S3 bucket name to store the logs in. */ bucket: pulumi.Input; /** * Boolean to enable / disable `accessLogs`. Defaults to `false`, even when `bucket` is specified. */ enabled?: pulumi.Input; /** * S3 bucket prefix. Logs are stored in the root if not configured. */ prefix?: pulumi.Input; } export interface LoadBalancerConnectionLogs { /** * S3 bucket name to store the logs in. */ bucket: pulumi.Input; /** * Boolean to enable / disable `connectionLogs`. Defaults to `false`, even when `bucket` is specified. */ enabled?: pulumi.Input; /** * S3 bucket prefix. Logs are stored in the root if not configured. */ prefix?: pulumi.Input; } export interface LoadBalancerSubnetMapping { /** * Allocation ID of the Elastic IP address for an internet-facing load balancer. */ allocationId?: pulumi.Input; /** * IPv6 address. You associate IPv6 CIDR blocks with your VPC and choose the subnets where you launch both internet-facing and internal Application Load Balancers or Network Load Balancers. */ ipv6Address?: pulumi.Input; outpostId?: pulumi.Input; /** * Private IPv4 address for an internal load balancer. */ privateIpv4Address?: pulumi.Input; /** * ID of the subnet of which to attach to the load balancer. You can specify only one subnet per Availability Zone. */ subnetId: pulumi.Input; } export interface TargetGroupHealthCheck { /** * Whether health checks are enabled. Defaults to `true`. */ enabled?: pulumi.Input; /** * Number of consecutive health check successes required before considering a target healthy. The range is 2-10. Defaults to 3. */ healthyThreshold?: pulumi.Input; /** * Approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. For `lambda` target groups, it needs to be greater than the timeout of the underlying `lambda`. Defaults to 30. */ interval?: pulumi.Input; /** * The HTTP or gRPC codes to use when checking for a successful response from a target. * The `health_check.protocol` must be one of `HTTP` or `HTTPS` or the `targetType` must be `lambda`. * Values can be comma-separated individual values (e.g., "200,202") or a range of values (e.g., "200-299"). * * For gRPC-based target groups (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocolVersion` is `GRPC`), values can be between `0` and `99`. The default is `12`. * * When used with an Application Load Balancer (i.e., the `protocol` is one of `HTTP` or `HTTPS` and the `protocolVersion` is not `GRPC`), values can be between `200` and `499`. The default is `200`. * * When used with a Network Load Balancer (i.e., the `protocol` is one of `TCP`, `TCP_UDP`, `UDP`, or `TLS`), values can be between `200` and `599`. The default is `200-399`. * * When the `targetType` is `lambda`, values can be between `200` and `499`. The default is `200`. */ matcher?: pulumi.Input; /** * Destination for the health check request. Required for HTTP/HTTPS ALB and HTTP NLB. Only applies to HTTP/HTTPS. * * For HTTP and HTTPS health checks, the default is `/`. * * For gRPC health checks, the default is `/Amazon Web Services.ALB/healthcheck`. */ path?: pulumi.Input; /** * The port the load balancer uses when performing health checks on targets. * Valid values are either `traffic-port`, to use the same port as the target group, or a valid port number between `1` and `65536`. * Default is `traffic-port`. */ port?: pulumi.Input; /** * Protocol the load balancer uses when performing health checks on targets. * Must be one of `TCP`, `HTTP`, or `HTTPS`. * The `TCP` protocol is not supported for health checks if the protocol of the target group is `HTTP` or `HTTPS`. * Default is `HTTP`. * Cannot be specified when the `targetType` is `lambda`. */ protocol?: pulumi.Input; /** * Amount of time, in seconds, during which no response from a target means a failed health check. The range is 2–120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is lambda, the default is 30 seconds. */ timeout?: pulumi.Input; /** * Number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. Defaults to 3. */ unhealthyThreshold?: pulumi.Input; } export interface TargetGroupStickiness { /** * Only used when the type is `lbCookie`. The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds). */ cookieDuration?: pulumi.Input; /** * Name of the application based cookie. AWSALB, AWSALBAPP, and AWSALBTG prefixes are reserved and cannot be used. Only needed when type is `appCookie`. */ cookieName?: pulumi.Input; /** * Boolean to enable / disable `stickiness`. Default is `true`. */ enabled?: pulumi.Input; /** * The type of sticky sessions. The only current possible values are `lbCookie`, `appCookie` for ALBs, `sourceIp` for NLBs, and `sourceIpDestIp`, `sourceIpDestIpProto` for GWLBs. */ type: pulumi.Input; } export interface TargetGroupTargetFailover { /** * Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `noRebalance`. Must match the attribute value set for `onUnhealthy`. Default: `noRebalance`. */ onDeregistration: pulumi.Input; /** * Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `noRebalance`. Must match the attribute value set for `onDeregistration`. Default: `noRebalance`. */ onUnhealthy: pulumi.Input; } export interface TargetGroupTargetGroupHealth { /** * Block to configure DNS Failover requirements. See DNS Failover below for details on attributes. */ dnsFailover?: pulumi.Input; /** * Block to configure Unhealthy State Routing requirements. See Unhealthy State Routing below for details on attributes. */ unhealthyStateRouting?: pulumi.Input; } export interface TargetGroupTargetGroupHealthDnsFailover { /** * The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to the maximum number of targets. The default is `off`. */ minimumHealthyTargetsCount?: pulumi.Input; /** * The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from `1` to `100`. The default is `off`. */ minimumHealthyTargetsPercentage?: pulumi.Input; } export interface TargetGroupTargetGroupHealthUnhealthyStateRouting { /** * The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `1` to the maximum number of targets. The default is `1`. */ minimumHealthyTargetsCount?: pulumi.Input; /** * The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from `1` to `100`. The default is `off`. */ minimumHealthyTargetsPercentage?: pulumi.Input; } export interface TargetGroupTargetHealthState { /** * Indicates whether the load balancer terminates connections to unhealthy targets. Possible values are `true` or `false`. Default: `true`. */ enableUnhealthyConnectionTermination: pulumi.Input; /** * Indicates the time to wait for in-flight requests to complete when a target becomes unhealthy. The range is `0-360000`. This value has to be set only if `enableUnhealthyConnectionTermination` is set to false. Default: `0`. */ unhealthyDrainingInterval?: pulumi.Input; } } export namespace amp { export interface ScraperDestination { /** * Configuration block for an Amazon Managed Prometheus workspace destination. See `amp`. */ amp?: pulumi.Input; } export interface ScraperDestinationAmp { /** * The Amazon Resource Name (ARN) of the prometheus workspace. */ workspaceArn: pulumi.Input; } export interface ScraperSource { /** * Configuration block for an EKS cluster source. See `eks`. */ eks?: pulumi.Input; } export interface ScraperSourceEks { clusterArn: pulumi.Input; /** * List of the security group IDs for the Amazon EKS cluster VPC configuration. */ securityGroupIds?: pulumi.Input[]>; /** * List of subnet IDs. Must be in at least two different availability zones. */ subnetIds: pulumi.Input[]>; } export interface ScraperTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface WorkspaceLoggingConfiguration { /** * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. */ logGroupArn: pulumi.Input; } } export namespace amplify { export interface AppAutoBranchCreationConfig { /** * Basic authorization credentials for the autocreated branch. */ basicAuthCredentials?: pulumi.Input; /** * Build specification (build spec) for the autocreated branch. */ buildSpec?: pulumi.Input; /** * Enables auto building for the autocreated branch. */ enableAutoBuild?: pulumi.Input; /** * Enables basic authorization for the autocreated branch. */ enableBasicAuth?: pulumi.Input; /** * Enables performance mode for the branch. */ enablePerformanceMode?: pulumi.Input; /** * Enables pull request previews for the autocreated branch. */ enablePullRequestPreview?: pulumi.Input; /** * Environment variables for the autocreated branch. */ environmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Framework for the autocreated branch. */ framework?: pulumi.Input; /** * Amplify environment name for the pull request. */ pullRequestEnvironmentName?: pulumi.Input; /** * Describes the current stage for the autocreated branch. Valid values: `PRODUCTION`, `BETA`, `DEVELOPMENT`, `EXPERIMENTAL`, `PULL_REQUEST`. */ stage?: pulumi.Input; } export interface AppCacheConfig { /** * Type of cache configuration to use for an Amplify app. Valid values: `AMPLIFY_MANAGED`, `AMPLIFY_MANAGED_NO_COOKIES`. */ type: pulumi.Input; } export interface AppCustomRule { /** * Condition for a URL rewrite or redirect rule, such as a country code. */ condition?: pulumi.Input; /** * Source pattern for a URL rewrite or redirect rule. */ source: pulumi.Input; /** * Status code for a URL rewrite or redirect rule. Valid values: `200`, `301`, `302`, `404`, `404-200`. */ status?: pulumi.Input; /** * Target pattern for a URL rewrite or redirect rule. */ target: pulumi.Input; } export interface AppProductionBranch { /** * Branch name for the production branch. */ branchName?: pulumi.Input; /** * Last deploy time of the production branch. */ lastDeployTime?: pulumi.Input; /** * Status of the production branch. */ status?: pulumi.Input; /** * Thumbnail URL for the production branch. */ thumbnailUrl?: pulumi.Input; } export interface DomainAssociationCertificateSettings { /** * DNS records for certificate verification in a space-delimited format (` CNAME `). */ certificateVerificationDnsRecord?: pulumi.Input; /** * The Amazon resource name (ARN) for the custom certificate. */ customCertificateArn?: pulumi.Input; /** * The certificate type. Valid values are `AMPLIFY_MANAGED` and `CUSTOM`. */ type: pulumi.Input; } export interface DomainAssociationSubDomain { /** * Branch name setting for the subdomain. */ branchName: pulumi.Input; /** * DNS record for the subdomain in a space-prefixed and space-delimited format (` CNAME `). */ dnsRecord?: pulumi.Input; /** * Prefix setting for the subdomain. */ prefix: pulumi.Input; /** * Verified status of the subdomain. */ verified?: pulumi.Input; } } export namespace apigateway { export interface AccountThrottleSetting { /** * Absolute maximum number of times API Gateway allows the API to be called per second (RPS). */ burstLimit?: pulumi.Input; /** * Number of times API Gateway allows the API to be called per second on average (RPS). */ rateLimit?: pulumi.Input; } export interface DeploymentCanarySettings { /** * Percentage (0.0-100.0) of traffic routed to the canary deployment. */ percentTraffic?: pulumi.Input; /** * Stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values. */ stageVariableOverrides?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Boolean flag to indicate whether the canary release deployment uses the stage cache or not. */ useStageCache?: pulumi.Input; } export interface DocumentationPartLocation { /** * HTTP verb of a method. The default value is `*` for any method. */ method?: pulumi.Input; /** * Name of the targeted API entity. */ name?: pulumi.Input; /** * URL path of the target. The default value is `/` for the root resource. */ path?: pulumi.Input; /** * HTTP status code of a response. The default value is `*` for any status code. */ statusCode?: pulumi.Input; /** * Type of API entity to which the documentation content appliesE.g., `API`, `METHOD` or `REQUEST_BODY` */ type: pulumi.Input; } export interface DomainNameEndpointConfiguration { /** * List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE` or `REGIONAL`. If unspecified, defaults to `EDGE`. Must be declared as `REGIONAL` in non-Commercial partitions. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs. */ types: pulumi.Input; } export interface DomainNameMutualTlsAuthentication { /** * Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. */ truststoreUri: pulumi.Input; /** * Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } export interface IntegrationTlsConfig { /** * Whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a [supported certificate authority](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-supported-certificate-authorities-for-http-endpoints.html). This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate's expiration date, hostname, and presence of a root certificate authority. Supported only for `HTTP` and `HTTP_PROXY` integrations. */ insecureSkipVerification?: pulumi.Input; } export interface MethodSettingsSettings { /** * Whether the cached responses are encrypted. */ cacheDataEncrypted?: pulumi.Input; /** * Time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached. */ cacheTtlInSeconds?: pulumi.Input; /** * Whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached. */ cachingEnabled?: pulumi.Input; /** * Whether data trace logging is enabled for this method, which effects the log entries pushed to Amazon CloudWatch Logs. */ dataTraceEnabled?: pulumi.Input; /** * Logging level for this method, which effects the log entries pushed to Amazon CloudWatch Logs. The available levels are `OFF`, `ERROR`, and `INFO`. */ loggingLevel?: pulumi.Input; /** * Whether Amazon CloudWatch metrics are enabled for this method. */ metricsEnabled?: pulumi.Input; /** * Whether authorization is required for a cache invalidation request. */ requireAuthorizationForCacheControl?: pulumi.Input; /** * Throttling burst limit. Default: `-1` (throttling disabled). */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit. Default: `-1` (throttling disabled). */ throttlingRateLimit?: pulumi.Input; /** * How to handle unauthorized requests for cache invalidation. The available values are `FAIL_WITH_403`, `SUCCEED_WITH_RESPONSE_HEADER`, `SUCCEED_WITHOUT_RESPONSE_HEADER`. */ unauthorizedCacheControlHeaderStrategy?: pulumi.Input; } export interface RestApiEndpointConfiguration { /** * List of endpoint types. This resource currently only supports managing a single value. Valid values: `EDGE`, `REGIONAL` or `PRIVATE`. If unspecified, defaults to `EDGE`. If set to `PRIVATE` recommend to set `putRestApiMode` = `merge` to not cause the endpoints and associated Route53 records to be deleted. Refer to the [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/create-regional-api.html) for more information on the difference between edge-optimized and regional APIs. */ types: pulumi.Input; /** * Set of VPC Endpoint identifiers. It is only supported for `PRIVATE` endpoint type. If importing an OpenAPI specification via the `body` argument, this corresponds to the [`x-amazon-apigateway-endpoint-configuration` extension `vpcEndpointIds` property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html). If the argument value is provided and is different than the OpenAPI value, **the argument value will override the OpenAPI value**. */ vpcEndpointIds?: pulumi.Input[]>; } export interface StageAccessLogSettings { /** * ARN of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-`. Automatically removes trailing `:*` if present. */ destinationArn: pulumi.Input; /** * Formatting and values recorded in the logs. * For more information on configuring the log format rules visit the AWS [documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html) */ format: pulumi.Input; } export interface StageCanarySettings { /** * ID of the deployment that the canary points to. */ deploymentId: pulumi.Input; /** * Percent `0.0` - `100.0` of traffic to divert to the canary deployment. */ percentTraffic?: pulumi.Input; /** * Map of overridden stage `variables` (including new variables) for the canary deployment. */ stageVariableOverrides?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Whether the canary deployment uses the stage cache. Defaults to false. */ useStageCache?: pulumi.Input; } export interface UsagePlanApiStage { /** * API Id of the associated API stage in a usage plan. */ apiId: pulumi.Input; /** * API stage name of the associated API stage in a usage plan. */ stage: pulumi.Input; /** * The throttling limits of the usage plan. */ throttles?: pulumi.Input[]>; } export interface UsagePlanApiStageThrottle { /** * The API request burst limit, the maximum rate limit over a time ranging from one to a few seconds, depending upon whether the underlying token bucket is at its full capacity. */ burstLimit?: pulumi.Input; /** * Method to apply the throttle settings for. Specfiy the path and method, for example `/test/GET`. */ path: pulumi.Input; /** * The API request steady-state rate limit. */ rateLimit?: pulumi.Input; } export interface UsagePlanQuotaSettings { /** * Maximum number of requests that can be made in a given time period. */ limit: pulumi.Input; /** * Number of requests subtracted from the given limit in the initial time period. */ offset?: pulumi.Input; /** * Time period in which the limit applies. Valid values are "DAY", "WEEK" or "MONTH". */ period: pulumi.Input; } export interface UsagePlanThrottleSettings { burstLimit?: pulumi.Input; rateLimit?: pulumi.Input; } } export namespace apigatewayv2 { export interface ApiCorsConfiguration { /** * Whether credentials are included in the CORS request. */ allowCredentials?: pulumi.Input; /** * Set of allowed HTTP headers. */ allowHeaders?: pulumi.Input[]>; /** * Set of allowed HTTP methods. */ allowMethods?: pulumi.Input[]>; /** * Set of allowed origins. */ allowOrigins?: pulumi.Input[]>; /** * Set of exposed HTTP headers. */ exposeHeaders?: pulumi.Input[]>; /** * Number of seconds that the browser should cache preflight request results. */ maxAge?: pulumi.Input; } export interface AuthorizerJwtConfiguration { /** * List of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. */ audiences?: pulumi.Input[]>; /** * Base domain of the identity provider that issues JSON Web Tokens, such as the `endpoint` attribute of the `aws.cognito.UserPool` resource. */ issuer?: pulumi.Input; } export interface DomainNameDomainNameConfiguration { /** * ARN of an AWS-managed certificate that will be used by the endpoint for the domain name. AWS Certificate Manager is the only supported source. Use the `aws.acm.Certificate` resource to configure an ACM certificate. */ certificateArn: pulumi.Input; /** * Endpoint type. Valid values: `REGIONAL`. */ endpointType: pulumi.Input; /** * Amazon Route 53 Hosted Zone ID of the endpoint. */ hostedZoneId?: pulumi.Input; /** * ARN of the AWS-issued certificate used to validate custom domain ownership (when `certificateArn` is issued via an ACM Private CA or `mutualTlsAuthentication` is configured with an ACM-imported certificate.) */ ownershipVerificationCertificateArn?: pulumi.Input; /** * Transport Layer Security (TLS) version of the [security policy](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html) for the domain name. Valid values: `TLS_1_2`. */ securityPolicy: pulumi.Input; /** * Target domain name. */ targetDomainName?: pulumi.Input; } export interface DomainNameMutualTlsAuthentication { /** * Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3://bucket-name/key-name`. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. */ truststoreUri: pulumi.Input; /** * Version of the S3 object that contains the truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } export interface IntegrationResponseParameter { /** * Key-value map. The key of this map identifies the location of the request parameter to change, and how to change it. The corresponding value specifies the new data for the parameter. * See the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) for details. */ mappings: pulumi.Input<{[key: string]: pulumi.Input}>; /** * HTTP status code in the range 200-599. */ statusCode: pulumi.Input; } export interface IntegrationTlsConfig { /** * If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting. */ serverNameToVerify?: pulumi.Input; } export interface RouteRequestParameter { /** * Request parameter key. This is a [request data mapping parameter](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-data-mapping.html#websocket-mapping-request-parameters). */ requestParameterKey: pulumi.Input; /** * Boolean whether or not the parameter is required. */ required: pulumi.Input; } export interface StageAccessLogSettings { /** * ARN of the CloudWatch Logs log group to receive access logs. Any trailing `:*` is trimmed from the ARN. */ destinationArn: pulumi.Input; /** * Single line [format](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html#apigateway-cloudwatch-log-formats) of the access logs of data. Refer to log settings for [HTTP](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-logging-variables.html) or [Websocket](https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-logging.html). */ format: pulumi.Input; } export interface StageDefaultRouteSettings { /** * Whether data trace logging is enabled for the default route. Affects the log entries pushed to Amazon CloudWatch Logs. * Defaults to `false`. Supported only for WebSocket APIs. */ dataTraceEnabled?: pulumi.Input; /** * Whether detailed metrics are enabled for the default route. Defaults to `false`. */ detailedMetricsEnabled?: pulumi.Input; /** * Logging level for the default route. Affects the log entries pushed to Amazon CloudWatch Logs. * Valid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration. */ loggingLevel?: pulumi.Input; /** * Throttling burst limit for the default route. */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit for the default route. */ throttlingRateLimit?: pulumi.Input; } export interface StageRouteSetting { /** * Whether data trace logging is enabled for the route. Affects the log entries pushed to Amazon CloudWatch Logs. * Defaults to `false`. Supported only for WebSocket APIs. */ dataTraceEnabled?: pulumi.Input; /** * Whether detailed metrics are enabled for the route. Defaults to `false`. */ detailedMetricsEnabled?: pulumi.Input; /** * Logging level for the route. Affects the log entries pushed to Amazon CloudWatch Logs. * Valid values: `ERROR`, `INFO`, `OFF`. Defaults to `OFF`. Supported only for WebSocket APIs. This provider will only perform drift detection of its value when present in a configuration. */ loggingLevel?: pulumi.Input; /** * Route key. */ routeKey: pulumi.Input; /** * Throttling burst limit for the route. */ throttlingBurstLimit?: pulumi.Input; /** * Throttling rate limit for the route. */ throttlingRateLimit?: pulumi.Input; } } export namespace appautoscaling { export interface PolicyStepScalingPolicyConfiguration { /** * Whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are `ChangeInCapacity`, `ExactCapacity`, and `PercentChangeInCapacity`. */ adjustmentType?: pulumi.Input; /** * Amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start. */ cooldown?: pulumi.Input; /** * Aggregation type for the policy's metrics. Valid values are "Minimum", "Maximum", and "Average". Without a value, AWS will treat the aggregation type as "Average". */ metricAggregationType?: pulumi.Input; /** * Minimum number to adjust your scalable dimension as a result of a scaling activity. If the adjustment type is PercentChangeInCapacity, the scaling policy changes the scalable dimension of the scalable target by this amount. */ minAdjustmentMagnitude?: pulumi.Input; /** * Set of adjustments that manage scaling. These have the following structure: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const ecsPolicy = new aws.appautoscaling.Policy("ecs_policy", {stepScalingPolicyConfiguration: { * stepAdjustments: [ * { * metricIntervalLowerBound: "1", * metricIntervalUpperBound: "2", * scalingAdjustment: -1, * }, * { * metricIntervalLowerBound: "2", * metricIntervalUpperBound: "3", * scalingAdjustment: 1, * }, * ], * }}); * ``` */ stepAdjustments?: pulumi.Input[]>; } export interface PolicyStepScalingPolicyConfigurationStepAdjustment { /** * Lower bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as negative infinity. */ metricIntervalLowerBound?: pulumi.Input; /** * Upper bound for the difference between the alarm threshold and the CloudWatch metric. Without a value, AWS will treat this bound as infinity. The upper bound must be greater than the lower bound. */ metricIntervalUpperBound?: pulumi.Input; /** * Number of members by which to scale, when the adjustment bounds are breached. A positive value scales up. A negative value scales down. */ scalingAdjustment: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfiguration { /** * Custom CloudWatch metric. Documentation can be found at: [AWS Customized Metric Specification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_CustomizedMetricSpecification.html). See supported fields below. */ customizedMetricSpecification?: pulumi.Input; /** * Whether scale in by the target tracking policy is disabled. If the value is true, scale in is disabled and the target tracking policy won't remove capacity from the scalable resource. Otherwise, scale in is enabled and the target tracking policy can remove capacity from the scalable resource. The default value is `false`. */ disableScaleIn?: pulumi.Input; /** * Predefined metric. See supported fields below. */ predefinedMetricSpecification?: pulumi.Input; /** * Amount of time, in seconds, after a scale in activity completes before another scale in activity can start. */ scaleInCooldown?: pulumi.Input; /** * Amount of time, in seconds, after a scale out activity completes before another scale out activity can start. */ scaleOutCooldown?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecification { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName?: pulumi.Input; /** * Metrics to include, as a metric data query. */ metrics?: pulumi.Input[]>; /** * Namespace of the metric. */ namespace?: pulumi.Input; /** * Statistic of the metric. Valid values: `Average`, `Minimum`, `Maximum`, `SampleCount`, and `Sum`. */ statistic?: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetric { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in target tracking scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingScalingPolicyConfigurationPredefinedMetricSpecification { /** * Metric type. */ predefinedMetricType: pulumi.Input; /** * Reserved for future use if the `predefinedMetricType` is not `ALBRequestCountPerTarget`. If the `predefinedMetricType` is `ALBRequestCountPerTarget`, you must specify this argument. Documentation can be found at: [AWS Predefined Scaling Metric Specification](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html). Must be less than or equal to 1023 characters in length. */ resourceLabel?: pulumi.Input; } export interface ScheduledActionScalableTargetAction { /** * Maximum capacity. At least one of `maxCapacity` or `minCapacity` must be set. */ maxCapacity?: pulumi.Input; /** * Minimum capacity. At least one of `minCapacity` or `maxCapacity` must be set. */ minCapacity?: pulumi.Input; } export interface TargetSuspendedState { /** * Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Default is `false`. */ dynamicScalingInSuspended?: pulumi.Input; /** * Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Default is `false`. */ dynamicScalingOutSuspended?: pulumi.Input; /** * Whether scheduled scaling is suspended. Default is `false`. */ scheduledScalingSuspended?: pulumi.Input; } } export namespace appconfig { export interface ConfigurationProfileValidator { /** * Either the JSON Schema content or the ARN of an AWS Lambda function. */ content?: pulumi.Input; /** * Type of validator. Valid values: `JSON_SCHEMA` and `LAMBDA`. */ type: pulumi.Input; } export interface EnvironmentMonitor { /** * ARN of the Amazon CloudWatch alarm. */ alarmArn: pulumi.Input; /** * ARN of an IAM role for AWS AppConfig to monitor `alarmArn`. */ alarmRoleArn?: pulumi.Input; } export interface EventIntegrationEventFilter { /** * Source of the events. */ source: pulumi.Input; } export interface ExtensionActionPoint { /** * An action defines the tasks the extension performs during the AppConfig workflow. Detailed below. */ actions: pulumi.Input[]>; /** * The point at which to perform the defined actions. Valid points are `PRE_CREATE_HOSTED_CONFIGURATION_VERSION`, `PRE_START_DEPLOYMENT`, `ON_DEPLOYMENT_START`, `ON_DEPLOYMENT_STEP`, `ON_DEPLOYMENT_BAKING`, `ON_DEPLOYMENT_COMPLETE`, `ON_DEPLOYMENT_ROLLED_BACK`. */ point: pulumi.Input; } export interface ExtensionActionPointAction { /** * Information about the action. */ description?: pulumi.Input; /** * The action name. */ name: pulumi.Input; /** * An Amazon Resource Name (ARN) for an Identity and Access Management assume role. */ roleArn?: pulumi.Input; /** * The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus. */ uri: pulumi.Input; } export interface ExtensionParameter { /** * Information about the parameter. */ description?: pulumi.Input; /** * The parameter name. */ name: pulumi.Input; /** * Determines if a parameter value must be specified in the extension association. */ required?: pulumi.Input; } } export namespace appfabric { export interface AppAuthorizationConnectionAuthRequest { /** * The authorization code returned by the application after permission is granted in the application OAuth page (after clicking on the AuthURL).. */ code: pulumi.Input; /** * The redirect URL that is specified in the AuthURL and the application client. */ redirectUri: pulumi.Input; } export interface AppAuthorizationConnectionTenant { tenantDisplayName: pulumi.Input; tenantIdentifier: pulumi.Input; } export interface AppAuthorizationConnectionTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface AppAuthorizationCredential { /** * Contains API key credential information. */ apiKeyCredentials?: pulumi.Input[]>; /** * Contains OAuth2 client credential information. */ oauth2Credential?: pulumi.Input; } export interface AppAuthorizationCredentialApiKeyCredential { /** * Contains API key credential information. */ apiKey: pulumi.Input; } export interface AppAuthorizationCredentialOauth2Credential { /** * The client ID of the client application. */ clientId: pulumi.Input; /** * The client secret of the client application. */ clientSecret: pulumi.Input; } export interface AppAuthorizationTenant { /** * The display name of the tenant. */ tenantDisplayName: pulumi.Input; /** * The ID of the application tenant. */ tenantIdentifier: pulumi.Input; } export interface AppAuthorizationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface IngestionDestinationDestinationConfiguration { /** * Contains information about an audit log processing configuration. */ auditLog?: pulumi.Input; } export interface IngestionDestinationDestinationConfigurationAuditLog { /** * Contains information about an audit log destination. Only one destination (Firehose Stream) or (S3 Bucket) can be specified. */ destination?: pulumi.Input; } export interface IngestionDestinationDestinationConfigurationAuditLogDestination { /** * Contains information about an Amazon Data Firehose delivery stream. */ firehoseStream?: pulumi.Input; /** * Contains information about an Amazon S3 bucket. */ s3Bucket?: pulumi.Input; } export interface IngestionDestinationDestinationConfigurationAuditLogDestinationFirehoseStream { streamName: pulumi.Input; } export interface IngestionDestinationDestinationConfigurationAuditLogDestinationS3Bucket { bucketName: pulumi.Input; /** * The object key to use. */ prefix?: pulumi.Input; } export interface IngestionDestinationProcessingConfiguration { /** * Contains information about an audit log processing configuration. */ auditLog?: pulumi.Input; } export interface IngestionDestinationProcessingConfigurationAuditLog { /** * The format in which the audit logs need to be formatted. Valid values: `json`, `parquet`. */ format: pulumi.Input; /** * The event schema in which the audit logs need to be formatted. Valid values: `ocsf`, `raw`. */ schema: pulumi.Input; } export interface IngestionDestinationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace appflow { export interface ConnectorProfileConnectorProfileConfig { /** * The connector-specific credentials required by each connector. See Connector Profile Credentials for more details. */ connectorProfileCredentials: pulumi.Input; /** * The connector-specific properties of the profile configuration. See Connector Profile Properties for more details. */ connectorProfileProperties: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentials { /** * The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details. */ amplitude?: pulumi.Input; /** * The connector-specific profile credentials required when using the custom connector. See Custom Connector Profile Credentials for more details. */ customConnector?: pulumi.Input; /** * Connector-specific credentials required when using Datadog. See Datadog Connector Profile Credentials for more details. */ datadog?: pulumi.Input; /** * The connector-specific credentials required when using Dynatrace. See Dynatrace Connector Profile Credentials for more details. */ dynatrace?: pulumi.Input; /** * The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details. */ googleAnalytics?: pulumi.Input; /** * The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details. */ honeycode?: pulumi.Input; /** * The connector-specific credentials required when using Infor Nexus. See Infor Nexus Connector Profile Credentials for more details. */ inforNexus?: pulumi.Input; /** * Connector-specific credentials required when using Marketo. See Marketo Connector Profile Credentials for more details. */ marketo?: pulumi.Input; /** * Connector-specific credentials required when using Amazon Redshift. See Redshift Connector Profile Credentials for more details. */ redshift?: pulumi.Input; /** * The connector-specific credentials required when using Salesforce. See Salesforce Connector Profile Credentials for more details. */ salesforce?: pulumi.Input; /** * The connector-specific credentials required when using SAPOData. See SAPOData Connector Profile Credentials for more details. */ sapoData?: pulumi.Input; /** * The connector-specific credentials required when using ServiceNow. See ServiceNow Connector Profile Credentials for more details. */ serviceNow?: pulumi.Input; /** * Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details. */ singular?: pulumi.Input; /** * Connector-specific credentials required when using Slack. See Slack Connector Profile Credentials for more details. */ slack?: pulumi.Input; /** * The connector-specific credentials required when using Snowflake. See Snowflake Connector Profile Credentials for more details. */ snowflake?: pulumi.Input; /** * The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details. */ trendmicro?: pulumi.Input; /** * Connector-specific credentials required when using Veeva. See Veeva Connector Profile Credentials for more details. */ veeva?: pulumi.Input; /** * Connector-specific credentials required when using Zendesk. See Zendesk Connector Profile Credentials for more details. */ zendesk?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsAmplitude { apiKey: pulumi.Input; /** * The Secret Access Key portion of the credentials. */ secretKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnector { apiKey?: pulumi.Input; /** * The authentication type that the custom connector uses for authenticating while creating a connector profile. One of: `APIKEY`, `BASIC`, `CUSTOM`, `OAUTH2`. */ authenticationType: pulumi.Input; /** * Basic credentials that are required for the authentication of the user. */ basic?: pulumi.Input; /** * If the connector uses the custom authentication mechanism, this holds the required credentials. */ custom?: pulumi.Input; /** * OAuth 2.0 credentials required for the authentication of the user. */ oauth2?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorApiKey { apiKey: pulumi.Input; apiSecretKey?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorBasic { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorCustom { /** * A map that holds custom authentication credentials. */ credentialsMap?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The custom authentication type that the connector uses. */ customAuthenticationType: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2 { accessToken?: pulumi.Input; clientId?: pulumi.Input; clientSecret?: pulumi.Input; oauthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsCustomConnectorOauth2OauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDatadog { apiKey: pulumi.Input; /** * Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. */ applicationKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsDynatrace { /** * The API tokens used by Dynatrace API to authenticate various API calls. */ apiToken: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalytics { accessToken?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; oauthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsGoogleAnalyticsOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycode { accessToken?: pulumi.Input; oauthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsHoneycodeOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsInforNexus { /** * The Access Key portion of the credentials. */ accessKeyId: pulumi.Input; /** * Encryption keys used to encrypt data. */ datakey: pulumi.Input; /** * The secret key used to sign requests. */ secretAccessKey: pulumi.Input; /** * Identifier for the user. */ userId: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketo { accessToken?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsMarketoOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshift { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforce { accessToken?: pulumi.Input; /** * The secret manager ARN, which contains the client ID and client secret of the connected app. */ clientCredentialsArn?: pulumi.Input; /** * A JSON web token (JWT) that authorizes access to Salesforce records. */ jwtToken?: pulumi.Input; oauth2GrantType?: pulumi.Input; oauthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSalesforceOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoData { /** * The SAPOData basic authentication credentials. */ basicAuthCredentials?: pulumi.Input; /** * The SAPOData OAuth type authentication credentials. */ oauthCredentials?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataBasicAuthCredentials { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentials { accessToken?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; oauthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSapoDataOauthCredentialsOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsServiceNow { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSingular { apiKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlack { accessToken?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSlackOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsSnowflake { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsTrendmicro { apiSecretKey: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsVeeva { password: pulumi.Input; username: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendesk { accessToken?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; oauthRequest?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsZendeskOauthRequest { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been granted. */ redirectUri?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfileProperties { /** * The connector-specific credentials required when using Amplitude. See Amplitude Connector Profile Credentials for more details. */ amplitude?: pulumi.Input; /** * The connector-specific profile properties required when using the custom connector. See Custom Connector Profile Properties for more details. */ customConnector?: pulumi.Input; /** * Connector-specific properties required when using Datadog. See Generic Connector Profile Properties for more details. */ datadog?: pulumi.Input; /** * The connector-specific properties required when using Dynatrace. See Generic Connector Profile Properties for more details. */ dynatrace?: pulumi.Input; /** * The connector-specific credentials required when using Google Analytics. See Google Analytics Connector Profile Credentials for more details. */ googleAnalytics?: pulumi.Input; /** * The connector-specific credentials required when using Amazon Honeycode. See Honeycode Connector Profile Credentials for more details. */ honeycode?: pulumi.Input; /** * The connector-specific properties required when using Infor Nexus. See Generic Connector Profile Properties for more details. */ inforNexus?: pulumi.Input; /** * Connector-specific properties required when using Marketo. See Generic Connector Profile Properties for more details. */ marketo?: pulumi.Input; /** * Connector-specific properties required when using Amazon Redshift. See Redshift Connector Profile Properties for more details. */ redshift?: pulumi.Input; /** * The connector-specific properties required when using Salesforce. See Salesforce Connector Profile Properties for more details. */ salesforce?: pulumi.Input; /** * The connector-specific properties required when using SAPOData. See SAPOData Connector Profile Properties for more details. */ sapoData?: pulumi.Input; /** * The connector-specific properties required when using ServiceNow. See Generic Connector Profile Properties for more details. */ serviceNow?: pulumi.Input; /** * Connector-specific credentials required when using Singular. See Singular Connector Profile Credentials for more details. */ singular?: pulumi.Input; /** * Connector-specific properties required when using Slack. See Generic Connector Profile Properties for more details. */ slack?: pulumi.Input; /** * The connector-specific properties required when using Snowflake. See Snowflake Connector Profile Properties for more details. */ snowflake?: pulumi.Input; /** * The connector-specific credentials required when using Trend Micro. See Trend Micro Connector Profile Credentials for more details. */ trendmicro?: pulumi.Input; /** * Connector-specific properties required when using Veeva. See Generic Connector Profile Properties for more details. */ veeva?: pulumi.Input; /** * Connector-specific properties required when using Zendesk. See Generic Connector Profile Properties for more details. */ zendesk?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesAmplitude { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnector { /** * The OAuth 2.0 properties required for OAuth 2.0 authentication. */ oauth2Properties?: pulumi.Input; /** * A map of properties that are required to create a profile for the custom connector. */ profileProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesCustomConnectorOauth2Properties { oauth2GrantType: pulumi.Input; tokenUrl: pulumi.Input; /** * Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request. */ tokenUrlCustomProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDatadog { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesDynatrace { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesGoogleAnalytics { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesHoneycode { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesInforNexus { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesMarketo { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshift { bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; /** * The unique ID that's assigned to an Amazon Redshift cluster. */ clusterIdentifier?: pulumi.Input; /** * ARN of the IAM role that permits AppFlow to access the database through Data API. */ dataApiRoleArn?: pulumi.Input; /** * The name of an Amazon Redshift database. */ databaseName?: pulumi.Input; /** * The JDBC URL of the Amazon Redshift cluster. */ databaseUrl?: pulumi.Input; /** * ARN of the IAM role. */ roleArn: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSalesforce { instanceUrl?: pulumi.Input; /** * Indicates whether the connector profile applies to a sandbox or production environment. */ isSandboxEnvironment?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoData { /** * The location of the SAPOData resource. */ applicationHostUrl: pulumi.Input; /** * The application path to catalog service. */ applicationServicePath: pulumi.Input; /** * The client number for the client creating the connection. */ clientNumber: pulumi.Input; /** * The logon language of SAPOData instance. */ logonLanguage?: pulumi.Input; /** * The SAPOData OAuth properties required for OAuth type authentication. */ oauthProperties?: pulumi.Input; /** * The port number of the SAPOData instance. */ portNumber: pulumi.Input; privateLinkServiceName?: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSapoDataOauthProperties { /** * The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication. */ authCodeUrl: pulumi.Input; /** * The OAuth scopes required for OAuth type authentication. */ oauthScopes: pulumi.Input[]>; tokenUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesServiceNow { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSingular { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSlack { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesSnowflake { /** * The name of the account. */ accountName?: pulumi.Input; bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; privateLinkServiceName?: pulumi.Input; /** * AWS Region of the Snowflake account. */ region?: pulumi.Input; /** * Name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: `..`. */ stage: pulumi.Input; /** * The name of the Snowflake warehouse. */ warehouse: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesTrendmicro { } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesVeeva { instanceUrl: pulumi.Input; } export interface ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesZendesk { instanceUrl: pulumi.Input; } export interface FlowDestinationFlowConfig { /** * API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of the connector profile. This name must be unique for each connector profile in the AWS account. */ connectorProfileName?: pulumi.Input; /** * Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`. */ connectorType: pulumi.Input; /** * This stores the information that is required to query a particular connector. See Destination Connector Properties for more information. */ destinationConnectorProperties: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorProperties { /** * Properties that are required to query the custom Connector. See Custom Connector Destination Properties for more details. */ customConnector?: pulumi.Input; /** * Properties that are required to query Amazon Connect Customer Profiles. See Customer Profiles Destination Properties for more details. */ customerProfiles?: pulumi.Input; /** * Properties that are required to query Amazon EventBridge. See Generic Destination Properties for more details. */ eventBridge?: pulumi.Input; /** * Properties that are required to query Amazon Honeycode. See Generic Destination Properties for more details. */ honeycode?: pulumi.Input; lookoutMetrics?: pulumi.Input; /** * Properties that are required to query Marketo. See Generic Destination Properties for more details. */ marketo?: pulumi.Input; /** * Properties that are required to query Amazon Redshift. See Redshift Destination Properties for more details. */ redshift?: pulumi.Input; /** * Properties that are required to query Amazon S3. See S3 Destination Properties for more details. */ s3?: pulumi.Input; /** * Properties that are required to query Salesforce. See Salesforce Destination Properties for more details. */ salesforce?: pulumi.Input; /** * Properties that are required to query SAPOData. See SAPOData Destination Properties for more details. */ sapoData?: pulumi.Input; /** * Properties that are required to query Snowflake. See Snowflake Destination Properties for more details. */ snowflake?: pulumi.Input; /** * Properties that are required to query Upsolver. See Upsolver Destination Properties for more details. */ upsolver?: pulumi.Input; /** * Properties that are required to query Zendesk. See Zendesk Destination Properties for more details. */ zendesk?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnector { customProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; entityName: pulumi.Input; errorHandlingConfig?: pulumi.Input; idFieldNames?: pulumi.Input[]>; writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomConnectorErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesCustomerProfiles { /** * Unique name of the Amazon Connect Customer Profiles domain. */ domainName: pulumi.Input; /** * Object specified in the Amazon Connect Customer Profiles flow destination. */ objectTypeName?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridge { errorHandlingConfig?: pulumi.Input; object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesEventBridgeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycode { errorHandlingConfig?: pulumi.Input; object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesHoneycodeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesLookoutMetrics { } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesMarketo { errorHandlingConfig?: pulumi.Input; object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesMarketoErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesRedshift { bucketPrefix?: pulumi.Input; errorHandlingConfig?: pulumi.Input; intermediateBucketName: pulumi.Input; object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesRedshiftErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3 { bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; s3OutputFormatConfig?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfig { /** * Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details. */ aggregationConfig?: pulumi.Input; /** * File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. */ fileType?: pulumi.Input; /** * Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details. */ prefixConfig?: pulumi.Input; /** * Whether the data types from the source system need to be preserved (Only valid for `Parquet` file type) */ preserveSourceDataTyping?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigAggregationConfig { /** * Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. */ aggregationType?: pulumi.Input; /** * The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. Integer value. */ targetFileSize?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesS3S3OutputFormatConfigPrefixConfig { /** * Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. */ prefixFormat?: pulumi.Input; /** * Determines whether the destination file path includes either or both of the selected elements. Valid values are `EXECUTION_ID` and `SCHEMA_VERSION` */ prefixHierarchies?: pulumi.Input[]>; /** * Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. */ prefixType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforce { errorHandlingConfig?: pulumi.Input; idFieldNames?: pulumi.Input[]>; object: pulumi.Input; writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSalesforceErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoData { errorHandlingConfig?: pulumi.Input; idFieldNames?: pulumi.Input[]>; objectPath: pulumi.Input; /** * Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. See Success Response Handling Config for more details. */ successResponseHandlingConfig?: pulumi.Input; writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSapoDataSuccessResponseHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflake { bucketPrefix?: pulumi.Input; errorHandlingConfig?: pulumi.Input; intermediateBucketName: pulumi.Input; object: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesSnowflakeErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolver { bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; s3OutputFormatConfig: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfig { /** * Aggregation settings that you can use to customize the output format of your flow data. See Aggregation Config for more details. */ aggregationConfig?: pulumi.Input; /** * File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. */ fileType?: pulumi.Input; /** * Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See Prefix Config for more details. */ prefixConfig: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigAggregationConfig { /** * Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. */ aggregationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesUpsolverS3OutputFormatConfigPrefixConfig { /** * Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. */ prefixFormat?: pulumi.Input; /** * Determines whether the destination file path includes either or both of the selected elements. Valid values are `EXECUTION_ID` and `SCHEMA_VERSION` */ prefixHierarchies?: pulumi.Input[]>; /** * Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. */ prefixType: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesZendesk { errorHandlingConfig?: pulumi.Input; idFieldNames?: pulumi.Input[]>; object: pulumi.Input; writeOperationType?: pulumi.Input; } export interface FlowDestinationFlowConfigDestinationConnectorPropertiesZendeskErrorHandlingConfig { /** * Name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * If the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstDestinationError?: pulumi.Input; } export interface FlowMetadataCatalogConfig { glueDataCatalog?: pulumi.Input; } export interface FlowMetadataCatalogConfigGlueDataCatalog { /** * The name of an existing Glue database to store the metadata tables that Amazon AppFlow creates. */ databaseName: pulumi.Input; /** * The ARN of an IAM role that grants AppFlow the permissions it needs to create Data Catalog tables, databases, and partitions. */ roleArn: pulumi.Input; /** * A naming prefix for each Data Catalog table that Amazon AppFlow creates */ tablePrefix: pulumi.Input; } export interface FlowSourceFlowConfig { /** * API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of the connector profile. This name must be unique for each connector profile in the AWS account. */ connectorProfileName?: pulumi.Input; /** * Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `Salesforce`, `Singular`, `Slack`, `Redshift`, `S3`, `Marketo`, `Googleanalytics`, `Zendesk`, `Servicenow`, `Datadog`, `Trendmicro`, `Snowflake`, `Dynatrace`, `Infornexus`, `Amplitude`, `Veeva`, `EventBridge`, `LookoutMetrics`, `Upsolver`, `Honeycode`, `CustomerProfiles`, `SAPOData`, and `CustomConnector`. */ connectorType: pulumi.Input; /** * Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. See Incremental Pull Config for more details. */ incrementalPullConfig?: pulumi.Input; /** * Information that is required to query a particular source connector. See Source Connector Properties for details. */ sourceConnectorProperties: pulumi.Input; } export interface FlowSourceFlowConfigIncrementalPullConfig { /** * Field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. */ datetimeTypeFieldName?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorProperties { /** * Information that is required for querying Amplitude. See Generic Source Properties for more details. */ amplitude?: pulumi.Input; /** * Properties that are applied when the custom connector is being used as a source. See Custom Connector Source Properties. */ customConnector?: pulumi.Input; /** * Information that is required for querying Datadog. See Generic Source Properties for more details. */ datadog?: pulumi.Input; /** * Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ dynatrace?: pulumi.Input; /** * Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`. */ googleAnalytics?: pulumi.Input; /** * Information that is required for querying Infor Nexus. See Generic Source Properties for more details. */ inforNexus?: pulumi.Input; /** * Information that is required for querying Marketo. See Generic Source Properties for more details. */ marketo?: pulumi.Input; /** * Information that is required for querying Amazon S3. See S3 Source Properties for more details. */ s3?: pulumi.Input; /** * Information that is required for querying Salesforce. See Salesforce Source Properties for more details. */ salesforce?: pulumi.Input; /** * Information that is required for querying SAPOData as a flow source. See SAPO Source Properties for more details. */ sapoData?: pulumi.Input; /** * Information that is required for querying ServiceNow. See Generic Source Properties for more details. */ serviceNow?: pulumi.Input; /** * Information that is required for querying Singular. See Generic Source Properties for more details. */ singular?: pulumi.Input; /** * Information that is required for querying Slack. See Generic Source Properties for more details. */ slack?: pulumi.Input; /** * Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ trendmicro?: pulumi.Input; /** * Information that is required for querying Veeva. See Veeva Source Properties for more details. */ veeva?: pulumi.Input; /** * Information that is required for querying Zendesk. See Generic Source Properties for more details. */ zendesk?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesAmplitude { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesCustomConnector { customProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; entityName: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesDatadog { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesDynatrace { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesGoogleAnalytics { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesInforNexus { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesMarketo { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesS3 { bucketName: pulumi.Input; bucketPrefix: pulumi.Input; /** * When you use Amazon S3 as the source, the configuration format that you provide the flow input data. See S3 Input Format Config for details. */ s3InputFormatConfig?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesS3S3InputFormatConfig { /** * File type that Amazon AppFlow gets from your Amazon S3 bucket. Valid values are `CSV` and `JSON`. */ s3InputFileType?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSalesforce { /** * Flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow. */ enableDynamicFieldUpdate?: pulumi.Input; /** * Whether Amazon AppFlow includes deleted files in the flow run. */ includeDeletedRecords?: pulumi.Input; object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSapoData { objectPath: pulumi.Input; /** * Sets the page size for each concurrent process that transfers OData records from your SAP instance. */ paginationConfig?: pulumi.Input; /** * Sets the number of concurrent processes that transfers OData records from your SAP instance. */ parallelismConfig?: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSapoDataPaginationConfig { /** * he maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. */ maxPageSize: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSapoDataParallelismConfig { /** * he maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. */ maxPageSize: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesServiceNow { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSingular { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesSlack { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesTrendmicro { object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesVeeva { /** * Document type specified in the Veeva document extract flow. */ documentType?: pulumi.Input; /** * Boolean value to include All Versions of files in Veeva document extract flow. */ includeAllVersions?: pulumi.Input; /** * Boolean value to include file renditions in Veeva document extract flow. */ includeRenditions?: pulumi.Input; /** * Boolean value to include source files in Veeva document extract flow. */ includeSourceFiles?: pulumi.Input; object: pulumi.Input; } export interface FlowSourceFlowConfigSourceConnectorPropertiesZendesk { object: pulumi.Input; } export interface FlowTask { /** * Operation to be performed on the provided source fields. See Connector Operator for details. */ connectorOperators?: pulumi.Input[]>; /** * Field in a destination connector, or a field value against which Amazon AppFlow validates a source field. */ destinationField?: pulumi.Input; /** * Source fields to which a particular task is applied. */ sourceFields?: pulumi.Input[]>; /** * Map used to store task-related information. The execution service looks for particular information based on the `TaskType`. Valid keys are `VALUE`, `VALUES`, `DATA_TYPE`, `UPPER_BOUND`, `LOWER_BOUND`, `SOURCE_DATA_TYPE`, `DESTINATION_DATA_TYPE`, `VALIDATION_ACTION`, `MASK_VALUE`, `MASK_LENGTH`, `TRUNCATE_LENGTH`, `MATH_OPERATION_FIELDS_ORDER`, `CONCAT_FORMAT`, `SUBFIELD_CATEGORY_MAP`, and `EXCLUDE_SOURCE_FIELDS_LIST`. */ taskProperties?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Particular task implementation that Amazon AppFlow performs. Valid values are `Arithmetic`, `Filter`, `Map`, `Map_all`, `Mask`, `Merge`, `Passthrough`, `Truncate`, and `Validate`. */ taskType: pulumi.Input; } export interface FlowTaskConnectorOperator { /** * Operation to be performed on the provided Amplitude source fields. The only valid value is `BETWEEN`. */ amplitude?: pulumi.Input; /** * Operators supported by the custom connector. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ customConnector?: pulumi.Input; /** * Operation to be performed on the provided Datadog source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ datadog?: pulumi.Input; /** * Operation to be performed on the provided Dynatrace source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ dynatrace?: pulumi.Input; /** * Operation to be performed on the provided Google Analytics source fields. Valid values are `PROJECTION` and `BETWEEN`. */ googleAnalytics?: pulumi.Input; /** * Operation to be performed on the provided Infor Nexus source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ inforNexus?: pulumi.Input; /** * Operation to be performed on the provided Marketo source fields. Valid values are `PROJECTION`, `BETWEEN`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ marketo?: pulumi.Input; /** * Operation to be performed on the provided Amazon S3 source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ s3?: pulumi.Input; /** * Operation to be performed on the provided Salesforce source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ salesforce?: pulumi.Input; /** * Operation to be performed on the provided SAPOData source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ sapoData?: pulumi.Input; /** * Operation to be performed on the provided ServiceNow source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ serviceNow?: pulumi.Input; /** * Operation to be performed on the provided Singular source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ singular?: pulumi.Input; /** * Operation to be performed on the provided Slack source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ slack?: pulumi.Input; /** * Operation to be performed on the provided Trend Micro source fields. Valid values are `PROJECTION`, `EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ trendmicro?: pulumi.Input; /** * Operation to be performed on the provided Veeva source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ veeva?: pulumi.Input; /** * Operation to be performed on the provided Zendesk source fields. Valid values are `PROJECTION`, `GREATER_THAN`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. */ zendesk?: pulumi.Input; } export interface FlowTriggerConfig { /** * Configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type. See Scheduled Trigger Properties for details. */ triggerProperties?: pulumi.Input; /** * Type of flow trigger. Valid values are `Scheduled`, `Event`, and `OnDemand`. */ triggerType: pulumi.Input; } export interface FlowTriggerConfigTriggerProperties { scheduled?: pulumi.Input; } export interface FlowTriggerConfigTriggerPropertiesScheduled { /** * Whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. Valid values are `Incremental` and `Complete`. */ dataPullMode?: pulumi.Input; /** * Date range for the records to import from the connector in the first flow run. Must be a valid RFC3339 timestamp. */ firstExecutionFrom?: pulumi.Input; /** * Scheduled end time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. */ scheduleEndTime?: pulumi.Input; /** * Scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)`. */ scheduleExpression: pulumi.Input; /** * Optional offset that is added to the time interval for a schedule-triggered flow. Maximum value of 36000. */ scheduleOffset?: pulumi.Input; /** * Scheduled start time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. */ scheduleStartTime?: pulumi.Input; /** * Time zone used when referring to the date and time of a scheduled-triggered flow, such as `America/New_York`. */ timezone?: pulumi.Input; } } export namespace appintegrations { export interface DataIntegrationScheduleConfig { /** * The start date for objects to import in the first flow run as an Unix/epoch timestamp in milliseconds or in ISO-8601 format. This needs to be a time in the past, meaning that the data created or updated before this given date will not be downloaded. */ firstExecutionFrom: pulumi.Input; /** * The name of the object to pull from the data source. Examples of objects in Salesforce include `Case`, `Account`, or `Lead`. */ object: pulumi.Input; /** * How often the data should be pulled from data source. Examples include `rate(1 hour)`, `rate(3 hours)`, `rate(1 day)`. */ scheduleExpression: pulumi.Input; } } export namespace appmesh { export interface GatewayRouteSpec { /** * Specification of a gRPC gateway route. */ grpcRoute?: pulumi.Input; /** * Specification of an HTTP/2 gateway route. */ http2Route?: pulumi.Input; /** * Specification of an HTTP gateway route. */ httpRoute?: pulumi.Input; /** * Priority for the gateway route, between `0` and `1000`. */ priority?: pulumi.Input; } export interface GatewayRouteSpecGrpcRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteAction { /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecGrpcRouteMatch { /** * The port number to match from the request. */ port?: pulumi.Input; /** * Fully qualified domain name for the service to match from the request. */ serviceName: pulumi.Input; } export interface GatewayRouteSpecHttp2Route { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteAction { /** * Gateway route action to rewrite. */ rewrite?: pulumi.Input; /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewrite { /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewriteHostname { /** * Default target host name to write to. Valid values: `ENABLED`, `DISABLED`. */ defaultTargetHostname: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewritePath { /** * The exact path to match on. */ exact: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionRewritePrefix { /** * Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`. */ defaultPrefix?: pulumi.Input; /** * Value used to replace the incoming route prefix when rewritten. */ value?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Host name to match on. */ hostname?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Path to match requests with. This parameter must always start with `/`, which by itself matches all requests to the virtual service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; } export interface GatewayRouteSpecHttp2RouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHeaderMatch { /** * Header value sent by the client must match the specified value exactly. */ exact?: pulumi.Input; /** * Header value sent by the client must begin with the specified characters. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchHostname { /** * Exact host name to match on. */ exact?: pulumi.Input; /** * Specified ending characters of the host name to match on. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttp2RouteMatchQueryParameterMatch { /** * The exact query parameter to match on. */ exact?: pulumi.Input; } export interface GatewayRouteSpecHttpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining a request match. */ match: pulumi.Input; } export interface GatewayRouteSpecHttpRouteAction { /** * Gateway route action to rewrite. */ rewrite?: pulumi.Input; /** * Target that traffic is routed to when a request matches the gateway route. */ target: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewrite { /** * Host name to rewrite. */ hostname?: pulumi.Input; /** * Exact path to rewrite. */ path?: pulumi.Input; /** * Specified beginning characters to rewrite. */ prefix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewriteHostname { /** * Default target host name to write to. Valid values: `ENABLED`, `DISABLED`. */ defaultTargetHostname: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewritePath { /** * The exact path to match on. */ exact: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionRewritePrefix { /** * Default prefix used to replace the incoming route prefix when rewritten. Valid values: `ENABLED`, `DISABLED`. */ defaultPrefix?: pulumi.Input; /** * Value used to replace the incoming route prefix when rewritten. */ value?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionTarget { /** * The port number that corresponds to the target for Virtual Service provider port. This is required when the provider (router or node) of the Virtual Service has multiple listeners. */ port?: pulumi.Input; /** * Virtual service gateway route target. */ virtualService: pulumi.Input; } export interface GatewayRouteSpecHttpRouteActionTargetVirtualService { /** * Name of the virtual service that traffic is routed to. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Host name to match on. */ hostname?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Path to match requests with. This parameter must always start with `/`, which by itself matches all requests to the virtual service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; } export interface GatewayRouteSpecHttpRouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHeaderMatch { /** * Header value sent by the client must match the specified value exactly. */ exact?: pulumi.Input; /** * Header value sent by the client must begin with the specified characters. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchHostname { /** * Exact host name to match on. */ exact?: pulumi.Input; /** * Specified ending characters of the host name to match on. */ suffix?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface GatewayRouteSpecHttpRouteMatchQueryParameterMatch { /** * The exact query parameter to match on. */ exact?: pulumi.Input; } export interface MeshSpec { /** * Egress filter rules for the service mesh. */ egressFilter?: pulumi.Input; /** * The service discovery information for the service mesh. */ serviceDiscovery?: pulumi.Input; } export interface MeshSpecEgressFilter { /** * Egress filter type. By default, the type is `DROP_ALL`. Valid values are `ALLOW_ALL` and `DROP_ALL`. */ type?: pulumi.Input; } export interface MeshSpecServiceDiscovery { /** * The IP version to use to control traffic within the mesh. Valid values are `IPv6_PREFERRED`, `IPv4_PREFERRED`, `IPv4_ONLY`, and `IPv6_ONLY`. */ ipPreference?: pulumi.Input; } export interface RouteSpec { /** * GRPC routing information for the route. */ grpcRoute?: pulumi.Input; /** * HTTP/2 routing information for the route. */ http2Route?: pulumi.Input; /** * HTTP routing information for the route. */ httpRoute?: pulumi.Input; /** * Priority for the route, between `0` and `1000`. * Routes are matched based on the specified value, where `0` is the highest priority. */ priority?: pulumi.Input; /** * TCP routing information for the route. */ tcpRoute?: pulumi.Input; } export interface RouteSpecGrpcRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an gRPC request match. */ match?: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecGrpcRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecGrpcRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecGrpcRouteMatch { /** * Data to match from the gRPC request. */ metadatas?: pulumi.Input[]>; /** * Method name to match from the request. If you specify a name, you must also specify a `serviceName`. */ methodName?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; prefix?: pulumi.Input; /** * Fully qualified domain name for the service to match from the request. */ serviceName?: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadata { /** * If `true`, the match is on the opposite of the `match` criteria. Default is `false`. */ invert?: pulumi.Input; /** * Data to match from the request. */ match?: pulumi.Input; /** * Name of the route. Must be between 1 and 50 characters in length. */ name: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadataMatch { /** * Value sent by the client must match the specified value exactly. Must be between 1 and 255 characters in length. */ exact?: pulumi.Input; /** * Value sent by the client must begin with the specified characters. Must be between 1 and 255 characters in length. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the value sent by the client must be included in. */ range?: pulumi.Input; /** * Value sent by the client must include the specified characters. Must be between 1 and 255 characters in length. */ regex?: pulumi.Input; /** * Value sent by the client must end with the specified characters. Must be between 1 and 255 characters in length. */ suffix?: pulumi.Input; } export interface RouteSpecGrpcRouteMatchMetadataMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecGrpcRouteRetryPolicy { /** * List of gRPC retry events. * Valid values: `cancelled`, `deadline-exceeded`, `internal`, `resource-exhausted`, `unavailable`. */ grpcRetryEvents?: pulumi.Input[]>; /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecGrpcRouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecGrpcRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecGrpcRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecGrpcRouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttp2Route { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an HTTP request match. */ match: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecHttp2RouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecHttp2RouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecHttp2RouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. */ method?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Path with which to match requests. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; /** * Client request header scheme to match on. Valid values: `http`, `https`. */ scheme?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeaderMatch { /** * Header value sent by the client must match the specified value exactly. */ exact?: pulumi.Input; /** * Header value sent by the client must begin with the specified characters. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecHttp2RouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface RouteSpecHttp2RouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttp2RouteMatchQueryParameterMatch { /** * The exact query parameter to match on. */ exact?: pulumi.Input; } export interface RouteSpecHttp2RouteRetryPolicy { /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. * * You must specify at least one value for `httpRetryEvents`, or at least one value for `tcpRetryEvents`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecHttp2RouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecHttp2RouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecHttp2RouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttp2RouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; /** * Criteria for determining an HTTP request match. */ match: pulumi.Input; /** * Retry policy. */ retryPolicy?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecHttpRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecHttpRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecHttpRouteMatch { /** * Client request headers to match on. */ headers?: pulumi.Input[]>; /** * Client request header method to match on. Valid values: `GET`, `HEAD`, `POST`, `PUT`, `DELETE`, `CONNECT`, `OPTIONS`, `TRACE`, `PATCH`. */ method?: pulumi.Input; /** * Client request path to match on. */ path?: pulumi.Input; /** * The port number to match from the request. */ port?: pulumi.Input; /** * Path with which to match requests. * This parameter must always start with /, which by itself matches all requests to the virtual router service name. */ prefix?: pulumi.Input; /** * Client request query parameters to match on. */ queryParameters?: pulumi.Input[]>; /** * Client request header scheme to match on. Valid values: `http`, `https`. */ scheme?: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeader { /** * If `true`, the match is on the opposite of the `match` method and value. Default is `false`. */ invert?: pulumi.Input; /** * Method and value to match the header value sent with a request. Specify one match method. */ match?: pulumi.Input; /** * Name for the HTTP header in the client request that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeaderMatch { /** * Header value sent by the client must match the specified value exactly. */ exact?: pulumi.Input; /** * Header value sent by the client must begin with the specified characters. */ prefix?: pulumi.Input; /** * Object that specifies the range of numbers that the header value sent by the client must be included in. */ range?: pulumi.Input; /** * Header value sent by the client must include the specified characters. */ regex?: pulumi.Input; /** * Header value sent by the client must end with the specified characters. */ suffix?: pulumi.Input; } export interface RouteSpecHttpRouteMatchHeaderMatchRange { /** * End of the range. */ end: pulumi.Input; /** * Start of the range. */ start: pulumi.Input; } export interface RouteSpecHttpRouteMatchPath { /** * The exact path to match on. */ exact?: pulumi.Input; /** * The regex used to match the path. */ regex?: pulumi.Input; } export interface RouteSpecHttpRouteMatchQueryParameter { /** * The query parameter to match on. */ match?: pulumi.Input; /** * Name for the query parameter that will be matched on. */ name: pulumi.Input; } export interface RouteSpecHttpRouteMatchQueryParameterMatch { /** * The exact query parameter to match on. */ exact?: pulumi.Input; } export interface RouteSpecHttpRouteRetryPolicy { /** * List of HTTP retry events. * Valid values: `client-error` (HTTP status code 409), `gateway-error` (HTTP status codes 502, 503, and 504), `server-error` (HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511), `stream-error` (retry on refused stream). */ httpRetryEvents?: pulumi.Input[]>; /** * Maximum number of retries. */ maxRetries: pulumi.Input; /** * Per-retry timeout. */ perRetryTimeout: pulumi.Input; /** * List of TCP retry events. The only valid value is `connection-error`. * * You must specify at least one value for `httpRetryEvents`, or at least one value for `tcpRetryEvents`. */ tcpRetryEvents?: pulumi.Input[]>; } export interface RouteSpecHttpRouteRetryPolicyPerRetryTimeout { /** * Retry unit. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Retry value. */ value: pulumi.Input; } export interface RouteSpecHttpRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface RouteSpecHttpRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecHttpRouteTimeoutPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface RouteSpecTcpRoute { /** * Action to take if a match is determined. */ action: pulumi.Input; match?: pulumi.Input; /** * Types of timeouts. */ timeout?: pulumi.Input; } export interface RouteSpecTcpRouteAction { /** * Targets that traffic is routed to when a request matches the route. * You can specify one or more targets and their relative weights with which to distribute traffic. */ weightedTargets: pulumi.Input[]>; } export interface RouteSpecTcpRouteActionWeightedTarget { /** * The targeted port of the weighted object. */ port?: pulumi.Input; /** * Virtual node to associate with the weighted target. Must be between 1 and 255 characters in length. */ virtualNode: pulumi.Input; /** * Relative weight of the weighted target. An integer between 0 and 100. */ weight: pulumi.Input; } export interface RouteSpecTcpRouteMatch { port?: pulumi.Input; } export interface RouteSpecTcpRouteTimeout { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; } export interface RouteSpecTcpRouteTimeoutIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualGatewaySpec { /** * Defaults for backends. */ backendDefaults?: pulumi.Input; /** * Listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener. */ listeners: pulumi.Input[]>; /** * Inbound and outbound access logging information for the virtual gateway. */ logging?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaults { /** * Default client policy for virtual gateway backends. */ clientPolicy?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidation { /** * SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualGatewaySpecBackendDefaultsClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecListener { /** * Connection pool information for the listener. */ connectionPool?: pulumi.Input; /** * Health check information for the listener. */ healthCheck?: pulumi.Input; /** * Port mapping information for the listener. */ portMapping: pulumi.Input; /** * Transport Layer Security (TLS) properties for the listener */ tls?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPool { /** * Connection pool information for gRPC listeners. */ grpc?: pulumi.Input; /** * Connection pool information for HTTP listeners. */ http?: pulumi.Input; /** * Connection pool information for HTTP2 listeners. */ http2?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolGrpc { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolHttp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; /** * Number of overflowing requests after `maxConnections` Envoy will queue to upstream cluster. Minimum value of `1`. */ maxPendingRequests?: pulumi.Input; } export interface VirtualGatewaySpecListenerConnectionPoolHttp2 { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualGatewaySpecListenerHealthCheck { /** * Number of consecutive successful health checks that must occur before declaring listener healthy. */ healthyThreshold: pulumi.Input; /** * Time period in milliseconds between each health check execution. */ intervalMillis: pulumi.Input; /** * Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`. */ path?: pulumi.Input; /** * Destination port for the health check request. This port must match the port defined in the `portMapping` for the listener. */ port?: pulumi.Input; /** * Protocol for the health check request. Valid values are `http`, `http2`, and `grpc`. */ protocol: pulumi.Input; /** * Amount of time to wait when receiving a response from the health check, in milliseconds. */ timeoutMillis: pulumi.Input; /** * Number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy. */ unhealthyThreshold: pulumi.Input; } export interface VirtualGatewaySpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualGatewaySpecListenerTls { /** * Listener's TLS certificate. */ certificate: pulumi.Input; /** * Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`. */ mode: pulumi.Input; /** * Listener's Transport Layer Security (TLS) validation context. */ validation?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificate { /** * An AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateAcm { /** * ARN for the certificate. */ certificateArn: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsCertificateSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidation { /** * SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualGatewaySpecListenerTlsValidationTrust { /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualGatewaySpecListenerTlsValidationTrustSds { /** * Name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualGatewaySpecLogging { /** * Access log configuration for a virtual gateway. */ accessLog?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLog { /** * File object to send virtual gateway access logs to. */ file?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFile { /** * The specified format for the logs. */ format?: pulumi.Input; /** * File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length. */ path: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFileFormat { /** * The logging format for JSON. */ jsons?: pulumi.Input[]>; /** * The logging format for text. Must be between 1 and 1000 characters in length. */ text?: pulumi.Input; } export interface VirtualGatewaySpecLoggingAccessLogFileFormatJson { /** * The specified key for the JSON. Must be between 1 and 100 characters in length. */ key: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpec { /** * Defaults for backends. */ backendDefaults?: pulumi.Input; /** * Backends to which the virtual node is expected to send outbound traffic. */ backends?: pulumi.Input[]>; /** * Listeners from which the virtual node is expected to receive inbound traffic. */ listeners?: pulumi.Input[]>; /** * Inbound and outbound access logging information for the virtual node. */ logging?: pulumi.Input; /** * Service discovery information for the virtual node. */ serviceDiscovery?: pulumi.Input; } export interface VirtualNodeSpecBackend { /** * Virtual service to use as a backend for a virtual node. */ virtualService: pulumi.Input; } export interface VirtualNodeSpecBackendDefaults { /** * Default client policy for virtual service backends. See above for details. */ clientPolicy?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecBackendDefaultsClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualService { /** * Client policy for the backend. */ clientPolicy?: pulumi.Input; /** * Name of the virtual service that is acting as a virtual node backend. Must be between 1 and 255 characters in length. */ virtualServiceName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicy { /** * Transport Layer Security (TLS) client policy. */ tls?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTls { /** * Listener's TLS certificate. */ certificate?: pulumi.Input; /** * Whether the policy is enforced. Default is `true`. */ enforce?: pulumi.Input; /** * One or more ports that the policy is enforced for. */ ports?: pulumi.Input[]>; /** * Listener's Transport Layer Security (TLS) validation context. */ validation: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificate { /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrust { /** * TLS validation context trust for an AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustAcm { /** * One or more ACM ARNs. */ certificateAuthorityArns: pulumi.Input[]>; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecBackendVirtualServiceClientPolicyTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecListener { /** * Connection pool information for the listener. */ connectionPool?: pulumi.Input; /** * Health check information for the listener. */ healthCheck?: pulumi.Input; /** * Outlier detection information for the listener. */ outlierDetection?: pulumi.Input; /** * Port mapping information for the listener. */ portMapping: pulumi.Input; /** * Timeouts for different protocols. */ timeout?: pulumi.Input; /** * Transport Layer Security (TLS) properties for the listener */ tls?: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPool { /** * Connection pool information for gRPC listeners. */ grpc?: pulumi.Input; /** * Connection pool information for HTTP2 listeners. */ http2s?: pulumi.Input[]>; /** * Connection pool information for HTTP listeners. */ https?: pulumi.Input[]>; /** * Connection pool information for TCP listeners. */ tcps?: pulumi.Input[]>; } export interface VirtualNodeSpecListenerConnectionPoolGrpc { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolHttp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; /** * Number of overflowing requests after `maxConnections` Envoy will queue to upstream cluster. Minimum value of `1`. */ maxPendingRequests?: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolHttp2 { /** * Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster. Minimum value of `1`. */ maxRequests: pulumi.Input; } export interface VirtualNodeSpecListenerConnectionPoolTcp { /** * Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster. Minimum value of `1`. */ maxConnections: pulumi.Input; } export interface VirtualNodeSpecListenerHealthCheck { /** * Number of consecutive successful health checks that must occur before declaring listener healthy. */ healthyThreshold: pulumi.Input; /** * Time period in milliseconds between each health check execution. */ intervalMillis: pulumi.Input; /** * Destination path for the health check request. This is only required if the specified protocol is `http` or `http2`. */ path?: pulumi.Input; /** * Destination port for the health check request. This port must match the port defined in the `portMapping` for the listener. */ port?: pulumi.Input; /** * Protocol for the health check request. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; /** * Amount of time to wait when receiving a response from the health check, in milliseconds. */ timeoutMillis: pulumi.Input; /** * Number of consecutive failed health checks that must occur before declaring a virtual node unhealthy. */ unhealthyThreshold: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetection { /** * Base amount of time for which a host is ejected. */ baseEjectionDuration: pulumi.Input; /** * Time interval between ejection sweep analysis. */ interval: pulumi.Input; /** * Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value. * Minimum value of `0`. Maximum value of `100`. */ maxEjectionPercent: pulumi.Input; /** * Number of consecutive `5xx` errors required for ejection. Minimum value of `1`. */ maxServerErrors: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetectionBaseEjectionDuration { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerOutlierDetectionInterval { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`, `http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualNodeSpecListenerTimeout { /** * Timeouts for gRPC listeners. */ grpc?: pulumi.Input; /** * Timeouts for HTTP listeners. */ http?: pulumi.Input; /** * Timeouts for HTTP2 listeners. */ http2?: pulumi.Input; /** * Timeouts for TCP listeners. */ tcp?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpc { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpcIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutGrpcPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2 { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; /** * Per request timeout. */ perRequest?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2Idle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttp2PerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttpIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutHttpPerRequest { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutTcp { /** * Idle timeout. An idle timeout bounds the amount of time that a connection may be idle. */ idle?: pulumi.Input; } export interface VirtualNodeSpecListenerTimeoutTcpIdle { /** * Unit of time. Valid values: `ms`, `s`. */ unit: pulumi.Input; /** * Number of time units. Minimum value of `0`. */ value: pulumi.Input; } export interface VirtualNodeSpecListenerTls { /** * Listener's TLS certificate. */ certificate: pulumi.Input; /** * Listener's TLS mode. Valid values: `DISABLED`, `PERMISSIVE`, `STRICT`. */ mode: pulumi.Input; /** * Listener's Transport Layer Security (TLS) validation context. */ validation?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificate { /** * An AWS Certificate Manager (ACM) certificate. */ acm?: pulumi.Input; /** * Local file certificate. */ file?: pulumi.Input; /** * A [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateAcm { /** * ARN for the certificate. */ certificateArn: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; /** * Private key for a certificate stored on the file system of the virtual node that the proxy is running on. Must be between 1 and 255 characters in length. */ privateKey: pulumi.Input; } export interface VirtualNodeSpecListenerTlsCertificateSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidation { /** * SANs for a TLS validation context. */ subjectAlternativeNames?: pulumi.Input; /** * TLS validation context trust. */ trust: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationSubjectAlternativeNames { /** * Criteria for determining a SAN's match. */ match: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationSubjectAlternativeNamesMatch { /** * Values sent must match the specified values exactly. */ exacts: pulumi.Input[]>; } export interface VirtualNodeSpecListenerTlsValidationTrust { /** * TLS validation context trust for a local file certificate. */ file?: pulumi.Input; /** * TLS validation context trust for a [Secret Discovery Service](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret#secret-discovery-service-sds) certificate. */ sds?: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationTrustFile { /** * Certificate trust chain for a certificate stored on the file system of the mesh endpoint that the proxy is running on. Must be between 1 and 255 characters in length. */ certificateChain: pulumi.Input; } export interface VirtualNodeSpecListenerTlsValidationTrustSds { /** * Name of the secret for a virtual node's Transport Layer Security (TLS) Secret Discovery Service validation context trust. */ secretName: pulumi.Input; } export interface VirtualNodeSpecLogging { /** * Access log configuration for a virtual node. */ accessLog?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLog { /** * File object to send virtual node access logs to. */ file?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFile { /** * The specified format for the logs. */ format?: pulumi.Input; /** * File path to write access logs to. You can use `/dev/stdout` to send access logs to standard out. Must be between 1 and 255 characters in length. */ path: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFileFormat { /** * The logging format for JSON. */ jsons?: pulumi.Input[]>; /** * The logging format for text. Must be between 1 and 1000 characters in length. */ text?: pulumi.Input; } export interface VirtualNodeSpecLoggingAccessLogFileFormatJson { /** * The specified key for the JSON. Must be between 1 and 100 characters in length. */ key: pulumi.Input; /** * The specified value for the JSON. Must be between 1 and 100 characters in length. */ value: pulumi.Input; } export interface VirtualNodeSpecServiceDiscovery { /** * Any AWS Cloud Map information for the virtual node. */ awsCloudMap?: pulumi.Input; /** * DNS service name for the virtual node. */ dns?: pulumi.Input; } export interface VirtualNodeSpecServiceDiscoveryAwsCloudMap { /** * String map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned. */ attributes?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the AWS Cloud Map namespace to use. * Use the `aws.servicediscovery.HttpNamespace` resource to configure a Cloud Map namespace. Must be between 1 and 1024 characters in length. */ namespaceName: pulumi.Input; /** * Name of the AWS Cloud Map service to use. Use the `aws.servicediscovery.Service` resource to configure a Cloud Map service. Must be between 1 and 1024 characters in length. */ serviceName: pulumi.Input; } export interface VirtualNodeSpecServiceDiscoveryDns { /** * DNS host name for your virtual node. */ hostname: pulumi.Input; /** * The preferred IP version that this virtual node uses. Valid values: `IPv6_PREFERRED`, `IPv4_PREFERRED`, `IPv4_ONLY`, `IPv6_ONLY`. */ ipPreference?: pulumi.Input; /** * The DNS response type for the virtual node. Valid values: `LOADBALANCER`, `ENDPOINTS`. */ responseType?: pulumi.Input; } export interface VirtualRouterSpec { /** * Listeners that the virtual router is expected to receive inbound traffic from. * Currently only one listener is supported per virtual router. */ listeners?: pulumi.Input[]>; } export interface VirtualRouterSpecListener { /** * Port mapping information for the listener. */ portMapping: pulumi.Input; } export interface VirtualRouterSpecListenerPortMapping { /** * Port used for the port mapping. */ port: pulumi.Input; /** * Protocol used for the port mapping. Valid values are `http`,`http2`, `tcp` and `grpc`. */ protocol: pulumi.Input; } export interface VirtualServiceSpec { /** * App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router. */ provider?: pulumi.Input; } export interface VirtualServiceSpecProvider { /** * Virtual node associated with a virtual service. */ virtualNode?: pulumi.Input; /** * Virtual router associated with a virtual service. */ virtualRouter?: pulumi.Input; } export interface VirtualServiceSpecProviderVirtualNode { /** * Name of the virtual node that is acting as a service provider. Must be between 1 and 255 characters in length. */ virtualNodeName: pulumi.Input; } export interface VirtualServiceSpecProviderVirtualRouter { /** * Name of the virtual router that is acting as a service provider. Must be between 1 and 255 characters in length. */ virtualRouterName: pulumi.Input; } } export namespace apprunner { export interface CustomDomainAssociationCertificateValidationRecord { /** * Certificate CNAME record name. */ name?: pulumi.Input; /** * Current state of the certificate CNAME record validation. It should change to `SUCCESS` after App Runner completes validation with your DNS. */ status?: pulumi.Input; /** * Record type, always `CNAME`. */ type?: pulumi.Input; /** * Certificate CNAME record value. */ value?: pulumi.Input; } export interface DeploymentTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface ObservabilityConfigurationTraceConfiguration { /** * Implementation provider chosen for tracing App Runner services. Valid values: `AWSXRAY`. */ vendor?: pulumi.Input; } export interface ServiceEncryptionConfiguration { /** * ARN of the KMS key used for encryption. */ kmsKey: pulumi.Input; } export interface ServiceHealthCheckConfiguration { /** * Number of consecutive checks that must succeed before App Runner decides that the service is healthy. Defaults to 1. Minimum value of 1. Maximum value of 20. */ healthyThreshold?: pulumi.Input; /** * Time interval, in seconds, between health checks. Defaults to 5. Minimum value of 1. Maximum value of 20. */ interval?: pulumi.Input; /** * URL to send requests to for health checks. Defaults to `/`. Minimum length of 0. Maximum length of 51200. */ path?: pulumi.Input; /** * IP protocol that App Runner uses to perform health checks for your service. Valid values: `TCP`, `HTTP`. Defaults to `TCP`. If you set protocol to `HTTP`, App Runner sends health check requests to the HTTP path specified by `path`. */ protocol?: pulumi.Input; /** * Time, in seconds, to wait for a health check response before deciding it failed. Defaults to 2. Minimum value of 1. Maximum value of 20. */ timeout?: pulumi.Input; /** * Number of consecutive checks that must fail before App Runner decides that the service is unhealthy. Defaults to 5. Minimum value of 1. Maximum value of 20. */ unhealthyThreshold?: pulumi.Input; } export interface ServiceInstanceConfiguration { /** * Number of CPU units reserved for each instance of your App Runner service represented as a String. Defaults to `1024`. Valid values: `256|512|1024|2048|4096|(0.25|0.5|1|2|4) vCPU`. */ cpu?: pulumi.Input; /** * ARN of an IAM role that provides permissions to your App Runner service. These are permissions that your code needs when it calls any AWS APIs. */ instanceRoleArn?: pulumi.Input; /** * Amount of memory, in MB or GB, reserved for each instance of your App Runner service. Defaults to `2048`. Valid values: `512|1024|2048|3072|4096|6144|8192|10240|12288|(0.5|1|2|3|4|6|8|10|12) GB`. */ memory?: pulumi.Input; } export interface ServiceNetworkConfiguration { /** * Network configuration settings for outbound message traffic. See Egress Configuration below for more details. */ egressConfiguration?: pulumi.Input; /** * Network configuration settings for inbound network traffic. See Ingress Configuration below for more details. */ ingressConfiguration?: pulumi.Input; /** * App Runner provides you with the option to choose between Internet Protocol version 4 (IPv4) and dual stack (IPv4 and IPv6) for your incoming public network configuration. Valid values: `IPV4`, `DUAL_STACK`. Default: `IPV4`. */ ipAddressType?: pulumi.Input; } export interface ServiceNetworkConfigurationEgressConfiguration { /** * The type of egress configuration. Valid values are: `DEFAULT` and `VPC`. */ egressType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to associate with your App Runner service. Only valid when `EgressType = VPC`. */ vpcConnectorArn?: pulumi.Input; } export interface ServiceNetworkConfigurationIngressConfiguration { /** * Specifies whether your App Runner service is publicly accessible. To make the service publicly accessible set it to True. To make the service privately accessible, from only within an Amazon VPC set it to False. */ isPubliclyAccessible?: pulumi.Input; } export interface ServiceObservabilityConfiguration { /** * ARN of the observability configuration that is associated with the service. Specified only when `observabilityEnabled` is `true`. */ observabilityConfigurationArn?: pulumi.Input; /** * When `true`, an observability configuration resource is associated with the service. */ observabilityEnabled: pulumi.Input; } export interface ServiceSourceConfiguration { /** * Describes resources needed to authenticate access to some source repositories. See Authentication Configuration below for more details. */ authenticationConfiguration?: pulumi.Input; /** * Whether continuous integration from the source repository is enabled for the App Runner service. If set to `true`, each repository change (source code commit or new image version) starts a deployment. Defaults to `true`. */ autoDeploymentsEnabled?: pulumi.Input; /** * Description of a source code repository. See Code Repository below for more details. */ codeRepository?: pulumi.Input; /** * Description of a source image repository. See Image Repository below for more details. */ imageRepository?: pulumi.Input; } export interface ServiceSourceConfigurationAuthenticationConfiguration { /** * ARN of the IAM role that grants the App Runner service access to a source repository. Required for ECR image repositories (but not for ECR Public) */ accessRoleArn?: pulumi.Input; /** * ARN of the App Runner connection that enables the App Runner service to connect to a source repository. Required for GitHub code repositories. */ connectionArn?: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepository { /** * Configuration for building and running the service from a source code repository. See Code Configuration below for more details. */ codeConfiguration?: pulumi.Input; /** * Location of the repository that contains the source code. */ repositoryUrl: pulumi.Input; /** * Version that should be used within the source code repository. See Source Code Version below for more details. */ sourceCodeVersion: pulumi.Input; /** * The path of the directory that stores source code and configuration files. The build and start commands also execute from here. The path is absolute from root and, if not specified, defaults to the repository root. */ sourceDirectory?: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositoryCodeConfiguration { /** * Basic configuration for building and running the App Runner service. Use this parameter to quickly launch an App Runner service without providing an apprunner.yaml file in the source code repository (or ignoring the file if it exists). See Code Configuration Values below for more details. */ codeConfigurationValues?: pulumi.Input; /** * Source of the App Runner configuration. Valid values: `REPOSITORY`, `API`. Values are interpreted as follows: * * `REPOSITORY` - App Runner reads configuration values from the apprunner.yaml file in the * source code repository and ignores the CodeConfigurationValues parameter. * * `API` - App Runner uses configuration values provided in the CodeConfigurationValues * parameter and ignores the apprunner.yaml file in the source code repository. */ configurationSource: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositoryCodeConfigurationCodeConfigurationValues { /** * Command App Runner runs to build your application. */ buildCommand?: pulumi.Input; /** * Port that your application listens to in the container. Defaults to `"8080"`. */ port?: pulumi.Input; /** * Runtime environment type for building and running an App Runner service. Represents a programming language runtime. Valid values: `PYTHON_3`, `NODEJS_12`, `NODEJS_14`, `NODEJS_16`, `CORRETTO_8`, `CORRETTO_11`, `GO_1`, `DOTNET_6`, `PHP_81`, `RUBY_31`. */ runtime: pulumi.Input; /** * Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store. */ runtimeEnvironmentSecrets?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid. */ runtimeEnvironmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Command App Runner runs to start your application. */ startCommand?: pulumi.Input; } export interface ServiceSourceConfigurationCodeRepositorySourceCodeVersion { /** * Type of version identifier. For a git-based repository, branches represent versions. Valid values: `BRANCH`. */ type: pulumi.Input; /** * Source code version. For a git-based repository, a branch name maps to a specific version. App Runner uses the most recent commit to the branch. */ value: pulumi.Input; } export interface ServiceSourceConfigurationImageRepository { /** * Configuration for running the identified image. See Image Configuration below for more details. */ imageConfiguration?: pulumi.Input; /** * Identifier of an image. For an image in Amazon Elastic Container Registry (Amazon ECR), this is an image name. For the * image name format, see Pulling an image in the Amazon ECR User Guide. */ imageIdentifier: pulumi.Input; /** * Type of the image repository. This reflects the repository provider and whether the repository is private or public. Valid values: `ECR` , `ECR_PUBLIC`. */ imageRepositoryType: pulumi.Input; } export interface ServiceSourceConfigurationImageRepositoryImageConfiguration { /** * Port that your application listens to in the container. Defaults to `"8080"`. */ port?: pulumi.Input; /** * Secrets and parameters available to your service as environment variables. A map of key/value pairs, where the key is the desired name of the Secret in the environment (i.e. it does not have to match the name of the secret in Secrets Manager or SSM Parameter Store), and the value is the ARN of the secret from AWS Secrets Manager or the ARN of the parameter in AWS SSM Parameter Store. */ runtimeEnvironmentSecrets?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Environment variables available to your running App Runner service. A map of key/value pairs. Keys with a prefix of `AWSAPPRUNNER` are reserved for system use and aren't valid. */ runtimeEnvironmentVariables?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Command App Runner runs to start the application in the source image. If specified, this command overrides the Docker image’s default start command. */ startCommand?: pulumi.Input; } export interface VpcIngressConnectionIngressVpcConfiguration { /** * The ID of the VPC endpoint that your App Runner service connects to. */ vpcEndpointId?: pulumi.Input; /** * The ID of the VPC that is used for the VPC endpoint. */ vpcId?: pulumi.Input; } } export namespace appstream { export interface DirectoryConfigServiceAccountCredentials { /** * User name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified. */ accountName: pulumi.Input; /** * Password for the account. */ accountPassword: pulumi.Input; } export interface FleetComputeCapacity { /** * Number of currently available instances that can be used to stream sessions. */ available?: pulumi.Input; /** * Desired number of streaming instances. */ desiredInstances?: pulumi.Input; /** * Desired number of user sessions for a multi-session fleet. This is not allowed for single-session fleets. */ desiredSessions?: pulumi.Input; /** * Number of instances in use for streaming. */ inUse?: pulumi.Input; /** * Total number of simultaneous streaming instances that are running. */ running?: pulumi.Input; } export interface FleetDomainJoinInfo { /** * Fully qualified name of the directory (for example, corp.example.com). */ directoryName?: pulumi.Input; /** * Distinguished name of the organizational unit for computer accounts. */ organizationalUnitDistinguishedName?: pulumi.Input; } export interface FleetVpcConfig { /** * Identifiers of the security groups for the fleet or image builder. */ securityGroupIds?: pulumi.Input[]>; /** * Identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. */ subnetIds?: pulumi.Input[]>; } export interface ImageBuilderAccessEndpoint { /** * Type of interface endpoint. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AccessEndpoint.html). */ endpointType: pulumi.Input; /** * Identifier (ID) of the interface VPC endpoint. */ vpceId?: pulumi.Input; } export interface ImageBuilderDomainJoinInfo { /** * Fully qualified name of the directory (for example, corp.example.com). */ directoryName?: pulumi.Input; /** * Distinguished name of the organizational unit for computer accounts. */ organizationalUnitDistinguishedName?: pulumi.Input; } export interface ImageBuilderVpcConfig { /** * Identifiers of the security groups for the image builder or image builder. */ securityGroupIds?: pulumi.Input[]>; /** * Identifier of the subnet to which a network interface is attached from the image builder instance. */ subnetIds?: pulumi.Input[]>; } export interface StackAccessEndpoint { /** * Type of the interface endpoint. * See the [`AccessEndpoint` AWS API documentation](https://docs.aws.amazon.com/appstream2/latest/APIReference/API_AccessEndpoint.html) for valid values. */ endpointType: pulumi.Input; /** * ID of the VPC in which the interface endpoint is used. */ vpceId?: pulumi.Input; } export interface StackApplicationSettings { /** * Whether application settings should be persisted. */ enabled: pulumi.Input; /** * Name of the settings group. * Required when `enabled` is `true`. * Can be up to 100 characters. */ settingsGroup?: pulumi.Input; } export interface StackStorageConnector { /** * Type of storage connector. * Valid values are `HOMEFOLDERS`, `GOOGLE_DRIVE`, or `ONE_DRIVE`. */ connectorType: pulumi.Input; /** * Names of the domains for the account. */ domains?: pulumi.Input[]>; /** * ARN of the storage connector. */ resourceIdentifier?: pulumi.Input; } export interface StackStreamingExperienceSettings { /** * The preferred protocol that you want to use while streaming your application. * Valid values are `TCP` and `UDP`. */ preferredProtocol?: pulumi.Input; } export interface StackUserSetting { /** * Action that is enabled or disabled. * Valid values are `CLIPBOARD_COPY_FROM_LOCAL_DEVICE`, `CLIPBOARD_COPY_TO_LOCAL_DEVICE`, `FILE_UPLOAD`, `FILE_DOWNLOAD`, `PRINTING_TO_LOCAL_DEVICE`, `DOMAIN_PASSWORD_SIGNIN`, or `DOMAIN_SMART_CARD_SIGNIN`. */ action: pulumi.Input; /** * Whether the action is enabled or disabled. * Valid values are `ENABLED` or `DISABLED`. */ permission: pulumi.Input; } } export namespace appsync { export interface DataSourceDynamodbConfig { /** * The DeltaSyncConfig for a versioned data source. See `deltaSyncConfig` Block for details. */ deltaSyncConfig?: pulumi.Input; /** * AWS region of the DynamoDB table. Defaults to current region. */ region?: pulumi.Input; /** * Name of the DynamoDB table. */ tableName: pulumi.Input; /** * Set to `true` to use Amazon Cognito credentials with this data source. */ useCallerCredentials?: pulumi.Input; /** * Detects Conflict Detection and Resolution with this data source. */ versioned?: pulumi.Input; } export interface DataSourceDynamodbConfigDeltaSyncConfig { /** * The number of minutes that an Item is stored in the data source. */ baseTableTtl?: pulumi.Input; /** * The table name. */ deltaSyncTableName: pulumi.Input; /** * The number of minutes that a Delta Sync log entry is stored in the Delta Sync table. */ deltaSyncTableTtl?: pulumi.Input; } export interface DataSourceElasticsearchConfig { /** * HTTP endpoint of the Elasticsearch domain. */ endpoint: pulumi.Input; /** * AWS region of Elasticsearch domain. Defaults to current region. */ region?: pulumi.Input; } export interface DataSourceEventBridgeConfig { /** * ARN for the EventBridge bus. */ eventBusArn: pulumi.Input; } export interface DataSourceHttpConfig { /** * Authorization configuration in case the HTTP endpoint requires authorization. See `authorizationConfig` Block for details. */ authorizationConfig?: pulumi.Input; /** * HTTP URL. */ endpoint: pulumi.Input; } export interface DataSourceHttpConfigAuthorizationConfig { /** * Authorization type that the HTTP endpoint requires. Default values is `AWS_IAM`. */ authorizationType?: pulumi.Input; /** * Identity and Access Management (IAM) settings. See `awsIamConfig` Block for details. */ awsIamConfig?: pulumi.Input; } export interface DataSourceHttpConfigAuthorizationConfigAwsIamConfig { /** * Signing Amazon Web Services Region for IAM authorization. */ signingRegion?: pulumi.Input; /** * Signing service name for IAM authorization. */ signingServiceName?: pulumi.Input; } export interface DataSourceLambdaConfig { /** * ARN for the Lambda function. */ functionArn: pulumi.Input; } export interface DataSourceOpensearchserviceConfig { /** * HTTP endpoint of the OpenSearch domain. */ endpoint: pulumi.Input; /** * AWS region of the OpenSearch domain. Defaults to current region. */ region?: pulumi.Input; } export interface DataSourceRelationalDatabaseConfig { /** * Amazon RDS HTTP endpoint configuration. See `httpEndpointConfig` Block for details. */ httpEndpointConfig?: pulumi.Input; /** * Source type for the relational database. Valid values: `RDS_HTTP_ENDPOINT`. */ sourceType?: pulumi.Input; } export interface DataSourceRelationalDatabaseConfigHttpEndpointConfig { /** * AWS secret store ARN for database credentials. */ awsSecretStoreArn: pulumi.Input; /** * Logical database name. */ databaseName?: pulumi.Input; /** * Amazon RDS cluster identifier. */ dbClusterIdentifier: pulumi.Input; /** * AWS Region for RDS HTTP endpoint. Defaults to current region. */ region?: pulumi.Input; /** * Logical schema name. */ schema?: pulumi.Input; } export interface FunctionRuntime { /** * The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`. */ name: pulumi.Input; /** * The version of the runtime to use. Currently, the only allowed version is `1.0.0`. */ runtimeVersion: pulumi.Input; } export interface FunctionSyncConfig { /** * Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`. */ conflictDetection?: pulumi.Input; /** * Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`. */ conflictHandler?: pulumi.Input; /** * Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See `lambdaConflictHandlerConfig` Block for details. */ lambdaConflictHandlerConfig?: pulumi.Input; } export interface FunctionSyncConfigLambdaConflictHandlerConfig { /** * ARN for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProvider { /** * Authentication type. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA` */ authenticationType: pulumi.Input; /** * Nested argument containing Lambda authorizer configuration. See `lambdaAuthorizerConfig` Block for details. */ lambdaAuthorizerConfig?: pulumi.Input; /** * Nested argument containing OpenID Connect configuration. See `openidConnectConfig` Block for details. */ openidConnectConfig?: pulumi.Input; /** * Amazon Cognito User Pool configuration. See `userPoolConfig` Block for details. */ userPoolConfig?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig { /** * Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. */ authorizerResultTtlInSeconds?: pulumi.Input; /** * ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`. */ authorizerUri: pulumi.Input; /** * Regular expression for validation of tokens before the Lambda function is called. */ identityValidationExpression?: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig { /** * Number of milliseconds a token is valid after being authenticated. */ authTtl?: pulumi.Input; /** * Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time. */ clientId?: pulumi.Input; /** * Number of milliseconds a token is valid after being issued to a user. */ iatTtl?: pulumi.Input; /** * Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token. */ issuer: pulumi.Input; } export interface GraphQLApiAdditionalAuthenticationProviderUserPoolConfig { /** * Regular expression for validating the incoming Amazon Cognito User Pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * AWS region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * User pool ID. */ userPoolId: pulumi.Input; } export interface GraphQLApiEnhancedMetricsConfig { /** * How data source metrics will be emitted to CloudWatch. Valid values: `FULL_REQUEST_DATA_SOURCE_METRICS`, `PER_DATA_SOURCE_METRICS` */ dataSourceLevelMetricsBehavior: pulumi.Input; /** * How operation metrics will be emitted to CloudWatch. Valid values: `ENABLED`, `DISABLED` */ operationLevelMetricsConfig: pulumi.Input; /** * How resolver metrics will be emitted to CloudWatch. Valid values: `FULL_REQUEST_RESOLVER_METRICS`, `PER_RESOLVER_METRICS` */ resolverLevelMetricsBehavior: pulumi.Input; } export interface GraphQLApiLambdaAuthorizerConfig { /** * Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. */ authorizerResultTtlInSeconds?: pulumi.Input; /** * ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow `lambda:InvokeFunction` from service principal `appsync.amazonaws.com`. */ authorizerUri: pulumi.Input; /** * Regular expression for validation of tokens before the Lambda function is called. */ identityValidationExpression?: pulumi.Input; } export interface GraphQLApiLogConfig { /** * Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account. */ cloudwatchLogsRoleArn: pulumi.Input; /** * Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values: `true`, `false`. Default value: `false` */ excludeVerboseContent?: pulumi.Input; /** * Field logging level. Valid values: `ALL`, `ERROR`, `NONE`. */ fieldLogLevel: pulumi.Input; } export interface GraphQLApiOpenidConnectConfig { /** * Number of milliseconds a token is valid after being authenticated. */ authTtl?: pulumi.Input; /** * Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time. */ clientId?: pulumi.Input; /** * Number of milliseconds a token is valid after being issued to a user. */ iatTtl?: pulumi.Input; /** * Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token. */ issuer: pulumi.Input; } export interface GraphQLApiUserPoolConfig { /** * Regular expression for validating the incoming Amazon Cognito User Pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * AWS region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid: `ALLOW` and `DENY` */ defaultAction: pulumi.Input; /** * User pool ID. */ userPoolId: pulumi.Input; } export interface ResolverCachingConfig { /** * The caching keys for a resolver that has caching activated. Valid values are entries from the $context.arguments, $context.source, and $context.identity maps. */ cachingKeys?: pulumi.Input[]>; /** * The TTL in seconds for a resolver that has caching activated. Valid values are between `1` and `3600` seconds. */ ttl?: pulumi.Input; } export interface ResolverPipelineConfig { /** * A list of Function objects. */ functions?: pulumi.Input[]>; } export interface ResolverRuntime { /** * The name of the runtime to use. Currently, the only allowed value is `APPSYNC_JS`. */ name: pulumi.Input; /** * The version of the runtime to use. Currently, the only allowed version is `1.0.0`. */ runtimeVersion: pulumi.Input; } export interface ResolverSyncConfig { /** * Conflict Detection strategy to use. Valid values are `NONE` and `VERSION`. */ conflictDetection?: pulumi.Input; /** * Conflict Resolution strategy to perform in the event of a conflict. Valid values are `NONE`, `OPTIMISTIC_CONCURRENCY`, `AUTOMERGE`, and `LAMBDA`. */ conflictHandler?: pulumi.Input; /** * Lambda Conflict Handler Config when configuring `LAMBDA` as the Conflict Handler. See Lambda Conflict Handler Config. */ lambdaConflictHandlerConfig?: pulumi.Input; } export interface ResolverSyncConfigLambdaConflictHandlerConfig { /** * ARN for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } export interface SourceApiAssociationSourceApiAssociationConfig { /** * Merge type. Valid values: `MANUAL_MERGE`, `AUTO_MERGE` */ mergeType: pulumi.Input; } export interface SourceApiAssociationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace athena { export interface DatabaseAclConfiguration { /** * Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`. * * > **NOTE:** When Athena queries are executed, result files may be created in the specified bucket. Consider using `forceDestroy` on the bucket too in order to avoid any problems when destroying the bucket. */ s3AclOption: pulumi.Input; } export interface DatabaseEncryptionConfiguration { /** * Type of key; one of `SSE_S3`, `SSE_KMS`, `CSE_KMS` */ encryptionOption: pulumi.Input; /** * KMS key ARN or ID; required for key types `SSE_KMS` and `CSE_KMS`. */ kmsKey?: pulumi.Input; } export interface WorkgroupConfiguration { /** * Integer for the upper data usage limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. Must be at least `10485760`. */ bytesScannedCutoffPerQuery?: pulumi.Input; /** * Boolean whether the settings for the workgroup override client-side settings. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html). Defaults to `true`. */ enforceWorkgroupConfiguration?: pulumi.Input; /** * Configuration block for the Athena Engine Versioning. For more information, see [Athena Engine Versioning](https://docs.aws.amazon.com/athena/latest/ug/engine-versions.html). See Engine Version below. */ engineVersion?: pulumi.Input; /** * Role used in a notebook session for accessing the user's resources. */ executionRole?: pulumi.Input; /** * Boolean whether Amazon CloudWatch metrics are enabled for the workgroup. Defaults to `true`. */ publishCloudwatchMetricsEnabled?: pulumi.Input; /** * If set to true , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to false , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is false . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the Amazon Simple Storage Service Developer Guide. */ requesterPaysEnabled?: pulumi.Input; /** * Configuration block with result settings. See Result Configuration below. */ resultConfiguration?: pulumi.Input; } export interface WorkgroupConfigurationEngineVersion { /** * The engine version on which the query runs. If `selectedEngineVersion` is set to `AUTO`, the effective engine version is chosen by Athena. */ effectiveEngineVersion?: pulumi.Input; /** * Requested engine version. Defaults to `AUTO`. */ selectedEngineVersion?: pulumi.Input; } export interface WorkgroupConfigurationResultConfiguration { /** * That an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below. */ aclConfiguration?: pulumi.Input; /** * Configuration block with encryption settings. See Encryption Configuration below. */ encryptionConfiguration?: pulumi.Input; /** * AWS account ID that you expect to be the owner of the Amazon S3 bucket. */ expectedBucketOwner?: pulumi.Input; /** * Location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/`. For more information, see [Queries and Query Result Files](https://docs.aws.amazon.com/athena/latest/ug/querying.html). */ outputLocation?: pulumi.Input; } export interface WorkgroupConfigurationResultConfigurationAclConfiguration { /** * Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`. */ s3AclOption: pulumi.Input; } export interface WorkgroupConfigurationResultConfigurationEncryptionConfiguration { /** * Whether Amazon S3 server-side encryption with Amazon S3-managed keys (`SSE_S3`), server-side encryption with KMS-managed keys (`SSE_KMS`), or client-side encryption with KMS-managed keys (`CSE_KMS`) is used. If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup. */ encryptionOption?: pulumi.Input; /** * For `SSE_KMS` and `CSE_KMS`, this is the KMS key ARN. */ kmsKeyArn?: pulumi.Input; } } export namespace auditmanager { export interface AssessmentAssessmentReportsDestination { /** * Destination of the assessment report. This value be in the form `s3://{bucket_name}`. */ destination: pulumi.Input; /** * Destination type. Currently, `S3` is the only valid value. */ destinationType: pulumi.Input; } export interface AssessmentRole { /** * Amazon Resource Name (ARN) of the IAM role. */ roleArn: pulumi.Input; /** * Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`. */ roleType: pulumi.Input; } export interface AssessmentRolesAll { /** * Amazon Resource Name (ARN) of the IAM role. */ roleArn: pulumi.Input; /** * Type of customer persona. For assessment creation, type must always be `PROCESS_OWNER`. */ roleType: pulumi.Input; } export interface AssessmentScope { /** * Amazon Web Services accounts that are in scope for the assessment. See `awsAccounts` below. */ awsAccounts?: pulumi.Input[]>; /** * Amazon Web Services services that are included in the scope of the assessment. See `awsServices` below. */ awsServices?: pulumi.Input[]>; } export interface AssessmentScopeAwsAccount { /** * Identifier for the Amazon Web Services account. */ id: pulumi.Input; } export interface AssessmentScopeAwsService { /** * Name of the Amazon Web Service. */ serviceName: pulumi.Input; } export interface ControlControlMappingSource { /** * Description of the source. */ sourceDescription?: pulumi.Input; /** * Frequency of evidence collection. Valid values are `DAILY`, `WEEKLY`, or `MONTHLY`. */ sourceFrequency?: pulumi.Input; sourceId?: pulumi.Input; /** * The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names. See `sourceKeyword` below. */ sourceKeyword?: pulumi.Input; /** * Name of the source. */ sourceName: pulumi.Input; /** * The setup option for the data source. This option reflects if the evidence collection is automated or manual. Valid values are `System_Controls_Mapping` (automated) and `Procedural_Controls_Mapping` (manual). */ sourceSetUpOption: pulumi.Input; /** * Type of data source for evidence collection. If `sourceSetUpOption` is manual, the only valid value is `MANUAL`. If `sourceSetUpOption` is automated, valid values are `AWS_Cloudtrail`, `AWS_Config`, `AWS_Security_Hub`, or `AWS_API_Call`. * * The following arguments are optional: */ sourceType: pulumi.Input; /** * Instructions for troubleshooting the control. */ troubleshootingText?: pulumi.Input; } export interface ControlControlMappingSourceSourceKeyword { /** * Input method for the keyword. Valid values are `INPUT_TEXT`, `SELECT_FROM_LIST`, or `UPLOAD_FILE`. */ keywordInputType: pulumi.Input; /** * The value of the keyword that's used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call. See the [Audit Manager supported control data sources documentation](https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources.html) for more information. */ keywordValue: pulumi.Input; } export interface FrameworkControlSet { /** * Configuration block(s) for the controls within the control set. See `controls` Block below for details. */ controls?: pulumi.Input[]>; /** * Unique identifier for the framework. */ id?: pulumi.Input; /** * Name of the control set. */ name: pulumi.Input; } export interface FrameworkControlSetControl { /** * Unique identifier of the control. */ id: pulumi.Input; } export interface GetControlControlMappingSource { sourceDescription?: string; sourceFrequency?: string; sourceId?: string; sourceKeyword?: inputs.auditmanager.GetControlControlMappingSourceSourceKeyword; sourceName?: string; sourceSetUpOption?: string; sourceType?: string; troubleshootingText?: string; } export interface GetControlControlMappingSourceArgs { sourceDescription?: pulumi.Input; sourceFrequency?: pulumi.Input; sourceId?: pulumi.Input; sourceKeyword?: pulumi.Input; sourceName?: pulumi.Input; sourceSetUpOption?: pulumi.Input; sourceType?: pulumi.Input; troubleshootingText?: pulumi.Input; } export interface GetControlControlMappingSourceSourceKeyword { keywordInputType?: string; keywordValue?: string; } export interface GetControlControlMappingSourceSourceKeywordArgs { keywordInputType?: pulumi.Input; keywordValue?: pulumi.Input; } export interface GetFrameworkControlSet { controls?: inputs.auditmanager.GetFrameworkControlSetControl[]; id?: string; /** * Name of the framework. */ name?: string; } export interface GetFrameworkControlSetArgs { controls?: pulumi.Input[]>; id?: pulumi.Input; /** * Name of the framework. */ name?: pulumi.Input; } export interface GetFrameworkControlSetControl { id?: string; } export interface GetFrameworkControlSetControlArgs { id?: pulumi.Input; } } export namespace autoscaling { export interface GetAmiIdsFilter { /** * Name of the DescribeAutoScalingGroup filter. The recommended values are: `tag-key`, `tag-value`, and `tag:` */ name: string; /** * Value of the filter. */ values: string[]; } export interface GetAmiIdsFilterArgs { /** * Name of the DescribeAutoScalingGroup filter. The recommended values are: `tag-key`, `tag-value`, and `tag:` */ name: pulumi.Input; /** * Value of the filter. */ values: pulumi.Input[]>; } export interface GroupInitialLifecycleHook { defaultResult?: pulumi.Input; heartbeatTimeout?: pulumi.Input; lifecycleTransition: pulumi.Input; /** * Name of the Auto Scaling Group. By default generated by Pulumi. Conflicts with `namePrefix`. */ name: pulumi.Input; notificationMetadata?: pulumi.Input; notificationTargetArn?: pulumi.Input; roleArn?: pulumi.Input; } export interface GroupInstanceMaintenancePolicy { /** * Specifies the upper limit on the number of instances that are in the InService or Pending state with a healthy status during an instance replacement activity. */ maxHealthyPercentage: pulumi.Input; /** * Specifies the lower limit on the number of instances that must be in the InService state with a healthy status during an instance replacement activity. */ minHealthyPercentage: pulumi.Input; } export interface GroupInstanceRefresh { /** * Override default parameters for Instance Refresh. */ preferences?: pulumi.Input; /** * Strategy to use for instance refresh. The only allowed value is `Rolling`. See [StartInstanceRefresh Action](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_StartInstanceRefresh.html#API_StartInstanceRefresh_RequestParameters) for more information. */ strategy: pulumi.Input; /** * Set of additional property names that will trigger an Instance Refresh. A refresh will always be triggered by a change in any of `launchConfiguration`, `launchTemplate`, or `mixedInstancesPolicy`. * * > **NOTE:** A refresh is started when any of the following Auto Scaling Group properties change: `launchConfiguration`, `launchTemplate`, `mixedInstancesPolicy`. Additional properties can be specified in the `triggers` property of `instanceRefresh`. * * > **NOTE:** A refresh will not start when `version = "$Latest"` is configured in the `launchTemplate` block. To trigger the instance refresh when a launch template is changed, configure `version` to use the `latestVersion` attribute of the `aws.ec2.LaunchTemplate` resource. * * > **NOTE:** Auto Scaling Groups support up to one active instance refresh at a time. When this resource is updated, any existing refresh is cancelled. * * > **NOTE:** Depending on health check settings and group size, an instance refresh may take a long time or fail. This resource does not wait for the instance refresh to complete. */ triggers?: pulumi.Input[]>; } export interface GroupInstanceRefreshPreferences { /** * Alarm Specification for Instance Refresh. */ alarmSpecification?: pulumi.Input; /** * Automatically rollback if instance refresh fails. Defaults to `false`. This option may only be set to `true` when specifying a `launchTemplate` or `mixedInstancesPolicy`. */ autoRollback?: pulumi.Input; /** * Number of seconds to wait after a checkpoint. Defaults to `3600`. */ checkpointDelay?: pulumi.Input; /** * List of percentages for each checkpoint. Values must be unique and in ascending order. To replace all instances, the final number must be `100`. */ checkpointPercentages?: pulumi.Input[]>; /** * Number of seconds until a newly launched instance is configured and ready to use. Default behavior is to use the Auto Scaling Group's health check grace period. */ instanceWarmup?: pulumi.Input; /** * Amount of capacity in the Auto Scaling group that can be in service and healthy, or pending, to support your workload when an instance refresh is in place, as a percentage of the desired capacity of the Auto Scaling group. Values must be between `100` and `200`, defaults to `100`. */ maxHealthyPercentage?: pulumi.Input; /** * Amount of capacity in the Auto Scaling group that must remain healthy during an instance refresh to allow the operation to continue, as a percentage of the desired capacity of the Auto Scaling group. Defaults to `90`. */ minHealthyPercentage?: pulumi.Input; /** * Behavior when encountering instances protected from scale in are found. Available behaviors are `Refresh`, `Ignore`, and `Wait`. Default is `Ignore`. */ scaleInProtectedInstances?: pulumi.Input; /** * Replace instances that already have your desired configuration. Defaults to `false`. */ skipMatching?: pulumi.Input; /** * Behavior when encountering instances in the `Standby` state in are found. Available behaviors are `Terminate`, `Ignore`, and `Wait`. Default is `Ignore`. */ standbyInstances?: pulumi.Input; } export interface GroupInstanceRefreshPreferencesAlarmSpecification { /** * List of Cloudwatch alarms. If any of these alarms goes into ALARM state, Instance Refresh is failed. */ alarms?: pulumi.Input[]>; } export interface GroupLaunchTemplate { /** * ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Can be version number, `$Latest`, or `$Default`. (Default: `$Default`). */ version?: pulumi.Input; } export interface GroupMixedInstancesPolicy { /** * Nested argument containing settings on how to mix on-demand and Spot instances in the Auto Scaling group. Defined below. */ instancesDistribution?: pulumi.Input; /** * Nested argument containing launch template settings along with the overrides to specify multiple instance types and weights. Defined below. */ launchTemplate: pulumi.Input; } export interface GroupMixedInstancesPolicyInstancesDistribution { /** * Strategy to use when launching on-demand instances. Valid values: `prioritized`, `lowest-price`. Default: `prioritized`. */ onDemandAllocationStrategy?: pulumi.Input; /** * Absolute minimum amount of desired capacity that must be fulfilled by on-demand instances. Default: `0`. */ onDemandBaseCapacity?: pulumi.Input; /** * Percentage split between on-demand and Spot instances above the base on-demand capacity. Default: `100`. */ onDemandPercentageAboveBaseCapacity?: pulumi.Input; /** * How to allocate capacity across the Spot pools. Valid values: `lowest-price`, `capacity-optimized`, `capacity-optimized-prioritized`, and `price-capacity-optimized`. Default: `lowest-price`. */ spotAllocationStrategy?: pulumi.Input; /** * Number of Spot pools per availability zone to allocate capacity. EC2 Auto Scaling selects the cheapest Spot pools and evenly allocates Spot capacity across the number of Spot pools that you specify. Only available with `spotAllocationStrategy` set to `lowest-price`. Otherwise it must be set to `0`, if it has been defined before. Default: `2`. */ spotInstancePools?: pulumi.Input; /** * Maximum price per unit hour that the user is willing to pay for the Spot instances. Default: an empty string which means the on-demand price. */ spotMaxPrice?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplate { /** * Override the instance launch template specification in the Launch Template. */ launchTemplateSpecification: pulumi.Input; /** * List of nested arguments provides the ability to specify multiple instance types. This will override the same parameter in the launch template. For on-demand instances, Auto Scaling considers the order of preference of instance types to launch based on the order specified in the overrides list. Defined below. */ overrides?: pulumi.Input[]>; } export interface GroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification { /** * ID of the launch template. Conflicts with `launchTemplateName`. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. Conflicts with `launchTemplateId`. */ launchTemplateName?: pulumi.Input; version?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverride { /** * Override the instance type in the Launch Template with instance types that satisfy the requirements. */ instanceRequirements?: pulumi.Input; /** * Override the instance type in the Launch Template. */ instanceType?: pulumi.Input; /** * Override the instance launch template specification in the Launch Template. */ launchTemplateSpecification?: pulumi.Input; /** * Number of capacity units, which gives the instance type a proportional weight to other instance types. */ weightedCapacity?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. * * ``` * Valid names: * * amazon-web-services * * amd * * nvidia * * xilinx * ``` */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. * * ``` * Valid names: * * a100 - NVIDIA A100 GPUs * * v100 - NVIDIA V100 GPUs * * k80 - NVIDIA K80 GPUs * * t4 - NVIDIA T4 GPUs * * m60 - NVIDIA M60 GPUs * * radeon-pro-v520 - AMD Radeon Pro V520 GPUs * * vu9p - Xilinx VU9P FPGAs * ``` */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * List of accelerator types. Default is any accelerator type. * * ``` * Valid types: * * fpga * * gpu * * inference * ``` */ acceleratorTypes?: pulumi.Input[]>; /** * List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types. * * > **NOTE:** If you specify `allowedInstanceTypes`, you can't specify `excludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * List of CPU manufacturer names. Default is any manufacturer. * * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * ``` * Valid names: * * amazon-web-services * * amd * * intel * ``` */ cpuManufacturers?: pulumi.Input[]>; /** * List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * > **NOTE:** If you specify `excludedInstanceTypes`, you can't specify `allowedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * List of instance generation names. Default is any generation. * * ``` * Valid names: * * current - Recommended for best performance. * * previous - For existing applications optimized for older instance types. * ``` */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Default any storage type. * * ``` * Value names: * * hdd - hard disk drive * * ssd - solid state drive * ``` */ localStorageTypes?: pulumi.Input[]>; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spotMaxPricePercentageOverLowestPrice` */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (MiB). Default is no maximum. */ memoryMib?: pulumi.Input; /** * Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * Price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * Price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `maxSpotPriceAsPercentageOfOptimalOnDemandPrice` * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorCount { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsAcceleratorTotalMemoryMib { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsBaselineEbsBandwidthMbps { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryGibPerVcpu { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsMemoryMib { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkBandwidthGbps { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsNetworkInterfaceCount { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsTotalLocalStorageGb { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideInstanceRequirementsVcpuCount { max?: pulumi.Input; min?: pulumi.Input; } export interface GroupMixedInstancesPolicyLaunchTemplateOverrideLaunchTemplateSpecification { /** * ID of the launch template. Conflicts with `launchTemplateName`. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. Conflicts with `launchTemplateId`. */ launchTemplateName?: pulumi.Input; version?: pulumi.Input; } export interface GroupTag { /** * Key */ key: pulumi.Input; /** * Enables propagation of the tag to * Amazon EC2 instances launched via this ASG * * To declare multiple tags, additional `tag` blocks can be specified. * * > **NOTE:** Other AWS APIs may automatically add special tags to their associated Auto Scaling Group for management purposes, such as ECS Capacity Providers adding the `AmazonECSManaged` tag. These generally should be included in the configuration so the provider does not attempt to remove them and so if the `minSize` was greater than zero on creation, that these tag(s) are applied to any initial EC2 Instances in the Auto Scaling Group. If these tag(s) were missing in the Auto Scaling Group configuration on creation, affected EC2 Instances missing the tags may require manual intervention of adding the tags to ensure they work properly with the other AWS service. */ propagateAtLaunch: pulumi.Input; /** * Value */ value: pulumi.Input; } export interface GroupTrafficSource { /** * Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region. */ identifier: pulumi.Input; /** * Provides additional context for the value of Identifier. * The following lists the valid values: * `elb` if `identifier` is the name of a Classic Load Balancer. * `elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group. * `vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group. */ type?: pulumi.Input; } export interface GroupWarmPool { /** * Whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in. */ instanceReusePolicy?: pulumi.Input; /** * Total maximum number of instances that are allowed to be in the warm pool or in any state except Terminated for the Auto Scaling group. */ maxGroupPreparedCapacity?: pulumi.Input; /** * Minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified. */ minSize?: pulumi.Input; /** * Sets the instance state to transition to after the lifecycle hooks finish. Valid values are: Stopped (default), Running or Hibernated. */ poolState?: pulumi.Input; } export interface GroupWarmPoolInstanceReusePolicy { /** * Whether instances in the Auto Scaling group can be returned to the warm pool on scale in. */ reuseOnScaleIn?: pulumi.Input; } export interface PolicyPredictiveScalingConfiguration { /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Valid values are `HonorMaxCapacity` or `IncreaseMaxCapacity`. Default is `HonorMaxCapacity`. */ maxCapacityBreachBehavior?: pulumi.Input; /** * Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. Valid range is `0` to `100`. If set to `0`, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity. */ maxCapacityBuffer?: pulumi.Input; /** * This structure includes the metrics and target utilization to use for predictive scaling. */ metricSpecification: pulumi.Input; /** * Predictive scaling mode. Valid values are `ForecastAndScale` and `ForecastOnly`. Default is `ForecastOnly`. */ mode?: pulumi.Input; /** * Amount of time, in seconds, by which the instance launch time can be advanced. Minimum is `0`. */ schedulingBufferTime?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecification { /** * Customized capacity metric specification. The field is only valid when you use `customizedLoadMetricSpecification` */ customizedCapacityMetricSpecification?: pulumi.Input; /** * Customized load metric specification. */ customizedLoadMetricSpecification?: pulumi.Input; /** * Customized scaling metric specification. */ customizedScalingMetricSpecification?: pulumi.Input; /** * Predefined load metric specification. */ predefinedLoadMetricSpecification?: pulumi.Input; /** * Metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use. */ predefinedMetricPairSpecification?: pulumi.Input; /** * Predefined scaling metric specification. */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecification { /** * List of up to 10 structures that defines custom capacity metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedCapacityMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecification { /** * List of up to 10 structures that defines custom load metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedLoadMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecification { /** * List of up to 10 structures that defines custom scaling metric in predictive scaling policy */ metricDataQueries: pulumi.Input[]>; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQuery { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in predictive scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in predictive scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationCustomizedScalingMetricSpecificationMetricDataQueryMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedLoadMetricSpecification { /** * Metric type. Valid values are `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`, or `ALBTargetGroupRequestCount`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information. */ resourceLabel?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedMetricPairSpecification { /** * Which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization`, the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric. Valid values are `ASGCPUUtilization`, `ASGNetworkIn`, `ASGNetworkOut`, or `ALBRequestCount`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information. */ resourceLabel?: pulumi.Input; } export interface PolicyPredictiveScalingConfigurationMetricSpecificationPredefinedScalingMetricSpecification { /** * Describes a scaling metric for a predictive scaling policy. Valid values are `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, or `ALBRequestCountPerTarget`. */ predefinedMetricType: pulumi.Input; /** * Label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). Refer to [PredefinedMetricSpecification](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PredefinedMetricSpecification.html) for more information. */ resourceLabel?: pulumi.Input; } export interface PolicyStepAdjustment { /** * Lower bound for the * difference between the alarm threshold and the CloudWatch metric. * Without a value, AWS will treat this bound as negative infinity. */ metricIntervalLowerBound?: pulumi.Input; /** * Upper bound for the * difference between the alarm threshold and the CloudWatch metric. * Without a value, AWS will treat this bound as positive infinity. The upper bound * must be greater than the lower bound. * * Notice the bounds are **relative** to the alarm threshold, meaning that the starting point is not 0%, but the alarm threshold. Check the official [docs](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-steps) for a detailed example. * * The following arguments are only available to "TargetTrackingScaling" type policies: */ metricIntervalUpperBound?: pulumi.Input; /** * Number of members by which to * scale, when the adjustment bounds are breached. A positive value scales * up. A negative value scales down. */ scalingAdjustment: pulumi.Input; } export interface PolicyTargetTrackingConfiguration { /** * Customized metric. Conflicts with `predefinedMetricSpecification`. */ customizedMetricSpecification?: pulumi.Input; /** * Whether scale in by the target tracking policy is disabled. */ disableScaleIn?: pulumi.Input; /** * Predefined metric. Conflicts with `customizedMetricSpecification`. */ predefinedMetricSpecification?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecification { /** * Dimensions of the metric. */ metricDimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName?: pulumi.Input; /** * Metrics to include, as a metric data query. */ metrics?: pulumi.Input[]>; /** * Namespace of the metric. */ namespace?: pulumi.Input; /** * Statistic of the metric. */ statistic?: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetric { /** * Math expression used on the returned metric. You must specify either `expression` or `metricStat`, but not both. */ expression?: pulumi.Input; /** * Short name for the metric used in target tracking scaling policy. */ id: pulumi.Input; /** * Human-readable label for this metric or expression. */ label?: pulumi.Input; /** * Structure that defines CloudWatch metric to be used in target tracking scaling policy. You must specify either `expression` or `metricStat`, but not both. */ metricStat?: pulumi.Input; /** * Boolean that indicates whether to return the timestamps and raw data values of this metric, the default is true */ returnData?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStat { /** * Structure that defines the CloudWatch metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * Statistic of the metrics to return. */ stat: pulumi.Input; /** * Unit of the metrics to return. */ unit?: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetric { /** * Dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; } export interface PolicyTargetTrackingConfigurationCustomizedMetricSpecificationMetricMetricStatMetricDimension { /** * Name of the dimension. */ name: pulumi.Input; /** * Value of the dimension. */ value: pulumi.Input; } export interface PolicyTargetTrackingConfigurationPredefinedMetricSpecification { /** * Metric type. */ predefinedMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } export interface TagTag { /** * Tag name. */ key: pulumi.Input; /** * Whether to propagate the tags to instances launched by the ASG. */ propagateAtLaunch: pulumi.Input; /** * Tag value. */ value: pulumi.Input; } export interface TrafficSourceAttachmentTrafficSource { /** * Identifies the traffic source. For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region. */ identifier: pulumi.Input; /** * Provides additional context for the value of `identifier`. * The following lists the valid values: * `elb` if `identifier` is the name of a Classic Load Balancer. * `elbv2` if `identifier` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group. * `vpc-lattice` if `identifier` is the ARN of a VPC Lattice target group. */ type: pulumi.Input; } } export namespace autoscalingplans { export interface ScalingPlanApplicationSource { /** * ARN of a AWS CloudFormation stack. */ cloudformationStackArn?: pulumi.Input; /** * Set of tags. */ tagFilters?: pulumi.Input[]>; } export interface ScalingPlanApplicationSourceTagFilter { /** * Tag key. */ key: pulumi.Input; /** * Tag values. */ values?: pulumi.Input[]>; } export interface ScalingPlanScalingInstruction { /** * Customized load metric to use for predictive scaling. You must specify either `customizedLoadMetricSpecification` or `predefinedLoadMetricSpecification` when configuring predictive scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedLoadMetricSpecification.html). */ customizedLoadMetricSpecification?: pulumi.Input; /** * Boolean controlling whether dynamic scaling by AWS Auto Scaling is disabled. Defaults to `false`. */ disableDynamicScaling?: pulumi.Input; /** * Maximum capacity of the resource. The exception to this upper limit is if you specify a non-default setting for `predictiveScalingMaxCapacityBehavior`. */ maxCapacity: pulumi.Input; /** * Minimum capacity of the resource. */ minCapacity: pulumi.Input; /** * Predefined load metric to use for predictive scaling. You must specify either `predefinedLoadMetricSpecification` or `customizedLoadMetricSpecification` when configuring predictive scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedLoadMetricSpecification.html). */ predefinedLoadMetricSpecification?: pulumi.Input; /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity specified for the resource. * Valid values: `SetForecastCapacityToMaxCapacity`, `SetMaxCapacityAboveForecastCapacity`, `SetMaxCapacityToForecastCapacity`. */ predictiveScalingMaxCapacityBehavior?: pulumi.Input; /** * Size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. */ predictiveScalingMaxCapacityBuffer?: pulumi.Input; /** * Predictive scaling mode. Valid values: `ForecastAndScale`, `ForecastOnly`. */ predictiveScalingMode?: pulumi.Input; /** * ID of the resource. This string consists of the resource type and unique identifier. */ resourceId: pulumi.Input; /** * Scalable dimension associated with the resource. Valid values: `autoscaling:autoScalingGroup:DesiredCapacity`, `dynamodb:index:ReadCapacityUnits`, `dynamodb:index:WriteCapacityUnits`, `dynamodb:table:ReadCapacityUnits`, `dynamodb:table:WriteCapacityUnits`, `ecs:service:DesiredCount`, `ec2:spot-fleet-request:TargetCapacity`, `rds:cluster:ReadReplicaCount`. */ scalableDimension: pulumi.Input; /** * Controls whether a resource's externally created scaling policies are kept or replaced. Valid values: `KeepExternalPolicies`, `ReplaceExternalPolicies`. Defaults to `KeepExternalPolicies`. */ scalingPolicyUpdateBehavior?: pulumi.Input; /** * Amount of time, in seconds, to buffer the run time of scheduled scaling actions when scaling out. */ scheduledActionBufferTime?: pulumi.Input; /** * Namespace of the AWS service. Valid values: `autoscaling`, `dynamodb`, `ecs`, `ec2`, `rds`. */ serviceNamespace: pulumi.Input; /** * Structure that defines new target tracking configurations. Each of these structures includes a specific scaling metric and a target value for the metric, along with various parameters to use with dynamic scaling. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_TargetTrackingConfiguration.html). */ targetTrackingConfigurations: pulumi.Input[]>; } export interface ScalingPlanScalingInstructionCustomizedLoadMetricSpecification { /** * Dimensions of the metric. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; /** * Statistic of the metric. Currently, the value must always be `Sum`. */ statistic: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface ScalingPlanScalingInstructionPredefinedLoadMetricSpecification { /** * Metric type. Valid values: `ALBTargetGroupRequestCount`, `ASGTotalCPUUtilization`, `ASGTotalNetworkIn`, `ASGTotalNetworkOut`. */ predefinedLoadMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfiguration { /** * Customized metric. You can specify either `customizedScalingMetricSpecification` or `predefinedScalingMetricSpecification`. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_CustomizedScalingMetricSpecification.html). */ customizedScalingMetricSpecification?: pulumi.Input; /** * Boolean indicating whether scale in by the target tracking scaling policy is disabled. Defaults to `false`. */ disableScaleIn?: pulumi.Input; /** * Estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. * This value is used only if the resource is an Auto Scaling group. */ estimatedInstanceWarmup?: pulumi.Input; /** * Predefined metric. You can specify either `predefinedScalingMetricSpecification` or `customizedScalingMetricSpecification`. * More details can be found in the [AWS Auto Scaling API Reference](https://docs.aws.amazon.com/autoscaling/plans/APIReference/API_PredefinedScalingMetricSpecification.html). */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Amount of time, in seconds, after a scale in activity completes before another scale in activity can start. * This value is not used if the scalable resource is an Auto Scaling group. */ scaleInCooldown?: pulumi.Input; /** * Amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start. * This value is not used if the scalable resource is an Auto Scaling group. */ scaleOutCooldown?: pulumi.Input; /** * Target value for the metric. */ targetValue: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfigurationCustomizedScalingMetricSpecification { /** * Dimensions of the metric. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Name of the metric. */ metricName: pulumi.Input; /** * Namespace of the metric. */ namespace: pulumi.Input; /** * Statistic of the metric. Valid values: `Average`, `Maximum`, `Minimum`, `SampleCount`, `Sum`. */ statistic: pulumi.Input; /** * Unit of the metric. */ unit?: pulumi.Input; } export interface ScalingPlanScalingInstructionTargetTrackingConfigurationPredefinedScalingMetricSpecification { /** * Metric type. Valid values: `ALBRequestCountPerTarget`, `ASGAverageCPUUtilization`, `ASGAverageNetworkIn`, `ASGAverageNetworkOut`, `DynamoDBReadCapacityUtilization`, `DynamoDBWriteCapacityUtilization`, `ECSServiceAverageCPUUtilization`, `ECSServiceAverageMemoryUtilization`, `EC2SpotFleetRequestAverageCPUUtilization`, `EC2SpotFleetRequestAverageNetworkIn`, `EC2SpotFleetRequestAverageNetworkOut`, `RDSReaderAverageCPUUtilization`, `RDSReaderAverageDatabaseConnections`. */ predefinedScalingMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. */ resourceLabel?: pulumi.Input; } } export namespace backup { export interface FrameworkControl { /** * One or more input parameter blocks. An example of a control with two parameters is: "backup plan frequency is at least daily and the retention period is at least 1 year". The first parameter is daily. The second parameter is 1 year. Detailed below. */ inputParameters?: pulumi.Input[]>; /** * The name of a control. This name is between 1 and 256 characters. */ name: pulumi.Input; /** * The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. Detailed below. */ scope?: pulumi.Input; } export interface FrameworkControlInputParameter { /** * The name of a parameter, for example, BackupPlanFrequency. */ name?: pulumi.Input; /** * The value of parameter, for example, hourly. */ value?: pulumi.Input; } export interface FrameworkControlScope { /** * The ID of the only AWS resource that you want your control scope to contain. Minimum number of 1 item. Maximum number of 100 items. */ complianceResourceIds?: pulumi.Input[]>; /** * Describes whether the control scope includes one or more types of resources, such as EFS or RDS. */ complianceResourceTypes?: pulumi.Input[]>; /** * The tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface LogicallyAirGappedVaultTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface PlanAdvancedBackupSetting { /** * Specifies the backup option for a selected resource. This option is only available for Windows VSS backup jobs. Set to `{ WindowsVSS = "enabled" }` to enable Windows VSS backup option and create a VSS Windows backup. */ backupOptions: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The type of AWS resource to be backed up. For VSS Windows backups, the only supported resource type is Amazon EC2. Valid values: `EC2`. */ resourceType: pulumi.Input; } export interface PlanRule { /** * The amount of time in minutes AWS Backup attempts a backup before canceling the job and returning an error. */ completionWindow?: pulumi.Input; /** * Configuration block(s) with copy operation settings. Detailed below. */ copyActions?: pulumi.Input[]>; /** * Enable continuous backups for supported resources. */ enableContinuousBackup?: pulumi.Input; /** * The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. Fields documented below. */ lifecycle?: pulumi.Input; /** * Metadata that you can assign to help organize the resources that you create. */ recoveryPointTags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * An display name for a backup rule. */ ruleName: pulumi.Input; /** * A CRON expression specifying when AWS Backup initiates a backup job. */ schedule?: pulumi.Input; /** * The timezone in which the schedule expression is set. Default value: `"Etc/UTC"`. */ scheduleExpressionTimezone?: pulumi.Input; /** * The amount of time in minutes before beginning a backup. */ startWindow?: pulumi.Input; /** * The name of a logical container where backups are stored. */ targetVaultName: pulumi.Input; } export interface PlanRuleCopyAction { /** * An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. */ destinationVaultArn: pulumi.Input; /** * The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. Fields documented above. */ lifecycle?: pulumi.Input; } export interface PlanRuleCopyActionLifecycle { /** * Specifies the number of days after creation that a recovery point is moved to cold storage. */ coldStorageAfter?: pulumi.Input; /** * Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `coldStorageAfter`. */ deleteAfter?: pulumi.Input; /** * This setting will instruct your backup plan to transition supported resources to archive (cold) storage tier in accordance with your lifecycle settings. */ optInToArchiveForSupportedResources?: pulumi.Input; } export interface PlanRuleLifecycle { /** * Specifies the number of days after creation that a recovery point is moved to cold storage. */ coldStorageAfter?: pulumi.Input; /** * Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `coldStorageAfter`. */ deleteAfter?: pulumi.Input; /** * This setting will instruct your backup plan to transition supported resources to archive (cold) storage tier in accordance with your lifecycle settings. */ optInToArchiveForSupportedResources?: pulumi.Input; } export interface ReportPlanReportDeliveryChannel { /** * A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV. */ formats?: pulumi.Input[]>; /** * The unique name of the S3 bucket that receives your reports. */ s3BucketName: pulumi.Input; /** * The prefix for where Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix. */ s3KeyPrefix?: pulumi.Input; } export interface ReportPlanReportSetting { /** * Specifies the list of accounts a report covers. */ accounts?: pulumi.Input[]>; /** * Specifies the Amazon Resource Names (ARNs) of the frameworks a report covers. */ frameworkArns?: pulumi.Input[]>; /** * Specifies the number of frameworks a report covers. */ numberOfFrameworks?: pulumi.Input; /** * Specifies the list of Organizational Units a report covers. */ organizationUnits?: pulumi.Input[]>; /** * Specifies the list of regions a report covers. */ regions?: pulumi.Input[]>; /** * Identifies the report template for the report. Reports are built using a report template. The report templates are: `RESOURCE_COMPLIANCE_REPORT` | `CONTROL_COMPLIANCE_REPORT` | `BACKUP_JOB_REPORT` | `COPY_JOB_REPORT` | `RESTORE_JOB_REPORT`. */ reportTemplate: pulumi.Input; } export interface RestoreTestingPlanRecoveryPointSelection { /** * Specifies the algorithm used for selecting recovery points. Valid values are "RANDOM_WITHIN_WINDOW" and "LATEST_WITHIN_WINDOW". */ algorithm: pulumi.Input; /** * Specifies the backup vaults to exclude from the recovery point selection. Each value must be a valid AWS ARN for a backup vault or "*" to exclude all backup vaults. */ excludeVaults?: pulumi.Input[]>; /** * Specifies the backup vaults to include in the recovery point selection. Each value must be a valid AWS ARN for a backup vault or "*" to include all backup vaults. */ includeVaults: pulumi.Input[]>; /** * Specifies the types of recovery points to include in the selection. Valid values are "CONTINUOUS" and "SNAPSHOT". */ recoveryPointTypes: pulumi.Input[]>; /** * Specifies the number of days within which the recovery points should be selected. Must be a value between 1 and 365. */ selectionWindowDays?: pulumi.Input; } export interface RestoreTestingSelectionProtectedResourceConditions { /** * The list of string equals conditions for resource tags. Filters the values of your tagged resources for only those resources that you tagged with the same value. Also called "exact matching.". See the structure for details */ stringEquals?: pulumi.Input[]>; /** * The list of string not equals conditions for resource tags. Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. Also called "negated matching.". See the structure for details */ stringNotEquals?: pulumi.Input[]>; } export interface RestoreTestingSelectionProtectedResourceConditionsStringEqual { /** * The Tag name, must start with one of the following prefixes: [aws:ResourceTag/] with a Minimum length of 1. Maximum length of 128, and can contain characters that are letters, white space, and numbers that can be represented in UTF-8 and the following characters: `+ - = . _ : /`. */ key: pulumi.Input; /** * The value of the Tag. Maximum length of 256. */ value: pulumi.Input; } export interface RestoreTestingSelectionProtectedResourceConditionsStringNotEqual { /** * The Tag name, must start with one of the following prefixes: [aws:ResourceTag/] with a Minimum length of 1. Maximum length of 128, and can contain characters that are letters, white space, and numbers that can be represented in UTF-8 and the following characters: `+ - = . _ : /`. */ key: pulumi.Input; /** * The value of the Tag. Maximum length of 256. */ value: pulumi.Input; } export interface SelectionCondition { stringEquals?: pulumi.Input[]>; stringLikes?: pulumi.Input[]>; stringNotEquals?: pulumi.Input[]>; stringNotLikes?: pulumi.Input[]>; } export interface SelectionConditionStringEqual { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringLike { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringNotEqual { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionConditionStringNotLike { /** * The key in a key-value pair. */ key: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } export interface SelectionSelectionTag { /** * The key in a key-value pair. */ key: pulumi.Input; /** * An operation, such as `StringEquals`, that is applied to a key-value pair used to filter resources in a selection. */ type: pulumi.Input; /** * The value in a key-value pair. */ value: pulumi.Input; } } export namespace batch { export interface ComputeEnvironmentComputeResources { /** * The allocation strategy to use for the compute resource in case not enough instances of the best fitting instance type can be allocated. For valid values, refer to the [AWS documentation](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-allocationStrategy). Defaults to `BEST_FIT`. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ allocationStrategy?: pulumi.Input; /** * Integer of maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20% (`20`), then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. If you leave this field empty, the default value is 100% of the On-Demand price. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ bidPercentage?: pulumi.Input; /** * The desired number of EC2 vCPUS in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ desiredVcpus?: pulumi.Input; /** * Provides information used to select Amazon Machine Images (AMIs) for EC2 instances in the compute environment. If Ec2Configuration isn't specified, the default is ECS_AL2. This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified. */ ec2Configurations?: pulumi.Input[]>; /** * The EC2 key pair that is used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ ec2KeyPair?: pulumi.Input; /** * The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, use `ec2Configuration` `imageIdOverride` instead) */ imageId?: pulumi.Input; /** * The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ instanceRole?: pulumi.Input; /** * A list of instance types that may be launched. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ instanceTypes?: pulumi.Input[]>; /** * The launch template to use for your compute resources. See details below. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ launchTemplate?: pulumi.Input; /** * The maximum number of EC2 vCPUs that an environment can reach. */ maxVcpus: pulumi.Input; /** * The minimum number of EC2 vCPUs that an environment should maintain. For `EC2` or `SPOT` compute environments, if the parameter is not explicitly defined, a `0` default value will be set. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ minVcpus?: pulumi.Input; /** * The Amazon EC2 placement group to associate with your compute resources. */ placementGroup?: pulumi.Input; /** * A list of EC2 security group that are associated with instances launched in the compute environment. This parameter is required for Fargate compute environments. */ securityGroupIds?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment. This parameter is required for SPOT compute environments. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ spotIamFleetRole?: pulumi.Input; /** * A list of VPC subnets into which the compute resources are launched. */ subnets: pulumi.Input[]>; /** * Key-value pair tags to be applied to resources that are launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The type of compute environment. Valid items are `EC2`, `SPOT`, `FARGATE` or `FARGATE_SPOT`. */ type: pulumi.Input; } export interface ComputeEnvironmentComputeResourcesEc2Configuration { /** * The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` argument in the `computeResources` block. */ imageIdOverride?: pulumi.Input; /** * The image type to match with the instance type to select an AMI. If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) (`ECS_AL2`) is used. */ imageType?: pulumi.Input; } export interface ComputeEnvironmentComputeResourcesLaunchTemplate { /** * ID of the launch template. You must specify either the launch template ID or launch template name in the request, but not both. */ launchTemplateId?: pulumi.Input; /** * Name of the launch template. */ launchTemplateName?: pulumi.Input; /** * The version number of the launch template. Default: The default version of the launch template. */ version?: pulumi.Input; } export interface ComputeEnvironmentEksConfiguration { /** * The Amazon Resource Name (ARN) of the Amazon EKS cluster. */ eksClusterArn: pulumi.Input; /** * The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace. */ kubernetesNamespace: pulumi.Input; } export interface ComputeEnvironmentUpdatePolicy { /** * Specifies the job timeout (in minutes) when the compute environment infrastructure is updated. */ jobExecutionTimeoutMinutes: pulumi.Input; /** * Specifies whether jobs are automatically terminated when the computer environment infrastructure is updated. */ terminateJobsOnUpdate: pulumi.Input; } export interface JobDefinitionEksProperties { /** * Properties for the Kubernetes pod resources of a job. See `podProperties` below. */ podProperties: pulumi.Input; } export interface JobDefinitionEksPropertiesPodProperties { /** * Properties of the container that's used on the Amazon EKS pod. See containers below. */ containers: pulumi.Input; /** * DNS policy for the pod. The default value is `ClusterFirst`. If the `hostNetwork` argument is not specified, the default is `ClusterFirstWithHostNet`. `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see Pod's DNS policy in the Kubernetes documentation. */ dnsPolicy?: pulumi.Input; /** * Whether the pod uses the hosts' network IP address. The default value is `true`. Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. */ hostNetwork?: pulumi.Input; /** * List of Kubernetes secret resources. See `imagePullSecret` below. */ imagePullSecrets?: pulumi.Input[]>; /** * Containers which run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. See containers below. */ initContainers?: pulumi.Input[]>; /** * Metadata about the Kubernetes pod. */ metadata?: pulumi.Input; /** * Name of the service account that's used to run the pod. */ serviceAccountName?: pulumi.Input; /** * Indicates if the processes in a container are shared, or visible, to other containers in the same pod. */ shareProcessNamespace?: pulumi.Input; /** * Volumes for a job definition that uses Amazon EKS resources. AWS Batch supports emptyDir, hostPath, and secret volume types. */ volumes?: pulumi.Input[]>; } export interface JobDefinitionEksPropertiesPodPropertiesContainers { /** * Array of arguments to the entrypoint. If this isn't specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container's environment. */ args?: pulumi.Input[]>; /** * Entrypoint for the container. This isn't run within a shell. If this isn't specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container's environment. */ commands?: pulumi.Input[]>; /** * Environment variables to pass to a container. See EKS Environment below. */ envs?: pulumi.Input[]>; /** * Docker image used to start the container. */ image: pulumi.Input; /** * Image pull policy for the container. Supported values are `Always`, `IfNotPresent`, and `Never`. */ imagePullPolicy?: pulumi.Input; /** * Name of the container. If the name isn't specified, the default name "Default" is used. Each container in a pod must have a unique name. */ name?: pulumi.Input; /** * Type and amount of resources to assign to a container. The supported resources include `memory`, `cpu`, and `nvidia.com/gpu`. */ resources?: pulumi.Input; /** * Security context for a job. */ securityContext?: pulumi.Input; /** * Volume mounts for the container. */ volumeMounts?: pulumi.Input[]>; } export interface JobDefinitionEksPropertiesPodPropertiesContainersEnv { /** * Name of the job definition. */ name: pulumi.Input; /** * Value of the environment variable. */ value: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesContainersResources { limits?: pulumi.Input<{[key: string]: pulumi.Input}>; requests?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface JobDefinitionEksPropertiesPodPropertiesContainersSecurityContext { privileged?: pulumi.Input; readOnlyRootFileSystem?: pulumi.Input; runAsGroup?: pulumi.Input; runAsNonRoot?: pulumi.Input; runAsUser?: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesContainersVolumeMount { mountPath: pulumi.Input; /** * Name of the job definition. */ name: pulumi.Input; readOnly?: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesImagePullSecret { /** * Unique identifier. */ name: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesInitContainer { /** * Array of arguments to the entrypoint. If this isn't specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container's environment. */ args?: pulumi.Input[]>; /** * Entrypoint for the container. This isn't run within a shell. If this isn't specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container's environment. */ commands?: pulumi.Input[]>; /** * Environment variables to pass to a container. See EKS Environment below. */ envs?: pulumi.Input[]>; /** * Docker image used to start the container. */ image: pulumi.Input; /** * Image pull policy for the container. Supported values are `Always`, `IfNotPresent`, and `Never`. */ imagePullPolicy?: pulumi.Input; /** * Name of the job definition. */ name?: pulumi.Input; /** * Type and amount of resources to assign to a container. The supported resources include `memory`, `cpu`, and `nvidia.com/gpu`. */ resources?: pulumi.Input; /** * Security context for a job. */ securityContext?: pulumi.Input; /** * Volume mounts for the container. */ volumeMounts?: pulumi.Input[]>; } export interface JobDefinitionEksPropertiesPodPropertiesInitContainerEnv { /** * Name of the job definition. */ name: pulumi.Input; /** * Value of the environment variable. */ value: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesInitContainerResources { limits?: pulumi.Input<{[key: string]: pulumi.Input}>; requests?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface JobDefinitionEksPropertiesPodPropertiesInitContainerSecurityContext { privileged?: pulumi.Input; readOnlyRootFileSystem?: pulumi.Input; runAsGroup?: pulumi.Input; runAsNonRoot?: pulumi.Input; runAsUser?: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesInitContainerVolumeMount { mountPath: pulumi.Input; /** * Name of the job definition. */ name: pulumi.Input; readOnly?: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesMetadata { /** * Key-value pairs used to identify, sort, and organize cube resources. */ labels?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface JobDefinitionEksPropertiesPodPropertiesVolume { emptyDir?: pulumi.Input; hostPath?: pulumi.Input; /** * Name of the job definition. */ name?: pulumi.Input; secret?: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesVolumeEmptyDir { /** * Medium to store the volume. The default value is an empty string, which uses the storage of the node. */ medium?: pulumi.Input; /** * Maximum size of the volume. By default, there's no maximum size defined. */ sizeLimit: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesVolumeHostPath { /** * Path of the file or directory on the host to mount into containers on the pod. */ path: pulumi.Input; } export interface JobDefinitionEksPropertiesPodPropertiesVolumeSecret { /** * Whether the secret or the secret's keys must be defined. */ optional?: pulumi.Input; /** * Name of the secret. The name must be allowed as a DNS subdomain name. */ secretName: pulumi.Input; } export interface JobDefinitionRetryStrategy { /** * Number of times to move a job to the `RUNNABLE` status. You may specify between `1` and `10` attempts. */ attempts?: pulumi.Input; /** * Evaluate on exit conditions under which the job should be retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. You may specify up to 5 configuration blocks. */ evaluateOnExits?: pulumi.Input[]>; } export interface JobDefinitionRetryStrategyEvaluateOnExit { /** * Action to take if all of the specified conditions are met. The values are not case sensitive. Valid values: `retry`, `exit`. */ action: pulumi.Input; /** * Glob pattern to match against the decimal representation of the exit code returned for a job. */ onExitCode?: pulumi.Input; /** * Glob pattern to match against the reason returned for a job. */ onReason?: pulumi.Input; /** * Glob pattern to match against the status reason returned for a job. */ onStatusReason?: pulumi.Input; } export interface JobDefinitionTimeout { /** * Time duration in seconds after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is `60` seconds. */ attemptDurationSeconds?: pulumi.Input; } export interface JobQueueComputeEnvironmentOrder { /** * The Amazon Resource Name (ARN) of the compute environment. */ computeEnvironment: pulumi.Input; /** * The order of the compute environment. Compute environments are tried in ascending order. For example, if two compute environments are associated with a job queue, the compute environment with a lower order integer value is tried for job placement first. */ order: pulumi.Input; } export interface JobQueueJobStateTimeLimitAction { /** * The action to take when a job is at the head of the job queue in the specified state for the specified period of time. Valid values include `"CANCEL"` * * `job_state_time_limit_action.#.max_time_seconds` - The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. Valid values include integers between `600` & `86400` */ action: pulumi.Input; maxTimeSeconds: pulumi.Input; /** * The reason to log for the action being taken. */ reason: pulumi.Input; /** * The state of the job needed to trigger the action. Valid values include `"RUNNABLE"`. */ state: pulumi.Input; } export interface JobQueueTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface SchedulingPolicyFairSharePolicy { /** * A value used to reserve some of the available maximum vCPU for fair share identifiers that have not yet been used. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). */ computeReservation?: pulumi.Input; shareDecaySeconds?: pulumi.Input; /** * One or more share distribution blocks which define the weights for the fair share identifiers for the fair share policy. For more information, see [FairsharePolicy](https://docs.aws.amazon.com/batch/latest/APIReference/API_FairsharePolicy.html). The `shareDistribution` block is documented below. */ shareDistributions?: pulumi.Input[]>; } export interface SchedulingPolicyFairSharePolicyShareDistribution { /** * A fair share identifier or fair share identifier prefix. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html). */ shareIdentifier: pulumi.Input; /** * The weight factor for the fair share identifier. For more information, see [ShareAttributes](https://docs.aws.amazon.com/batch/latest/APIReference/API_ShareAttributes.html). */ weightFactor?: pulumi.Input; } } export namespace bcmdata { export interface ExportExport { /** * Data query for this specific data export. See the `dataQuery` argument reference below. */ dataQueries?: pulumi.Input[]>; /** * Description for this specific data export. */ description?: pulumi.Input; /** * Destination configuration for this specific data export. See the `destinationConfigurations` argument reference below. */ destinationConfigurations?: pulumi.Input[]>; /** * Amazon Resource Name (ARN) for this export. */ exportArn?: pulumi.Input; /** * Name of this specific data export. */ name: pulumi.Input; /** * Cadence for Amazon Web Services to update the export in your S3 bucket. See the `refreshCadence` argument reference below. */ refreshCadences?: pulumi.Input[]>; } export interface ExportExportDataQuery { /** * Query statement. */ queryStatement: pulumi.Input; /** * Table configuration. */ tableConfigurations?: pulumi.Input<{[key: string]: pulumi.Input<{[key: string]: pulumi.Input}>}>; } export interface ExportExportDestinationConfiguration { /** * Object that describes the destination of the data exports file. See the `s3Destination` argument reference below. */ s3Destinations?: pulumi.Input[]>; } export interface ExportExportDestinationConfigurationS3Destination { /** * Name of the Amazon S3 bucket used as the destination of a data export file. */ s3Bucket: pulumi.Input; /** * Output configuration for the data export. See the `s3OutputConfigurations` argument reference below. */ s3OutputConfigurations?: pulumi.Input[]>; /** * S3 path prefix you want prepended to the name of your data export. */ s3Prefix: pulumi.Input; /** * S3 bucket region. */ s3Region: pulumi.Input; } export interface ExportExportDestinationConfigurationS3DestinationS3OutputConfiguration { /** * Compression type for the data export. Valid values `GZIP`, `PARQUET`. */ compression: pulumi.Input; /** * File format for the data export. Valid values `TEXT_OR_CSV` or `PARQUET`. */ format: pulumi.Input; /** * Output type for the data export. Valid value `CUSTOM`. */ outputType: pulumi.Input; /** * The rule to follow when generating a version of the data export file. You have the choice to overwrite the previous version or to be delivered in addition to the previous versions. Overwriting exports can save on Amazon S3 storage costs. Creating new export versions allows you to track the changes in cost and usage data over time. Valid values `CREATE_NEW_REPORT` or `OVERWRITE_REPORT`. */ overwrite: pulumi.Input; } export interface ExportExportRefreshCadence { /** * Frequency that data exports are updated. The export refreshes each time the source data updates, up to three times daily. Valid values `SYNCHRONOUS`. */ frequency: pulumi.Input; } export interface ExportTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace bedrock { export interface AgentAgentActionGroupActionGroupExecutor { /** * Custom control method for handling the information elicited from the user. Valid values: `RETURN_CONTROL`. * To skip using a Lambda function and instead return the predicted action group, in addition to the parameters and information required for it, in the `InvokeAgent` response, specify `RETURN_CONTROL`. * Only one of `customControl` or `lambda` can be specified. */ customControl?: pulumi.Input; /** * ARN of the Lambda function containing the business logic that is carried out upon invoking the action. * Only one of `lambda` or `customControl` can be specified. */ lambda?: pulumi.Input; } export interface AgentAgentActionGroupApiSchema { /** * JSON or YAML-formatted payload defining the OpenAPI schema for the action group. * Only one of `payload` or `s3` can be specified. */ payload?: pulumi.Input; /** * Details about the S3 object containing the OpenAPI schema for the action group. See `s3` Block for details. * Only one of `s3` or `payload` can be specified. */ s3?: pulumi.Input; } export interface AgentAgentActionGroupApiSchemaS3 { /** * Name of the S3 bucket. */ s3BucketName?: pulumi.Input; /** * S3 object key containing the resource. */ s3ObjectKey?: pulumi.Input; } export interface AgentAgentActionGroupFunctionSchema { /** * Contains a list of functions. * Each function describes and action in the action group. * See `memberFunctions` Block for details. */ memberFunctions?: pulumi.Input; } export interface AgentAgentActionGroupFunctionSchemaMemberFunctions { /** * Functions that each define an action in the action group. See `functions` Block for details. */ functions?: pulumi.Input[]>; } export interface AgentAgentActionGroupFunctionSchemaMemberFunctionsFunction { /** * Description of the function and its purpose. */ description?: pulumi.Input; /** * Name for the function. */ name: pulumi.Input; /** * Parameters that the agent elicits from the user to fulfill the function. See `parameters` Block for details. */ parameters?: pulumi.Input[]>; } export interface AgentAgentActionGroupFunctionSchemaMemberFunctionsFunctionParameter { /** * Description of the parameter. Helps the foundation model determine how to elicit the parameters from the user. */ description?: pulumi.Input; /** * Name of the parameter. * * **Note:** The argument name `mapBlockKey` may seem out of context, but is necessary for backward compatibility reasons in the provider. */ mapBlockKey: pulumi.Input; /** * Whether the parameter is required for the agent to complete the function for action group invocation. */ required?: pulumi.Input; /** * Data type of the parameter. Valid values: `string`, `number`, `integer`, `boolean`, `array`. */ type: pulumi.Input; } export interface AgentAgentActionGroupTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface AgentAgentAliasRoutingConfiguration { /** * Version of the agent with which the alias is associated. */ agentVersion: pulumi.Input; /** * ARN of the Provisioned Throughput assigned to the agent alias. */ provisionedThroughput: pulumi.Input; } export interface AgentAgentAliasTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface AgentAgentGuardrailConfiguration { /** * Unique identifier of the guardrail. */ guardrailIdentifier: pulumi.Input; /** * Version of the guardrail. */ guardrailVersion: pulumi.Input; } export interface AgentAgentKnowledgeBaseAssociationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface AgentAgentPromptOverrideConfiguration { /** * ARN of the Lambda function to use when parsing the raw foundation model output in parts of the agent sequence. If you specify this field, at least one of the `promptConfigurations` block must contain a `parserMode` value that is set to `OVERRIDDEN`. */ overrideLambda: pulumi.Input; /** * Configurations to override a prompt template in one part of an agent sequence. See `promptConfigurations` Block for details. */ promptConfigurations: pulumi.Input[]>; } export interface AgentAgentPromptOverrideConfigurationPromptConfiguration { /** * prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html). */ basePromptTemplate: pulumi.Input; /** * Inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType`. For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html). See `inferenceConfiguration` Block for details. */ inferenceConfigurations: pulumi.Input[]>; /** * Whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the `promptType`. If you set the argument as `OVERRIDDEN`, the `overrideLambda` argument in the `promptOverrideConfiguration` block must be specified with the ARN of a Lambda function. Valid values: `DEFAULT`, `OVERRIDDEN`. */ parserMode: pulumi.Input; /** * Whether to override the default prompt template for this `promptType`. Set this argument to `OVERRIDDEN` to use the prompt that you provide in the `basePromptTemplate`. If you leave it as `DEFAULT`, the agent uses a default prompt template. Valid values: `DEFAULT`, `OVERRIDDEN`. */ promptCreationMode: pulumi.Input; /** * Whether to allow the agent to carry out the step specified in the `promptType`. If you set this argument to `DISABLED`, the agent skips that step. Valid Values: `ENABLED`, `DISABLED`. */ promptState: pulumi.Input; /** * Step in the agent sequence that this prompt configuration applies to. Valid values: `PRE_PROCESSING`, `ORCHESTRATION`, `POST_PROCESSING`, `KNOWLEDGE_BASE_RESPONSE_GENERATION`. */ promptType: pulumi.Input; } export interface AgentAgentPromptOverrideConfigurationPromptConfigurationInferenceConfiguration { /** * Maximum number of tokens to allow in the generated response. */ maxLength: pulumi.Input; /** * List of stop sequences. A stop sequence is a sequence of characters that causes the model to stop generating the response. */ stopSequences: pulumi.Input[]>; /** * Likelihood of the model selecting higher-probability options while generating a response. A lower value makes the model more likely to choose higher-probability options, while a higher value makes the model more likely to choose lower-probability options. */ temperature: pulumi.Input; /** * Number of top most-likely candidates, between 0 and 500, from which the model chooses the next token in the sequence. */ topK: pulumi.Input; /** * Top percentage of the probability distribution of next tokens, between 0 and 1 (denoting 0% and 100%), from which the model chooses the next token in the sequence. */ topP: pulumi.Input; } export interface AgentAgentTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface AgentDataSourceDataSourceConfiguration { /** * Details about the configuration of the S3 object containing the data source. See `s3DataSourceConfiguration` block for details. */ s3Configuration?: pulumi.Input; /** * Type of storage for the data source. Valid values: `S3`. */ type: pulumi.Input; } export interface AgentDataSourceDataSourceConfigurationS3Configuration { /** * ARN of the bucket that contains the data source. */ bucketArn: pulumi.Input; /** * Bucket account owner ID for the S3 bucket. */ bucketOwnerAccountId?: pulumi.Input; /** * List of S3 prefixes that define the object containing the data sources. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html). */ inclusionPrefixes?: pulumi.Input[]>; } export interface AgentDataSourceServerSideEncryptionConfiguration { /** * ARN of the AWS KMS key used to encrypt the resource. */ kmsKeyArn?: pulumi.Input; } export interface AgentDataSourceTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfiguration { /** * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. See `chunkingConfiguration` block for details. */ chunkingConfiguration?: pulumi.Input; /** * Configuration for custom transformation of data source documents. */ customTransformationConfiguration?: pulumi.Input; /** * Configuration for custom parsing of data source documents. See `parsingConfiguration` block for details. */ parsingConfiguration?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationChunkingConfiguration { /** * Option for chunking your source data, either in fixed-sized chunks or as one chunk. Valid values: `FIXED_SIZE`, `HIERARCHICAL`, `SEMANTIC`, `NONE`. */ chunkingStrategy: pulumi.Input; /** * Configurations for when you choose fixed-size chunking. Requires chunkingStrategy as `FIXED_SIZE`. See `fixedSizeChunkingConfiguration` for details. */ fixedSizeChunkingConfiguration?: pulumi.Input; /** * Configurations for when you choose hierarchical chunking. Requires chunkingStrategy as `HIERARCHICAL`. See `hierarchicalChunkingConfiguration` for details. */ hierarchicalChunkingConfiguration?: pulumi.Input; /** * Configurations for when you choose semantic chunking. Requires chunkingStrategy as `SEMANTIC`. See `semanticChunkingConfiguration` for details. */ semanticChunkingConfiguration?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationChunkingConfigurationFixedSizeChunkingConfiguration { /** * Maximum number of tokens to include in a chunk. */ maxTokens: pulumi.Input; /** * Percentage of overlap between adjacent chunks of a data source. */ overlapPercentage: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationChunkingConfigurationHierarchicalChunkingConfiguration { /** * Maximum number of tokens to include in a chunk. Must contain two `levelConfigurations`. See `levelConfigurations` for details. */ levelConfigurations: pulumi.Input[]>; /** * The number of tokens to repeat across chunks in the same layer. */ overlapTokens: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationChunkingConfigurationHierarchicalChunkingConfigurationLevelConfiguration { /** * The maximum number of tokens that a chunk can contain in this layer. */ maxTokens: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationChunkingConfigurationSemanticChunkingConfiguration { /** * The dissimilarity threshold for splitting chunks. */ breakpointPercentileThreshold: pulumi.Input; /** * The buffer size. */ bufferSize: pulumi.Input; maxToken: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfiguration { /** * The intermediate storage for custom transformation. */ intermediateStorage?: pulumi.Input; transformation?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfigurationIntermediateStorage { /** * Configuration block for intermedia S3 storage. */ s3Location?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfigurationIntermediateStorageS3Location { /** * S3 URI for intermediate storage. */ uri: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfigurationTransformation { /** * Currently only `POST_CHUNKING` is supported. */ stepToApply: pulumi.Input; /** * The configuration of transformation function. */ transformationFunction?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfigurationTransformationTransformationFunction { /** * The lambda configuration for custom transformation. */ transformationLambdaConfiguration?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationCustomTransformationConfigurationTransformationTransformationFunctionTransformationLambdaConfiguration { /** * The ARN of the lambda to use for custom transformation. */ lambdaArn: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationParsingConfiguration { /** * Settings for a foundation model used to parse documents in a data source. See `bedrockFoundationModelConfiguration` block for details. */ bedrockFoundationModelConfiguration?: pulumi.Input; /** * Currently only `BEDROCK_FOUNDATION_MODEL` is supported */ parsingStrategy: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationParsingConfigurationBedrockFoundationModelConfiguration { /** * The ARN of the model used to parse documents */ modelArn: pulumi.Input; /** * Instructions for interpreting the contents of the document. See `parsingPrompt` block for details. */ parsingPrompt?: pulumi.Input; } export interface AgentDataSourceVectorIngestionConfigurationParsingConfigurationBedrockFoundationModelConfigurationParsingPrompt { /** * Instructions for interpreting the contents of the document. */ parsingPromptString: pulumi.Input; } export interface AgentKnowledgeBaseKnowledgeBaseConfiguration { /** * Type of data that the data source is converted into for the knowledge base. Valid Values: `VECTOR`. */ type: pulumi.Input; /** * Details about the embeddings model that'sused to convert the data source. See `vectorKnowledgeBaseConfiguration` block for details. */ vectorKnowledgeBaseConfiguration?: pulumi.Input; } export interface AgentKnowledgeBaseKnowledgeBaseConfigurationVectorKnowledgeBaseConfiguration { /** * ARN of the model used to create vector embeddings for the knowledge base. */ embeddingModelArn: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfiguration { /** * The storage configuration of the knowledge base in Amazon OpenSearch Service. See `opensearchServerlessConfiguration` block for details. */ opensearchServerlessConfiguration?: pulumi.Input; /** * The storage configuration of the knowledge base in Pinecone. See `pineconeConfiguration` block for details. */ pineconeConfiguration?: pulumi.Input; /** * Details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup.html). See `rdsConfiguration` block for details. */ rdsConfiguration?: pulumi.Input; /** * The storage configuration of the knowledge base in Redis Enterprise Cloud. See `redisEnterpriseCloudConfiguration` block for details. */ redisEnterpriseCloudConfiguration?: pulumi.Input; /** * Vector store service in which the knowledge base is stored. Valid Values: `OPENSEARCH_SERVERLESS`, `PINECONE`, `REDIS_ENTERPRISE_CLOUD`, `RDS`. */ type: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfiguration { /** * ARN of the OpenSearch Service vector store. */ collectionArn: pulumi.Input; /** * The names of the fields to which to map information about the vector store. This block supports the following arguments: */ fieldMapping?: pulumi.Input; /** * Name of the vector store. */ vectorIndexName: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationOpensearchServerlessConfigurationFieldMapping { /** * Name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField?: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField?: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField?: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationPineconeConfiguration { /** * Endpoint URL for your index management page. */ connectionString: pulumi.Input; /** * ARN of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key. */ credentialsSecretArn: pulumi.Input; /** * The names of the fields to which to map information about the vector store. This block supports the following arguments: */ fieldMapping?: pulumi.Input; /** * Namespace to be used to write new data to your database. */ namespace?: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationPineconeConfigurationFieldMapping { /** * Name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField?: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField?: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationRdsConfiguration { /** * ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database. */ credentialsSecretArn: pulumi.Input; /** * Name of your Amazon RDS database. */ databaseName: pulumi.Input; /** * Names of the fields to which to map information about the vector store. This block supports the following arguments: */ fieldMapping?: pulumi.Input; /** * ARN of the vector store. */ resourceArn: pulumi.Input; /** * Name of the table in the database. */ tableName: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping { /** * Name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the ID for each entry. */ primaryKeyField: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration { /** * ARN of the secret that you created in AWS Secrets Manager that is linked to your Redis Enterprise Cloud database. */ credentialsSecretArn: pulumi.Input; /** * Endpoint URL of the Redis Enterprise Cloud database. */ endpoint: pulumi.Input; /** * The names of the fields to which to map information about the vector store. This block supports the following arguments: */ fieldMapping?: pulumi.Input; /** * Name of the vector index. */ vectorIndexName: pulumi.Input; } export interface AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationFieldMapping { /** * Name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField?: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField?: pulumi.Input; /** * Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField?: pulumi.Input; } export interface AgentKnowledgeBaseTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface CustomModelOutputDataConfig { /** * The S3 URI where the output data is stored. */ s3Uri: pulumi.Input; } export interface CustomModelTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface CustomModelTrainingDataConfig { /** * The S3 URI where the training data is stored. */ s3Uri: pulumi.Input; } export interface CustomModelTrainingMetric { /** * Loss metric associated with the customization job. */ trainingLoss: pulumi.Input; } export interface CustomModelValidationDataConfig { /** * Information about the validators. */ validators?: pulumi.Input[]>; } export interface CustomModelValidationDataConfigValidator { /** * The S3 URI where the validation data is stored. */ s3Uri: pulumi.Input; } export interface CustomModelValidationMetric { /** * The validation loss associated with the validator. */ validationLoss: pulumi.Input; } export interface CustomModelVpcConfig { /** * VPC configuration security group IDs. */ securityGroupIds: pulumi.Input[]>; /** * VPC configuration subnets. */ subnetIds: pulumi.Input[]>; } export interface GetAgentAgentVersionsAgentVersionSummary { /** * Name of agent to which the version belongs. */ agentName?: string; /** * Status of the agent to which the version belongs. */ agentStatus?: string; /** * Version of the agent. */ agentVersion?: string; /** * Time at which the version was created. */ createdAt?: string; /** * Description of the version of the agent. * * `GuardrailConfiguration` - Details aout the guardrail associated with the agent. See Guardrail Configuration */ description?: string; guardrailConfigurations?: inputs.bedrock.GetAgentAgentVersionsAgentVersionSummaryGuardrailConfiguration[]; /** * Time at which the version was last updated. */ updatedAt?: string; } export interface GetAgentAgentVersionsAgentVersionSummaryArgs { /** * Name of agent to which the version belongs. */ agentName?: pulumi.Input; /** * Status of the agent to which the version belongs. */ agentStatus?: pulumi.Input; /** * Version of the agent. */ agentVersion?: pulumi.Input; /** * Time at which the version was created. */ createdAt?: pulumi.Input; /** * Description of the version of the agent. * * `GuardrailConfiguration` - Details aout the guardrail associated with the agent. See Guardrail Configuration */ description?: pulumi.Input; guardrailConfigurations?: pulumi.Input[]>; /** * Time at which the version was last updated. */ updatedAt?: pulumi.Input; } export interface GetAgentAgentVersionsAgentVersionSummaryGuardrailConfiguration { /** * Unique identifier of the guardrail. */ guardrailIdentifier?: string; /** * Version of the guardrail. */ guardrailVersion?: string; } export interface GetAgentAgentVersionsAgentVersionSummaryGuardrailConfigurationArgs { /** * Unique identifier of the guardrail. */ guardrailIdentifier?: pulumi.Input; /** * Version of the guardrail. */ guardrailVersion?: pulumi.Input; } export interface GuardrailContentPolicyConfig { /** * List of content filter configs in content policy. See Filters Config for more information. */ filtersConfigs?: pulumi.Input[]>; } export interface GuardrailContentPolicyConfigFiltersConfig { /** * Strength for filters. */ inputStrength: pulumi.Input; /** * Strength for filters. */ outputStrength: pulumi.Input; /** * Type of contextual grounding filter. */ type: pulumi.Input; } export interface GuardrailContextualGroundingPolicyConfig { /** * List of contextual grounding filter configs. See Contextual Grounding Filters Config for more information. */ filtersConfigs?: pulumi.Input[]>; } export interface GuardrailContextualGroundingPolicyConfigFiltersConfig { /** * The threshold for this filter. */ threshold: pulumi.Input; /** * Type of contextual grounding filter. */ type: pulumi.Input; } export interface GuardrailSensitiveInformationPolicyConfig { /** * List of entities. See PII Entities Config for more information. */ piiEntitiesConfigs?: pulumi.Input[]>; /** * List of regex. See Regexes Config for more information. */ regexesConfigs?: pulumi.Input[]>; } export interface GuardrailSensitiveInformationPolicyConfigPiiEntitiesConfig { /** * Options for sensitive information action. */ action: pulumi.Input; /** * The currently supported PII entities. */ type: pulumi.Input; } export interface GuardrailSensitiveInformationPolicyConfigRegexesConfig { /** * Options for sensitive information action. */ action: pulumi.Input; /** * The regex description. */ description?: pulumi.Input; /** * The regex name. */ name: pulumi.Input; /** * The regex pattern. */ pattern: pulumi.Input; } export interface GuardrailTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface GuardrailTopicPolicyConfig { /** * List of topic configs in topic policy. See Topics Config for more information. */ topicsConfigs?: pulumi.Input[]>; } export interface GuardrailTopicPolicyConfigTopicsConfig { /** * Definition of topic in topic policy. */ definition: pulumi.Input; /** * List of text examples. */ examples?: pulumi.Input[]>; /** * Name of topic in topic policy. */ name: pulumi.Input; /** * Type of topic in a policy. */ type: pulumi.Input; } export interface GuardrailVersionTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface GuardrailWordPolicyConfig { /** * A config for the list of managed words. See Managed Word Lists Config for more information. */ managedWordListsConfigs?: pulumi.Input[]>; /** * List of custom word configs. See Words Config for more information. */ wordsConfigs?: pulumi.Input[]>; } export interface GuardrailWordPolicyConfigManagedWordListsConfig { /** * Options for managed words. */ type: pulumi.Input; } export interface GuardrailWordPolicyConfigWordsConfig { /** * The custom word text. */ text: pulumi.Input; } export interface ProvisionedModelThroughputTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } } export namespace bedrockfoundation { } export namespace bedrockmodel { export interface InvocationLoggingConfigurationLoggingConfig { /** * CloudWatch logging configuration. */ cloudwatchConfig?: pulumi.Input; /** * Set to include embeddings data in the log delivery. */ embeddingDataDeliveryEnabled: pulumi.Input; /** * Set to include image data in the log delivery. */ imageDataDeliveryEnabled: pulumi.Input; /** * S3 configuration for storing log data. */ s3Config?: pulumi.Input; /** * Set to include text data in the log delivery. */ textDataDeliveryEnabled: pulumi.Input; } export interface InvocationLoggingConfigurationLoggingConfigCloudwatchConfig { /** * S3 configuration for delivering a large amount of data. */ largeDataDeliveryS3Config?: pulumi.Input; /** * Log group name. */ logGroupName?: pulumi.Input; /** * The role ARN. */ roleArn?: pulumi.Input; } export interface InvocationLoggingConfigurationLoggingConfigCloudwatchConfigLargeDataDeliveryS3Config { /** * S3 bucket name. */ bucketName?: pulumi.Input; /** * S3 prefix. */ keyPrefix?: pulumi.Input; } export interface InvocationLoggingConfigurationLoggingConfigS3Config { /** * S3 bucket name. */ bucketName?: pulumi.Input; /** * S3 prefix. */ keyPrefix?: pulumi.Input; } } export namespace budgets { export interface BudgetActionActionThreshold { /** * The type of threshold for a notification. Valid values are `PERCENTAGE` or `ABSOLUTE_VALUE`. */ actionThresholdType: pulumi.Input; /** * The threshold of a notification. */ actionThresholdValue: pulumi.Input; } export interface BudgetActionDefinition { /** * The AWS Identity and Access Management (IAM) action definition details. See IAM Action Definition. */ iamActionDefinition?: pulumi.Input; /** * The service control policies (SCPs) action definition details. See SCP Action Definition. */ scpActionDefinition?: pulumi.Input; /** * The AWS Systems Manager (SSM) action definition details. See SSM Action Definition. */ ssmActionDefinition?: pulumi.Input; } export interface BudgetActionDefinitionIamActionDefinition { /** * A list of groups to be attached. There must be at least one group. */ groups?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the policy to be attached. */ policyArn: pulumi.Input; /** * A list of roles to be attached. There must be at least one role. */ roles?: pulumi.Input[]>; /** * A list of users to be attached. There must be at least one user. */ users?: pulumi.Input[]>; } export interface BudgetActionDefinitionScpActionDefinition { /** * The policy ID attached. */ policyId: pulumi.Input; /** * A list of target IDs. */ targetIds: pulumi.Input[]>; } export interface BudgetActionDefinitionSsmActionDefinition { /** * The action subType. Valid values are `STOP_EC2_INSTANCES` or `STOP_RDS_INSTANCES`. */ actionSubType: pulumi.Input; /** * The EC2 and RDS instance IDs. */ instanceIds: pulumi.Input[]>; /** * The Region to run the SSM document. */ region: pulumi.Input; } export interface BudgetActionSubscriber { /** * The address that AWS sends budget notifications to, either an SNS topic or an email. */ address: pulumi.Input; /** * The type of notification that AWS sends to a subscriber. Valid values are `SNS` or `EMAIL`. */ subscriptionType: pulumi.Input; } export interface BudgetAutoAdjustData { /** * (Required) - The string that defines whether your budget auto-adjusts based on historical or forecasted data. Valid values: `FORECAST`,`HISTORICAL` */ autoAdjustType: pulumi.Input; /** * (Optional) - Configuration block of Historical Options. Required for `autoAdjustType` of `HISTORICAL` Configuration block that defines the historical data that your auto-adjusting budget is based on. */ historicalOptions?: pulumi.Input; /** * (Optional) - The last time that your budget was auto-adjusted. */ lastAutoAdjustTime?: pulumi.Input; } export interface BudgetAutoAdjustDataHistoricalOptions { /** * (Required) - The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. */ budgetAdjustmentPeriod: pulumi.Input; /** * (Optional) - The integer that describes how many budget periods in your BudgetAdjustmentPeriod are included in the calculation of your current budget limit. If the first budget period in your BudgetAdjustmentPeriod has no cost data, then that budget period isn’t included in the average that determines your budget limit. You can’t set your own LookBackAvailablePeriods. The value is automatically calculated from the `budgetAdjustmentPeriod` and your historical cost data. */ lookbackAvailablePeriods?: pulumi.Input; } export interface BudgetCostFilter { /** * The name of a budget. Unique within accounts. */ name: pulumi.Input; values: pulumi.Input[]>; } export interface BudgetCostTypes { /** * A boolean value whether to include credits in the cost budget. Defaults to `true` */ includeCredit?: pulumi.Input; /** * Whether a budget includes discounts. Defaults to `true` */ includeDiscount?: pulumi.Input; /** * A boolean value whether to include other subscription costs in the cost budget. Defaults to `true` */ includeOtherSubscription?: pulumi.Input; /** * A boolean value whether to include recurring costs in the cost budget. Defaults to `true` */ includeRecurring?: pulumi.Input; /** * A boolean value whether to include refunds in the cost budget. Defaults to `true` */ includeRefund?: pulumi.Input; /** * A boolean value whether to include subscriptions in the cost budget. Defaults to `true` */ includeSubscription?: pulumi.Input; /** * A boolean value whether to include support costs in the cost budget. Defaults to `true` */ includeSupport?: pulumi.Input; /** * A boolean value whether to include tax in the cost budget. Defaults to `true` */ includeTax?: pulumi.Input; /** * A boolean value whether to include upfront costs in the cost budget. Defaults to `true` */ includeUpfront?: pulumi.Input; /** * Whether a budget uses the amortized rate. Defaults to `false` */ useAmortized?: pulumi.Input; /** * A boolean value whether to use blended costs in the cost budget. Defaults to `false` */ useBlended?: pulumi.Input; } export interface BudgetNotification { /** * (Required) Comparison operator to use to evaluate the condition. Can be `LESS_THAN`, `EQUAL_TO` or `GREATER_THAN`. */ comparisonOperator: pulumi.Input; /** * (Required) What kind of budget value to notify on. Can be `ACTUAL` or `FORECASTED` */ notificationType: pulumi.Input; /** * (Optional) E-Mail addresses to notify. Either this or `subscriberSnsTopicArns` is required. */ subscriberEmailAddresses?: pulumi.Input[]>; /** * (Optional) SNS topics to notify. Either this or `subscriberEmailAddresses` is required. */ subscriberSnsTopicArns?: pulumi.Input[]>; /** * (Required) Threshold when the notification should be sent. */ threshold: pulumi.Input; /** * (Required) What kind of threshold is defined. Can be `PERCENTAGE` OR `ABSOLUTE_VALUE`. */ thresholdType: pulumi.Input; } export interface BudgetPlannedLimit { /** * (Required) The amount of cost or usage being measured for a budget. */ amount: pulumi.Input; /** * (Required) The start time of the budget limit. Format: `2017-01-01_12:00`. See [PlannedBudgetLimits](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_budgets_Budget.html#awscostmanagement-Type-budgets_Budget-PlannedBudgetLimits) documentation. */ startTime: pulumi.Input; /** * (Required) The unit of measurement used for the budget forecast, actual spend, or budget threshold, such as dollars or GB. See [Spend](http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/data-type-spend.html) documentation. */ unit: pulumi.Input; } } export namespace cfg { export interface ConfigurationAggregatorAccountAggregationSource { /** * List of 12-digit account IDs of the account(s) being aggregated. */ accountIds: pulumi.Input[]>; /** * If true, aggregate existing AWS Config regions and future regions. */ allRegions?: pulumi.Input; /** * List of source regions being aggregated. * * Either `regions` or `allRegions` (as true) must be specified. */ regions?: pulumi.Input[]>; } export interface ConfigurationAggregatorOrganizationAggregationSource { /** * If true, aggregate existing AWS Config regions and future regions. */ allRegions?: pulumi.Input; /** * List of source regions being aggregated. */ regions?: pulumi.Input[]>; /** * ARN of the IAM role used to retrieve AWS Organization details associated with the aggregator account. * * Either `regions` or `allRegions` (as true) must be specified. */ roleArn: pulumi.Input; } export interface ConformancePackInputParameter { /** * The input key. */ parameterName: pulumi.Input; /** * The input value. */ parameterValue: pulumi.Input; } export interface DeliveryChannelSnapshotDeliveryProperties { /** * The frequency with which AWS Config recurringly delivers configuration snapshotsE.g., `One_Hour` or `Three_Hours`. Valid values are listed [here](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html#API_ConfigSnapshotDeliveryProperties_Contents). */ deliveryFrequency?: pulumi.Input; } export interface OrganizationConformancePackInputParameter { /** * The input key. */ parameterName: pulumi.Input; /** * The input value. */ parameterValue: pulumi.Input; } export interface RecorderRecordingGroup { /** * Specifies whether AWS Config records configuration changes for every supported type of regional resource (which includes any new type that will become supported in the future). Conflicts with `resourceTypes`. Defaults to `true`. */ allSupported?: pulumi.Input; /** * An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.To use this option, you must set the useOnly field of RecordingStrategy to `EXCLUSION_BY_RESOURCE_TYPES` Requires `allSupported = false`. Conflicts with `resourceTypes`. */ exclusionByResourceTypes?: pulumi.Input[]>; /** * Specifies whether AWS Config includes all supported types of _global resources_ with the resources that it records. Requires `allSupported = true`. Conflicts with `resourceTypes`. */ includeGlobalResourceTypes?: pulumi.Input; /** * Recording Strategy. Detailed below. */ recordingStrategies?: pulumi.Input[]>; /** * A list that specifies the types of AWS resources for which AWS Config records configuration changes (for example, `AWS::EC2::Instance` or `AWS::CloudTrail::Trail`). See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. In order to use this attribute, `allSupported` must be set to false. */ resourceTypes?: pulumi.Input[]>; } export interface RecorderRecordingGroupExclusionByResourceType { /** * A list that specifies the types of AWS resources for which AWS Config excludes records configuration changes. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. */ resourceTypes?: pulumi.Input[]>; } export interface RecorderRecordingGroupRecordingStrategy { useOnly?: pulumi.Input; } export interface RecorderRecordingMode { /** * Default reecording frequency. `CONTINUOUS` or `DAILY`. */ recordingFrequency?: pulumi.Input; /** * Recording mode overrides. Detailed below. */ recordingModeOverride?: pulumi.Input; } export interface RecorderRecordingModeRecordingModeOverride { /** * A description you provide of the override. */ description?: pulumi.Input; /** * The recording frequency for the resources in the override block. `CONTINUOUS` or `DAILY`. */ recordingFrequency: pulumi.Input; /** * A list that specifies the types of AWS resources for which the override applies to. See [restrictions in the AWS Docs](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingModeOverride.html) */ resourceTypes: pulumi.Input[]>; } export interface RemediationConfigurationExecutionControls { /** * Configuration block for SSM controls. See below. */ ssmControls?: pulumi.Input; } export interface RemediationConfigurationExecutionControlsSsmControls { /** * Maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. The default value is 10%. */ concurrentExecutionRatePercentage?: pulumi.Input; /** * Percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. The default is 50%. */ errorPercentage?: pulumi.Input; } export interface RemediationConfigurationParameter { /** * Name of the attribute. */ name: pulumi.Input; /** * Value is dynamic and changes at run-time. */ resourceValue?: pulumi.Input; /** * Value is static and does not change at run-time. */ staticValue?: pulumi.Input; /** * List of static values. */ staticValues?: pulumi.Input[]>; } export interface RuleEvaluationMode { /** * The mode of an evaluation. */ mode?: pulumi.Input; } export interface RuleScope { /** * The IDs of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `complianceResourceTypes`. */ complianceResourceId?: pulumi.Input; /** * A list of resource types of only those AWS resources that you want to trigger an evaluation for the ruleE.g., `AWS::EC2::Instance`. You can only specify one type if you also specify a resource ID for `complianceResourceId`. See [relevant part of AWS Docs](http://docs.aws.amazon.com/config/latest/APIReference/API_ResourceIdentifier.html#config-Type-ResourceIdentifier-resourceType) for available types. */ complianceResourceTypes?: pulumi.Input[]>; /** * The tag key that is applied to only those AWS resources that you want you want to trigger an evaluation for the rule. */ tagKey?: pulumi.Input; /** * The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. */ tagValue?: pulumi.Input; } export interface RuleSource { /** * Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY`. See Custom Policy Details Below. */ customPolicyDetails?: pulumi.Input; /** * Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS`, `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g., via the `aws.lambda.Permission` resource. */ owner: pulumi.Input; /** * Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. See Source Detail Below. */ sourceDetails?: pulumi.Input[]>; /** * For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `aws.lambda.Function` resource. */ sourceIdentifier?: pulumi.Input; } export interface RuleSourceCustomPolicyDetails { /** * The boolean expression for enabling debug logging for your Config Custom Policy rule. The default value is `false`. */ enableDebugLogDelivery?: pulumi.Input; /** * The runtime system for your Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://github.com/aws-cloudformation/cloudformation-guard). */ policyRuntime: pulumi.Input; /** * The policy definition containing the logic for your Config Custom Policy rule. */ policyText: pulumi.Input; } export interface RuleSourceSourceDetail { /** * The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWSresources. This defaults to `aws.config` and is the only valid value. */ eventSource?: pulumi.Input; /** * The frequency that you want AWS Config to run evaluations for a rule that istriggered periodically. If specified, requires `messageType` to be `ScheduledNotification`. */ maximumExecutionFrequency?: pulumi.Input; /** * The type of notification that triggers AWS Config to run an evaluation for a rule. You canspecify the following notification types: * * `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change. * * `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS. * * `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `maximumExecutionFrequency`. * * `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot. */ messageType?: pulumi.Input; } } export namespace chatbot { export interface SlackChannelConfigurationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface TeamsChannelConfigurationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace chime { export interface SdkvoiceGlobalSettingsVoiceConnector { /** * The S3 bucket that stores the Voice Connector's call detail records. */ cdrBucket?: pulumi.Input; } export interface SdkvoiceSipMediaApplicationEndpoints { /** * Valid Amazon Resource Name (ARN) of the Lambda function, version, or alias. The function must be created in the same AWS Region as the SIP media application. */ lambdaArn: pulumi.Input; } export interface SdkvoiceSipRuleTargetApplication { /** * The AWS Region of the target application. */ awsRegion: pulumi.Input; /** * Priority of the SIP media application in the target list. */ priority: pulumi.Input; /** * The SIP media application ID. */ sipMediaApplicationId: pulumi.Input; } export interface SdkvoiceVoiceProfileDomainServerSideEncryptionConfiguration { /** * ARN for KMS Key. * * The following arguments are optional: */ kmsKeyArn: pulumi.Input; } export interface VoiceConnectorGroupConnector { /** * The priority associated with the Amazon Chime Voice Connector, with 1 being the highest priority. Higher priority Amazon Chime Voice Connectors are attempted first. */ priority: pulumi.Input; /** * The Amazon Chime Voice Connector ID. */ voiceConnectorId: pulumi.Input; } export interface VoiceConnectorOrganizationRoute { /** * The FQDN or IP address to contact for origination traffic. */ host: pulumi.Input; /** * The designated origination route port. Defaults to `5060`. */ port?: pulumi.Input; /** * The priority associated with the host, with 1 being the highest priority. Higher priority hosts are attempted first. */ priority: pulumi.Input; /** * The protocol to use for the origination route. Encryption-enabled Amazon Chime Voice Connectors use TCP protocol by default. */ protocol: pulumi.Input; /** * The weight associated with the host. If hosts are equal in priority, calls are redistributed among them based on their relative weight. */ weight: pulumi.Input; } export interface VoiceConnectorStreamingMediaInsightsConfiguration { /** * The media insights configuration that will be invoked by the Voice Connector. */ configurationArn?: pulumi.Input; /** * When `true`, the media insights configuration is not enabled. Defaults to `false`. */ disabled?: pulumi.Input; } export interface VoiceConnectorTerminationCredentialsCredential { /** * RFC2617 compliant password associated with the SIP credentials. */ password: pulumi.Input; /** * RFC2617 compliant username associated with the SIP credentials. */ username: pulumi.Input; } } export namespace chimesdkmediapipelines { export interface MediaInsightsPipelineConfigurationElement { /** * Configuration for Amazon Transcribe Call Analytics processor. */ amazonTranscribeCallAnalyticsProcessorConfiguration?: pulumi.Input; /** * Configuration for Amazon Transcribe processor. */ amazonTranscribeProcessorConfiguration?: pulumi.Input; /** * Configuration for Kinesis Data Stream sink. */ kinesisDataStreamSinkConfiguration?: pulumi.Input; /** * Configuration for Lambda Function sink. */ lambdaFunctionSinkConfiguration?: pulumi.Input; /** * Configuration for S3 recording sink. */ s3RecordingSinkConfiguration?: pulumi.Input; /** * Configuration for SNS Topic sink. */ snsTopicSinkConfiguration?: pulumi.Input; /** * Configuration for SQS Queue sink. */ sqsQueueSinkConfiguration?: pulumi.Input; /** * Element type. */ type: pulumi.Input; /** * Configuration for Voice analytics processor. */ voiceAnalyticsProcessorConfiguration?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfiguration { /** * Filter for category events to be delivered to insights target. */ callAnalyticsStreamCategories?: pulumi.Input[]>; /** * Labels all personally identifiable information (PII) identified in Utterance events. */ contentIdentificationType?: pulumi.Input; /** * Redacts all personally identifiable information (PII) identified in Utterance events. */ contentRedactionType?: pulumi.Input; /** * Enables partial result stabilization in Utterance events. */ enablePartialResultsStabilization?: pulumi.Input; /** * Filters partial Utterance events from delivery to the insights target. */ filterPartialResults?: pulumi.Input; /** * Language code for the transcription model. */ languageCode: pulumi.Input; /** * Name of custom language model for transcription. */ languageModelName?: pulumi.Input; /** * Level of stability to use when partial results stabilization is enabled. */ partialResultsStability?: pulumi.Input; /** * Types of personally identifiable information (PII) to redact from an Utterance event. */ piiEntityTypes?: pulumi.Input; /** * Settings for post call analytics. */ postCallAnalyticsSettings?: pulumi.Input; /** * Method for applying a vocabulary filter to Utterance events. */ vocabularyFilterMethod?: pulumi.Input; /** * Name of the custom vocabulary filter to use when processing Utterance events. */ vocabularyFilterName?: pulumi.Input; /** * Name of the custom vocabulary to use when processing Utterance events. */ vocabularyName?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeCallAnalyticsProcessorConfigurationPostCallAnalyticsSettings { /** * Should output be redacted. */ contentRedactionOutput?: pulumi.Input; /** * ARN of the role used by AWS Transcribe to upload your post call analysis. */ dataAccessRoleArn: pulumi.Input; /** * ID of the KMS key used to encrypt the output. */ outputEncryptionKmsKeyId?: pulumi.Input; /** * The Amazon S3 location where you want your Call Analytics post-call transcription output stored. */ outputLocation: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementAmazonTranscribeProcessorConfiguration { /** * Labels all personally identifiable information (PII) identified in Transcript events. */ contentIdentificationType?: pulumi.Input; /** * Redacts all personally identifiable information (PII) identified in Transcript events. */ contentRedactionType?: pulumi.Input; /** * Enables partial result stabilization in Transcript events. */ enablePartialResultsStabilization?: pulumi.Input; /** * Filters partial Utterance events from delivery to the insights target. */ filterPartialResults?: pulumi.Input; /** * Language code for the transcription model. */ languageCode: pulumi.Input; /** * Name of custom language model for transcription. */ languageModelName?: pulumi.Input; /** * Level of stability to use when partial results stabilization is enabled. */ partialResultsStability?: pulumi.Input; /** * Types of personally identifiable information (PII) to redact from a Transcript event. */ piiEntityTypes?: pulumi.Input; /** * Enables speaker partitioning (diarization) in your Transcript events. */ showSpeakerLabel?: pulumi.Input; /** * Method for applying a vocabulary filter to Transcript events. */ vocabularyFilterMethod?: pulumi.Input; /** * Name of the custom vocabulary filter to use when processing Transcript events. */ vocabularyFilterName?: pulumi.Input; /** * Name of the custom vocabulary to use when processing Transcript events. */ vocabularyName?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementKinesisDataStreamSinkConfiguration { /** * Kinesis Data Stream to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementLambdaFunctionSinkConfiguration { /** * Lambda Function to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementS3RecordingSinkConfiguration { /** * S3 URI to deliver recordings. */ destination?: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementSnsTopicSinkConfiguration { /** * SNS topic to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementSqsQueueSinkConfiguration { /** * SQS queue to deliver results. */ insightsTarget: pulumi.Input; } export interface MediaInsightsPipelineConfigurationElementVoiceAnalyticsProcessorConfiguration { /** * Enable speaker search. */ speakerSearchStatus: pulumi.Input; /** * Enable voice tone analysis. */ voiceToneAnalysisStatus: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfiguration { /** * Disables real time alert rules. */ disabled?: pulumi.Input; /** * Collection of real time alert rules */ rules: pulumi.Input[]>; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRule { /** * Configuration for an issue detection rule. */ issueDetectionConfiguration?: pulumi.Input; /** * Configuration for a keyword match rule. */ keywordMatchConfiguration?: pulumi.Input; /** * Configuration for a sentiment rule. */ sentimentConfiguration?: pulumi.Input; /** * Rule type. */ type: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleIssueDetectionConfiguration { /** * Rule name. */ ruleName: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleKeywordMatchConfiguration { /** * Collection of keywords to match. */ keywords: pulumi.Input[]>; /** * Negate the rule. */ negate?: pulumi.Input; /** * Rule name. */ ruleName: pulumi.Input; } export interface MediaInsightsPipelineConfigurationRealTimeAlertConfigurationRuleSentimentConfiguration { /** * Rule name. */ ruleName: pulumi.Input; /** * Sentiment type to match. */ sentimentType: pulumi.Input; /** * Analysis interval. */ timePeriod: pulumi.Input; } } export namespace cleanrooms { export interface CollaborationDataEncryptionMetadata { allowClearText: pulumi.Input; allowDuplicates: pulumi.Input; allowJoinsOnColumnsWithDifferentNames: pulumi.Input; preserveNulls: pulumi.Input; } export interface CollaborationMember { accountId: pulumi.Input; displayName: pulumi.Input; memberAbilities: pulumi.Input[]>; status?: pulumi.Input; } export interface ConfiguredTableTableReference { databaseName: pulumi.Input; tableName: pulumi.Input; } } export namespace cloudformation { export interface CloudFormationTypeLoggingConfig { /** * Name of the CloudWatch Log Group where CloudFormation sends error logging information when invoking the type's handlers. */ logGroupName: pulumi.Input; /** * Amazon Resource Name (ARN) of the IAM Role CloudFormation assumes when sending error logging information to CloudWatch Logs. */ logRoleArn: pulumi.Input; } export interface StackInstancesDeploymentTargets { /** * Limit deployment targets to individual accounts or include additional accounts with provided OUs. Valid values: `INTERSECTION`, `DIFFERENCE`, `UNION`, `NONE`. */ accountFilterType?: pulumi.Input; /** * List of accounts to deploy stack set updates. */ accounts?: pulumi.Input[]>; /** * S3 URL of the file containing the list of accounts. */ accountsUrl?: pulumi.Input; /** * Organization root ID or organizational unit (OU) IDs to which stack sets deploy. */ organizationalUnitIds?: pulumi.Input[]>; } export interface StackInstancesOperationPreferences { /** * How the concurrency level behaves during the operation execution. Valid values are `STRICT_FAILURE_TOLERANCE` and `SOFT_FAILURE_TOLERANCE`. */ concurrencyMode?: pulumi.Input; /** * Number of accounts, per region, for which this operation can fail before CloudFormation stops the operation in that region. */ failureToleranceCount?: pulumi.Input; /** * Percentage of accounts, per region, for which this stack operation can fail before CloudFormation stops the operation in that region. */ failureTolerancePercentage?: pulumi.Input; /** * Maximum number of accounts in which to perform this operation at one time. */ maxConcurrentCount?: pulumi.Input; /** * Maximum percentage of accounts in which to perform this operation at one time. */ maxConcurrentPercentage?: pulumi.Input; /** * Concurrency type of deploying stack sets operations in regions, could be in parallel or one region at a time. Valid values are `SEQUENTIAL` and `PARALLEL`. */ regionConcurrencyType?: pulumi.Input; /** * Order of the regions where you want to perform the stack operation. */ regionOrders?: pulumi.Input[]>; } export interface StackInstancesStackInstanceSummary { /** * Account ID in which the instance is deployed. */ accountId?: pulumi.Input; /** * Detailed status of the stack instance. Values include `PENDING`, `RUNNING`, `SUCCEEDED`, `FAILED`, `CANCELLED`, `INOPERABLE`, `SKIPPED_SUSPENDED_ACCOUNT`, `FAILED_IMPORT`. */ detailedStatus?: pulumi.Input; /** * Status of the stack instance's actual configuration compared to the expected template and parameter configuration of the stack set to which it belongs. Values include `DRIFTED`, `IN_SYNC`, `UNKNOWN`, `NOT_CHECKED`. */ driftStatus?: pulumi.Input; /** * Organization root ID or organizational unit (OU) IDs that you specified for `deploymentTargets`. */ organizationalUnitId?: pulumi.Input; /** * Region that the stack instance is associated with. */ region?: pulumi.Input; /** * ID of the stack instance. */ stackId?: pulumi.Input; /** * Name or unique ID of the stack set that the stack instance is associated with. */ stackSetId?: pulumi.Input; /** * Status of the stack instance, in terms of its synchronization with its associated stack set. Values include `CURRENT`, `OUTDATED`, `INOPERABLE`. */ status?: pulumi.Input; /** * Explanation for the specific status code assigned to this stack instance. */ statusReason?: pulumi.Input; } export interface StackSetAutoDeployment { /** * Whether or not auto-deployment is enabled. */ enabled?: pulumi.Input; /** * Whether or not to retain stacks when the account is removed. */ retainStacksOnAccountRemoval?: pulumi.Input; } export interface StackSetInstanceDeploymentTargets { /** * Limit deployment targets to individual accounts or include additional accounts with provided OUs. Valid values: `INTERSECTION`, `DIFFERENCE`, `UNION`, `NONE`. */ accountFilterType?: pulumi.Input; /** * List of accounts to deploy stack set updates. */ accounts?: pulumi.Input[]>; /** * S3 URL of the file containing the list of accounts. */ accountsUrl?: pulumi.Input; /** * Organization root ID or organizational unit (OU) IDs to which StackSets deploys. */ organizationalUnitIds?: pulumi.Input[]>; } export interface StackSetInstanceOperationPreferences { /** * Specifies how the concurrency level behaves during the operation execution. Valid values are `STRICT_FAILURE_TOLERANCE` and `SOFT_FAILURE_TOLERANCE`. */ concurrencyMode?: pulumi.Input; /** * Number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. */ failureToleranceCount?: pulumi.Input; /** * Percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. */ failureTolerancePercentage?: pulumi.Input; /** * Maximum number of accounts in which to perform this operation at one time. */ maxConcurrentCount?: pulumi.Input; /** * Maximum percentage of accounts in which to perform this operation at one time. */ maxConcurrentPercentage?: pulumi.Input; /** * Concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. Valid values are `SEQUENTIAL` and `PARALLEL`. */ regionConcurrencyType?: pulumi.Input; /** * Order of the Regions in where you want to perform the stack operation. */ regionOrders?: pulumi.Input[]>; } export interface StackSetInstanceStackInstanceSummary { /** * Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account. */ accountId?: pulumi.Input; /** * Organizational unit ID in which the stack is deployed. */ organizationalUnitId?: pulumi.Input; /** * Stack identifier. */ stackId?: pulumi.Input; } export interface StackSetManagedExecution { /** * When set to true, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. Default is false. */ active?: pulumi.Input; } export interface StackSetOperationPreferences { /** * The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. */ failureToleranceCount?: pulumi.Input; /** * The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. */ failureTolerancePercentage?: pulumi.Input; /** * The maximum number of accounts in which to perform this operation at one time. */ maxConcurrentCount?: pulumi.Input; /** * The maximum percentage of accounts in which to perform this operation at one time. */ maxConcurrentPercentage?: pulumi.Input; /** * The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. */ regionConcurrencyType?: pulumi.Input; /** * The order of the Regions in where you want to perform the stack operation. */ regionOrders?: pulumi.Input[]>; } } export namespace cloudfront { export interface CachePolicyParametersInCacheKeyAndForwardedToOrigin { /** * Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Cookies Config for more information. */ cookiesConfig: pulumi.Input; /** * Flag determines whether the Accept-Encoding HTTP header is included in the cache key and in requests that CloudFront sends to the origin. */ enableAcceptEncodingBrotli?: pulumi.Input; /** * Whether the Accept-Encoding HTTP header is included in the cache key and in requests sent to the origin by CloudFront. */ enableAcceptEncodingGzip?: pulumi.Input; /** * Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. See Headers Config for more information. */ headersConfig: pulumi.Input; /** * Whether any URL query strings in viewer requests are included in the cache key. It also automatically includes these query strings in requests that CloudFront sends to the origin. Please refer to the Query String Config for more information. */ queryStringsConfig: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfig { /** * Whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `cookieBehavior` are `none`, `whitelist`, `allExcept`, and `all`. */ cookieBehavior: pulumi.Input; /** * Object that contains a list of cookie names. See Items for more information. */ cookies?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginCookiesConfigCookies { /** * List of item names, such as cookies, headers, or query strings. */ items?: pulumi.Input[]>; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfig { /** * Whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `headerBehavior` are `none` and `whitelist`. */ headerBehavior?: pulumi.Input; /** * Object contains a list of header names. See Items for more information. */ headers?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginHeadersConfigHeaders { /** * List of item names, such as cookies, headers, or query strings. */ items?: pulumi.Input[]>; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfig { /** * Whether URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values for `queryStringBehavior` are `none`, `whitelist`, `allExcept`, and `all`. */ queryStringBehavior: pulumi.Input; /** * Configuration parameter that contains a list of query string names. See Items for more information. */ queryStrings?: pulumi.Input; } export interface CachePolicyParametersInCacheKeyAndForwardedToOriginQueryStringsConfigQueryStrings { /** * List of item names, such as cookies, headers, or query strings. */ items?: pulumi.Input[]>; } export interface ContinuousDeploymentPolicyStagingDistributionDnsNames { /** * A list of CloudFront domain names for the staging distribution. */ items?: pulumi.Input[]>; /** * Number of CloudFront domain names in the staging distribution. */ quantity: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfig { /** * Determines which HTTP requests are sent to the staging distribution. See `singleHeaderConfig`. */ singleHeaderConfig?: pulumi.Input; /** * Contains the percentage of traffic to send to the staging distribution. See `singleWeightConfig`. */ singleWeightConfig?: pulumi.Input; /** * Type of traffic configuration. Valid values are `SingleWeight` and `SingleHeader`. */ type: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleHeaderConfig { /** * Request header name to send to the staging distribution. The header must contain the prefix `aws-cf-cd-`. */ header: pulumi.Input; /** * Request header value. */ value: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleWeightConfig { /** * Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to the staging distribution, while others are sent to the primary distribution. Define the session duration using TTL values. See `sessionStickinessConfig`. */ sessionStickinessConfig?: pulumi.Input; /** * The percentage of traffic to send to a staging distribution, expressed as a decimal number between `0` and `.15`. */ weight: pulumi.Input; } export interface ContinuousDeploymentPolicyTrafficConfigSingleWeightConfigSessionStickinessConfig { /** * The amount of time in seconds after which sessions will cease if no requests are received. Valid values are `300` – `3600` (5–60 minutes). The value must be less than or equal to `maximumTtl`. */ idleTtl: pulumi.Input; /** * The maximum amount of time in seconds to consider requests from the viewer as being part of the same session. Valid values are `300` – `3600` (5–60 minutes). The value must be greater than or equal to `idleTtl`. */ maximumTtl: pulumi.Input; } export interface DistributionCustomErrorResponse { /** * Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. */ errorCachingMinTtl?: pulumi.Input; /** * 4xx or 5xx HTTP status code that you want to customize. */ errorCode: pulumi.Input; /** * HTTP status code that you want CloudFront to return with the custom error page to the viewer. */ responseCode?: pulumi.Input; /** * Path of the custom error page (for example, `/custom_404.html`). */ responsePagePath?: pulumi.Input; } export interface DistributionDefaultCacheBehavior { /** * Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. */ allowedMethods: pulumi.Input[]>; /** * Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `defaultCacheBehavior` either `cachePolicyId` or `forwardedValues` must be set. */ cachePolicyId?: pulumi.Input; /** * Controls whether CloudFront caches the response to requests using the specified HTTP methods. */ cachedMethods: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`). */ compress?: pulumi.Input; /** * Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header. */ defaultTtl?: pulumi.Input; /** * Field level encryption configuration ID. */ fieldLevelEncryptionId?: pulumi.Input; /** * The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one). */ forwardedValues?: pulumi.Input; /** * A config block that triggers a cloudfront function with specific actions (maximum 2). */ functionAssociations?: pulumi.Input[]>; /** * A config block that triggers a lambda function with specific actions (maximum 4). */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers. */ maxTtl?: pulumi.Input; /** * Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. */ minTtl?: pulumi.Input; /** * Unique identifier of the origin request policy that is attached to the behavior. */ originRequestPolicyId?: pulumi.Input; /** * ARN of the real-time log configuration that is attached to this cache behavior. */ realtimeLogConfigArn?: pulumi.Input; /** * Identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. */ smoothStreaming?: pulumi.Input; /** * Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. */ targetOriginId: pulumi.Input; /** * List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs. */ trustedKeyGroups?: pulumi.Input[]>; /** * List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs. */ trustedSigners?: pulumi.Input[]>; /** * Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`. */ viewerProtocolPolicy: pulumi.Input; } export interface DistributionDefaultCacheBehaviorForwardedValues { /** * The forwarded values cookies that specifies how CloudFront handles cookies (maximum one). */ cookies: pulumi.Input; /** * Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers. */ headers?: pulumi.Input[]>; /** * Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior. */ queryString: pulumi.Input; /** * When specified, along with a value of `true` for `queryString`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `queryString`, all query string keys are cached. */ queryStringCacheKeys?: pulumi.Input[]>; } export interface DistributionDefaultCacheBehaviorForwardedValuesCookies { /** * Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelistedNames`. */ forward: pulumi.Input; /** * If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin. */ whitelistedNames?: pulumi.Input[]>; } export interface DistributionDefaultCacheBehaviorFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`. */ eventType: pulumi.Input; /** * ARN of the CloudFront function. */ functionArn: pulumi.Input; } export interface DistributionDefaultCacheBehaviorLambdaFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`. */ eventType: pulumi.Input; /** * When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`. */ includeBody?: pulumi.Input; /** * ARN of the Lambda function. */ lambdaArn: pulumi.Input; } export interface DistributionLoggingConfig { /** * Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com`. */ bucket: pulumi.Input; /** * Whether to include cookies in access logs (default: `false`). */ includeCookies?: pulumi.Input; /** * Prefix to the access log filenames for this distribution, for example, `myprefix/`. */ prefix?: pulumi.Input; } export interface DistributionOrderedCacheBehavior { /** * Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. */ allowedMethods: pulumi.Input[]>; /** * Unique identifier of the cache policy that is attached to the cache behavior. If configuring the `defaultCacheBehavior` either `cachePolicyId` or `forwardedValues` must be set. */ cachePolicyId?: pulumi.Input; /** * Controls whether CloudFront caches the response to requests using the specified HTTP methods. */ cachedMethods: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`). */ compress?: pulumi.Input; /** * Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header. */ defaultTtl?: pulumi.Input; /** * Field level encryption configuration ID. */ fieldLevelEncryptionId?: pulumi.Input; /** * The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one). */ forwardedValues?: pulumi.Input; /** * A config block that triggers a cloudfront function with specific actions (maximum 2). */ functionAssociations?: pulumi.Input[]>; /** * A config block that triggers a lambda function with specific actions (maximum 4). */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers. */ maxTtl?: pulumi.Input; /** * Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. */ minTtl?: pulumi.Input; /** * Unique identifier of the origin request policy that is attached to the behavior. */ originRequestPolicyId?: pulumi.Input; /** * Pattern (for example, `images/*.jpg`) that specifies which requests you want this cache behavior to apply to. */ pathPattern: pulumi.Input; /** * ARN of the real-time log configuration that is attached to this cache behavior. */ realtimeLogConfigArn?: pulumi.Input; /** * Identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. */ smoothStreaming?: pulumi.Input; /** * Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. */ targetOriginId: pulumi.Input; /** * List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs. */ trustedKeyGroups?: pulumi.Input[]>; /** * List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs. */ trustedSigners?: pulumi.Input[]>; /** * Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`. */ viewerProtocolPolicy: pulumi.Input; } export interface DistributionOrderedCacheBehaviorForwardedValues { /** * The forwarded values cookies that specifies how CloudFront handles cookies (maximum one). */ cookies: pulumi.Input; /** * Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify `*` to include all headers. */ headers?: pulumi.Input[]>; /** * Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior. */ queryString: pulumi.Input; /** * When specified, along with a value of `true` for `queryString`, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of `true` for `queryString`, all query string keys are cached. */ queryStringCacheKeys?: pulumi.Input[]>; } export interface DistributionOrderedCacheBehaviorForwardedValuesCookies { /** * Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`. If `whitelist`, you must include the subsequent `whitelistedNames`. */ forward: pulumi.Input; /** * If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin. */ whitelistedNames?: pulumi.Input[]>; } export interface DistributionOrderedCacheBehaviorFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request` or `viewer-response`. */ eventType: pulumi.Input; /** * ARN of the CloudFront function. */ functionArn: pulumi.Input; } export interface DistributionOrderedCacheBehaviorLambdaFunctionAssociation { /** * Specific event to trigger this function. Valid values: `viewer-request`, `origin-request`, `viewer-response`, `origin-response`. */ eventType: pulumi.Input; /** * When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: `true`, `false`. */ includeBody?: pulumi.Input; /** * ARN of the Lambda function. */ lambdaArn: pulumi.Input; } export interface DistributionOrigin { /** * Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3. */ connectionAttempts?: pulumi.Input; /** * Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10. */ connectionTimeout?: pulumi.Input; /** * One or more sub-resources with `name` and `value` parameters that specify header data that will be sent to the origin (multiples allowed). */ customHeaders?: pulumi.Input[]>; /** * The CloudFront custom origin configuration information. If an S3 origin is required, use `originAccessControlId` or `s3OriginConfig` instead. */ customOriginConfig?: pulumi.Input; /** * Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`. */ domainName: pulumi.Input; /** * Unique identifier of a [CloudFront origin access control][8] for this origin. */ originAccessControlId?: pulumi.Input; originId: pulumi.Input; /** * Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. */ originPath?: pulumi.Input; /** * CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the Amazon CloudFront Developer Guide. */ originShield?: pulumi.Input; /** * CloudFront S3 origin configuration information. If a custom origin is required, use `customOriginConfig` instead. */ s3OriginConfig?: pulumi.Input; } export interface DistributionOriginCustomHeader { name: pulumi.Input; value: pulumi.Input; } export interface DistributionOriginCustomOriginConfig { /** * HTTP port the custom origin listens on. */ httpPort: pulumi.Input; /** * HTTPS port the custom origin listens on. */ httpsPort: pulumi.Input; /** * The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `5`. */ originKeepaliveTimeout?: pulumi.Input; /** * Origin protocol policy to apply to your origin. One of `http-only`, `https-only`, or `match-viewer`. */ originProtocolPolicy: pulumi.Input; /** * The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of `60`. But you can request an [increase](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-request-timeout). Defaults to `30`. */ originReadTimeout?: pulumi.Input; /** * List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: `SSLv3`, `TLSv1`, `TLSv1.1`, `TLSv1.2`. For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the Amazon CloudFront Developer Guide. */ originSslProtocols: pulumi.Input[]>; } export interface DistributionOriginGroup { /** * The failover criteria for when to failover to the secondary origin. */ failoverCriteria: pulumi.Input; /** * Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members. */ members: pulumi.Input[]>; originId: pulumi.Input; } export interface DistributionOriginGroupFailoverCriteria { /** * List of HTTP status codes for the origin group. */ statusCodes: pulumi.Input[]>; } export interface DistributionOriginGroupMember { originId: pulumi.Input; } export interface DistributionOriginOriginShield { /** * `true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs */ enabled: pulumi.Input; /** * AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2`. */ originShieldRegion?: pulumi.Input; } export interface DistributionOriginS3OriginConfig { /** * The CloudFront origin access identity to associate with the origin. */ originAccessIdentity: pulumi.Input; } export interface DistributionRestrictions { geoRestriction: pulumi.Input; } export interface DistributionRestrictionsGeoRestriction { /** * [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (`whitelist`) or not distribute your content (`blacklist`). If the type is specified as `none` an empty array can be used. */ locations?: pulumi.Input[]>; /** * Method that you want to use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist`. */ restrictionType: pulumi.Input; } export interface DistributionTrustedKeyGroup { /** * `true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs */ enabled?: pulumi.Input; /** * List of nested attributes for each trusted signer */ items?: pulumi.Input[]>; } export interface DistributionTrustedKeyGroupItem { /** * ID of the key group that contains the public keys. */ keyGroupId?: pulumi.Input; /** * Set of active CloudFront key pairs associated with the signer account */ keyPairIds?: pulumi.Input[]>; } export interface DistributionTrustedSigner { /** * `true` if any of the AWS accounts listed as trusted signers have active CloudFront key pairs */ enabled?: pulumi.Input; /** * List of nested attributes for each trusted signer */ items?: pulumi.Input[]>; } export interface DistributionTrustedSignerItem { /** * AWS account ID or `self` */ awsAccountNumber?: pulumi.Input; /** * Set of active CloudFront key pairs associated with the signer account */ keyPairIds?: pulumi.Input[]>; } export interface DistributionViewerCertificate { /** * ARN of the [AWS Certificate Manager](https://aws.amazon.com/certificate-manager/) certificate that you wish to use with this distribution. Specify this, `cloudfrontDefaultCertificate`, or `iamCertificateId`. The ACM certificate must be in US-EAST-1. */ acmCertificateArn?: pulumi.Input; /** * `true` if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, `acmCertificateArn`, or `iamCertificateId`. */ cloudfrontDefaultCertificate?: pulumi.Input; /** * IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, `acmCertificateArn`, or `cloudfrontDefaultCertificate`. */ iamCertificateId?: pulumi.Input; /** * Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if `cloudfrontDefaultCertificate = false`. See all possible values in [this](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) table under "Security policy." Some examples include: `TLSv1.2_2019` and `TLSv1.2_2021`. Default: `TLSv1`. **NOTE**: If you are using a custom certificate (specified with `acmCertificateArn` or `iamCertificateId`), and have specified `sni-only` in `sslSupportMethod`, `TLSv1` or later must be specified. If you have specified `vip` in `sslSupportMethod`, only `SSLv3` or `TLSv1` can be specified. If you have specified `cloudfrontDefaultCertificate`, `TLSv1` must be specified. */ minimumProtocolVersion?: pulumi.Input; /** * How you want CloudFront to serve HTTPS requests. One of `vip`, `sni-only`, or `static-ip`. Required if you specify `acmCertificateArn` or `iamCertificateId`. **NOTE:** `vip` causes CloudFront to use a dedicated IP address and may incur extra charges. */ sslSupportMethod?: pulumi.Input; } export interface FieldLevelEncryptionConfigContentTypeProfileConfig { /** * Object that contains an attribute `items` that contains the list of configurations for a field-level encryption content type-profile. See Content Type Profile. */ contentTypeProfiles: pulumi.Input; /** * specifies what to do when an unknown content type is provided for the profile. If true, content is forwarded without being encrypted when the content type is unknown. If false (the default), an error is returned when the content type is unknown. */ forwardWhenContentTypeIsUnknown: pulumi.Input; } export interface FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfiles { items: pulumi.Input[]>; } export interface FieldLevelEncryptionConfigContentTypeProfileConfigContentTypeProfilesItem { /** * he content type for a field-level encryption content type-profile mapping. Valid value is `application/x-www-form-urlencoded`. */ contentType: pulumi.Input; /** * The format for a field-level encryption content type-profile mapping. Valid value is `URLEncoded`. */ format: pulumi.Input; profileId?: pulumi.Input; } export interface FieldLevelEncryptionConfigQueryArgProfileConfig { /** * Flag to set if you want a request to be forwarded to the origin even if the profile specified by the field-level encryption query argument, fle-profile, is unknown. */ forwardWhenQueryArgProfileIsUnknown: pulumi.Input; /** * Object that contains an attribute `items` that contains the list ofrofiles specified for query argument-profile mapping for field-level encryption. see Query Arg Profile. */ queryArgProfiles?: pulumi.Input; } export interface FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfiles { items?: pulumi.Input[]>; } export interface FieldLevelEncryptionConfigQueryArgProfileConfigQueryArgProfilesItem { profileId: pulumi.Input; /** * Query argument for field-level encryption query argument-profile mapping. */ queryArg: pulumi.Input; } export interface FieldLevelEncryptionProfileEncryptionEntities { items?: pulumi.Input[]>; } export interface FieldLevelEncryptionProfileEncryptionEntitiesItem { /** * Object that contains an attribute `items` that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted. */ fieldPatterns: pulumi.Input; /** * The provider associated with the public key being used for encryption. */ providerId: pulumi.Input; /** * The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns. */ publicKeyId: pulumi.Input; } export interface FieldLevelEncryptionProfileEncryptionEntitiesItemFieldPatterns { items?: pulumi.Input[]>; } export interface KeyValueStoreTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface MonitoringSubscriptionMonitoringSubscription { /** * A subscription configuration for additional CloudWatch metrics. See below. */ realtimeMetricsSubscriptionConfig: pulumi.Input; } export interface MonitoringSubscriptionMonitoringSubscriptionRealtimeMetricsSubscriptionConfig { /** * A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. See below. */ realtimeMetricsSubscriptionStatus: pulumi.Input; } export interface OriginRequestPolicyCookiesConfig { cookieBehavior: pulumi.Input; cookies?: pulumi.Input; } export interface OriginRequestPolicyCookiesConfigCookies { items?: pulumi.Input[]>; } export interface OriginRequestPolicyHeadersConfig { headerBehavior?: pulumi.Input; headers?: pulumi.Input; } export interface OriginRequestPolicyHeadersConfigHeaders { items?: pulumi.Input[]>; } export interface OriginRequestPolicyQueryStringsConfig { queryStringBehavior: pulumi.Input; queryStrings?: pulumi.Input; } export interface OriginRequestPolicyQueryStringsConfigQueryStrings { items?: pulumi.Input[]>; } export interface RealtimeLogConfigEndpoint { /** * The Amazon Kinesis data stream configuration. */ kinesisStreamConfig: pulumi.Input; /** * The type of data stream where real-time log data is sent. The only valid value is `Kinesis`. */ streamType: pulumi.Input; } export interface RealtimeLogConfigEndpointKinesisStreamConfig { /** * The ARN of an IAM role that CloudFront can use to send real-time log data to the Kinesis data stream. * See the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) for more information. */ roleArn: pulumi.Input; /** * The ARN of the Kinesis data stream. */ streamArn: pulumi.Input; } export interface ResponseHeadersPolicyCorsConfig { /** * A Boolean value that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header. */ accessControlAllowCredentials: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header. */ accessControlAllowHeaders: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL` */ accessControlAllowMethods: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header. */ accessControlAllowOrigins: pulumi.Input; /** * Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header. */ accessControlExposeHeaders?: pulumi.Input; /** * A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header. */ accessControlMaxAgeSec?: pulumi.Input; /** * A Boolean value that determines how CloudFront behaves for the HTTP response header. */ originOverride: pulumi.Input; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowMethods { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCustomHeadersConfig { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyCustomHeadersConfigItem { header: pulumi.Input; override: pulumi.Input; /** * The value for the HTTP response header. */ value: pulumi.Input; } export interface ResponseHeadersPolicyRemoveHeadersConfig { items?: pulumi.Input[]>; } export interface ResponseHeadersPolicyRemoveHeadersConfigItem { header: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfig { /** * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. See Content Security Policy for more information. */ contentSecurityPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff`. See Content Type Options for more information. */ contentTypeOptions?: pulumi.Input; /** * Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header’s value. See Frame Options for more information. */ frameOptions?: pulumi.Input; /** * Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header’s value. See Referrer Policy for more information. */ referrerPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header’s value. See Strict Transport Security for more information. */ strictTransportSecurity?: pulumi.Input; /** * Determine whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header’s value. See XSS Protection for more information. */ xssProtection?: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy { /** * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header. */ contentSecurityPolicy: pulumi.Input; /** * Whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions { /** * Whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigFrameOptions { /** * The value of the `X-Frame-Options` HTTP response header. Valid values: `DENY` | `SAMEORIGIN` */ frameOption: pulumi.Input; /** * Whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy { /** * Whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * The value of the `Referrer-Policy` HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url` */ referrerPolicy: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity { /** * A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header. */ accessControlMaxAgeSec: pulumi.Input; /** * Whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header. */ includeSubdomains?: pulumi.Input; /** * Whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * Whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header. */ preload?: pulumi.Input; } export interface ResponseHeadersPolicySecurityHeadersConfigXssProtection { /** * Whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header. */ modeBlock?: pulumi.Input; /** * Whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * A Boolean value that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true`, the value of the `X-XSS-Protection` header is `1`. When this setting is `false`, the value of the `X-XSS-Protection` header is `0`. */ protection: pulumi.Input; /** * A reporting URI, which CloudFront uses as the value of the report directive in the `X-XSS-Protection` header. You cannot specify a `reportUri` when `modeBlock` is `true`. */ reportUri?: pulumi.Input; } export interface ResponseHeadersPolicyServerTimingHeadersConfig { /** * A Whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. */ enabled: pulumi.Input; /** * A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0. */ samplingRate: pulumi.Input; } } export namespace cloudhsmv2 { export interface ClusterClusterCertificate { /** * The HSM hardware certificate issued (signed) by AWS CloudHSM. */ awsHardwareCertificate?: pulumi.Input; /** * The cluster certificate issued (signed) by the issuing certificate authority (CA) of the cluster's owner. */ clusterCertificate?: pulumi.Input; /** * The certificate signing request (CSR). Available only in `UNINITIALIZED` state after an HSM instance is added to the cluster. */ clusterCsr?: pulumi.Input; /** * The HSM certificate issued (signed) by the HSM hardware. */ hsmCertificate?: pulumi.Input; /** * The HSM hardware certificate issued (signed) by the hardware manufacturer. */ manufacturerHardwareCertificate?: pulumi.Input; } } export namespace cloudsearch { export interface DomainEndpointOptions { /** * Enables or disables the requirement that all requests to the domain arrive over HTTPS. */ enforceHttps?: pulumi.Input; /** * The minimum required TLS version. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_DomainEndpointOptions.html) for valid values. */ tlsSecurityPolicy?: pulumi.Input; } export interface DomainIndexField { /** * The analysis scheme you want to use for a `text` field. The analysis scheme specifies the language-specific text processing options that are used during indexing. */ analysisScheme?: pulumi.Input; /** * The default value for the field. This value is used when no value is specified for the field in the document data. */ defaultValue?: pulumi.Input; /** * You can get facet information by enabling this. */ facet?: pulumi.Input; /** * You can highlight information. */ highlight?: pulumi.Input; /** * A unique name for the field. Field names must begin with a letter and be at least 1 and no more than 64 characters long. The allowed characters are: `a`-`z` (lower-case letters), `0`-`9`, and `_` (underscore). The name `score` is reserved and cannot be used as a field name. */ name: pulumi.Input; /** * You can enable returning the value of all searchable fields. */ return?: pulumi.Input; /** * You can set whether this index should be searchable or not. */ search?: pulumi.Input; /** * You can enable the property to be sortable. */ sort?: pulumi.Input; /** * A comma-separated list of source fields to map to the field. Specifying a source field copies data from one field to another, enabling you to use the same source data in different ways by configuring different options for the fields. */ sourceFields?: pulumi.Input; /** * The field type. Valid values: `date`, `date-array`, `double`, `double-array`, `int`, `int-array`, `literal`, `literal-array`, `text`, `text-array`. */ type: pulumi.Input; } export interface DomainScalingParameters { /** * The instance type that you want to preconfigure for your domain. See the [AWS documentation](https://docs.aws.amazon.com/cloudsearch/latest/developerguide/API_ScalingParameters.html) for valid values. */ desiredInstanceType?: pulumi.Input; /** * The number of partitions you want to preconfigure for your domain. Only valid when you select `search.2xlarge` as the instance type. */ desiredPartitionCount?: pulumi.Input; /** * The number of replicas you want to preconfigure for each index partition. */ desiredReplicationCount?: pulumi.Input; } } export namespace cloudtrail { export interface EventDataStoreAdvancedEventSelector { /** * Specifies the selector statements in an advanced event selector. Fields documented below. */ fieldSelectors?: pulumi.Input[]>; /** * Specifies the name of the advanced event selector. */ name?: pulumi.Input; } export interface EventDataStoreAdvancedEventSelectorFieldSelector { /** * A list of values that includes events that match the last few characters of the event record field specified as the value of `field`. */ endsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields. */ equals?: pulumi.Input[]>; /** * Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`. */ field?: pulumi.Input; /** * A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`. */ notEndsWiths?: pulumi.Input[]>; /** * A list of values that excludes events that match the exact value of the event record field specified as the value of `field`. */ notEquals?: pulumi.Input[]>; /** * A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`. */ notStartsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the first few characters of the event record field specified as the value of `field`. */ startsWiths?: pulumi.Input[]>; } export interface TrailAdvancedEventSelector { /** * Specifies the selector statements in an advanced event selector. Fields documented below. */ fieldSelectors: pulumi.Input[]>; /** * Name of the trail. */ name?: pulumi.Input; } export interface TrailAdvancedEventSelectorFieldSelector { /** * A list of values that includes events that match the last few characters of the event record field specified as the value of `field`. */ endsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the exact value of the event record field specified as the value of `field`. This is the only valid operator that you can use with the `readOnly`, `eventCategory`, and `resources.type` fields. */ equals?: pulumi.Input[]>; /** * Field in an event record on which to filter events to be logged. You can specify only the following values: `readOnly`, `eventSource`, `eventName`, `eventCategory`, `resources.type`, `resources.ARN`. */ field: pulumi.Input; /** * A list of values that excludes events that match the last few characters of the event record field specified as the value of `field`. */ notEndsWiths?: pulumi.Input[]>; /** * A list of values that excludes events that match the exact value of the event record field specified as the value of `field`. */ notEquals?: pulumi.Input[]>; /** * A list of values that excludes events that match the first few characters of the event record field specified as the value of `field`. */ notStartsWiths?: pulumi.Input[]>; /** * A list of values that includes events that match the first few characters of the event record field specified as the value of `field`. */ startsWiths?: pulumi.Input[]>; } export interface TrailEventSelector { /** * Configuration block for data events. See details below. */ dataResources?: pulumi.Input[]>; /** * A set of event sources to exclude. Valid values include: `kms.amazonaws.com` and `rdsdata.amazonaws.com`. `includeManagementEvents` must be set to`true` to allow this. */ excludeManagementEventSources?: pulumi.Input[]>; /** * Whether to include management events for your trail. Defaults to `true`. */ includeManagementEvents?: pulumi.Input; /** * Type of events to log. Valid values are `ReadOnly`, `WriteOnly`, `All`. Default value is `All`. */ readWriteType?: pulumi.Input; } export interface TrailEventSelectorDataResource { /** * Resource type in which you want to log data events. You can specify only the following value: "AWS::S3::Object", "AWS::Lambda::Function" and "AWS::DynamoDB::Table". */ type: pulumi.Input; /** * List of ARN strings or partial ARN strings to specify selectors for data audit events over data resources. ARN list is specific to single-valued `type`. For example, `arn:aws:s3:::/` for all objects in a bucket, `arn:aws:s3:::/key` for specific objects, `arn:aws:lambda` for all lambda events within an account, `arn:aws:lambda:::function:` for a specific Lambda function, `arn:aws:dynamodb` for all DDB events for all tables within an account, or `arn:aws:dynamodb:::table/` for a specific DynamoDB table. */ values: pulumi.Input[]>; } export interface TrailInsightSelector { /** * Type of insights to log on a trail. Valid values are: `ApiCallRateInsight` and `ApiErrorRateInsight`. */ insightType: pulumi.Input; } } export namespace cloudwatch { export interface CompositeAlarmActionsSuppressor { /** * Can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm. */ alarm: pulumi.Input; /** * The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions. */ extensionPeriod: pulumi.Input; /** * The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions. */ waitPeriod: pulumi.Input; } export interface EventConnectionAuthParameters { /** * Parameters used for API_KEY authorization. An API key to include in the header for each authentication request. A maximum of 1 are allowed. Conflicts with `basic` and `oauth`. Documented below. */ apiKey?: pulumi.Input; /** * Parameters used for BASIC authorization. A maximum of 1 are allowed. Conflicts with `apiKey` and `oauth`. Documented below. */ basic?: pulumi.Input; /** * Invocation Http Parameters are additional credentials used to sign each Invocation of the ApiDestination created from this Connection. If the ApiDestination Rule Target has additional HttpParameters, the values will be merged together, with the Connection Invocation Http Parameters taking precedence. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below. */ invocationHttpParameters?: pulumi.Input; /** * Parameters used for OAUTH_CLIENT_CREDENTIALS authorization. A maximum of 1 are allowed. Conflicts with `basic` and `apiKey`. Documented below. */ oauth?: pulumi.Input; } export interface EventConnectionAuthParametersApiKey { /** * Header Name. */ key: pulumi.Input; /** * Header Value. Created and stored in AWS Secrets Manager. */ value: pulumi.Input; } export interface EventConnectionAuthParametersBasic { /** * A password for the authorization. Created and stored in AWS Secrets Manager. */ password: pulumi.Input; /** * A username for the authorization. */ username: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParameters { /** * Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ bodies?: pulumi.Input[]>; /** * Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ headers?: pulumi.Input[]>; /** * Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ queryStrings?: pulumi.Input[]>; } export interface EventConnectionAuthParametersInvocationHttpParametersBody { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParametersHeader { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersInvocationHttpParametersQueryString { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauth { /** * The URL to the authorization endpoint. */ authorizationEndpoint: pulumi.Input; /** * Contains the client parameters for OAuth authorization. Contains the following two parameters. */ clientParameters?: pulumi.Input; /** * A password for the authorization. Created and stored in AWS Secrets Manager. */ httpMethod: pulumi.Input; /** * OAuth Http Parameters are additional credentials used to sign the request to the authorization endpoint to exchange the OAuth Client information for an access token. Secret values are stored and managed by AWS Secrets Manager. A maximum of 1 are allowed. Documented below. */ oauthHttpParameters: pulumi.Input; } export interface EventConnectionAuthParametersOauthClientParameters { /** * The client ID for the credentials to use for authorization. Created and stored in AWS Secrets Manager. */ clientId: pulumi.Input; /** * The client secret for the credentials to use for authorization. Created and stored in AWS Secrets Manager. */ clientSecret: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParameters { /** * Contains additional body string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ bodies?: pulumi.Input[]>; /** * Contains additional header parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ headers?: pulumi.Input[]>; /** * Contains additional query string parameters for the connection. You can include up to 100 additional body string parameters per request. Each additional parameter counts towards the event payload size, which cannot exceed 64 KB. Each parameter can contain the following: */ queryStrings?: pulumi.Input[]>; } export interface EventConnectionAuthParametersOauthOauthHttpParametersBody { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParametersHeader { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventConnectionAuthParametersOauthOauthHttpParametersQueryString { /** * Specified whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for the parameter. */ key?: pulumi.Input; /** * The value associated with the key. Created and stored in AWS Secrets Manager if is secret. */ value?: pulumi.Input; } export interface EventEndpointEventBus { /** * The ARN of the event bus the endpoint is associated with. */ eventBusArn: pulumi.Input; } export interface EventEndpointReplicationConfig { /** * The state of event replication. Valid values: `ENABLED`, `DISABLED`. The default state is `ENABLED`, which means you must supply a `roleArn`. If you don't have a `roleArn` or you don't want event replication enabled, set `state` to `DISABLED`. */ state?: pulumi.Input; } export interface EventEndpointRoutingConfig { /** * Parameters used for failover. This includes what triggers failover and what happens when it's triggered. Documented below. */ failoverConfig: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfig { /** * Parameters used for the primary Region. Documented below. */ primary: pulumi.Input; /** * Parameters used for the secondary Region, the Region that events are routed to when failover is triggered or event replication is enabled. Documented below. */ secondary: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfigPrimary { /** * The ARN of the health check used by the endpoint to determine whether failover is triggered. */ healthCheck?: pulumi.Input; } export interface EventEndpointRoutingConfigFailoverConfigSecondary { /** * The name of the secondary Region. */ route?: pulumi.Input; } export interface EventPermissionCondition { /** * Key for the condition. Valid values: `aws:PrincipalOrgID`. */ key: pulumi.Input; /** * Type of condition. Value values: `StringEquals`. */ type: pulumi.Input; /** * Value for the key. */ value: pulumi.Input; } export interface EventTargetAppsyncTarget { /** * Contains the GraphQL mutation to be parsed and executed. */ graphqlOperation?: pulumi.Input; } export interface EventTargetBatchTarget { /** * The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000. */ arraySize?: pulumi.Input; /** * The number of times to attempt to retry, if the job fails. Valid values are 1 to 10. */ jobAttempts?: pulumi.Input; /** * The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist. */ jobDefinition: pulumi.Input; /** * The name to use for this execution of the job, if the target is an AWS Batch job. */ jobName: pulumi.Input; } export interface EventTargetDeadLetterConfig { /** * ARN of the SQS queue specified as the target for the dead-letter queue. */ arn?: pulumi.Input; } export interface EventTargetEcsTarget { /** * The capacity provider strategy to use for the task. If a `capacityProviderStrategy` specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below. */ capacityProviderStrategies?: pulumi.Input[]>; /** * Specifies whether to enable Amazon ECS managed tags for the task. */ enableEcsManagedTags?: pulumi.Input; /** * Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * Specifies an ECS task group for the task. The maximum length is 255 characters. */ group?: pulumi.Input; /** * Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: `EC2`, `EXTERNAL`, or `FARGATE`. */ launchType?: pulumi.Input; /** * Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if `launchType` is `FARGATE` because the awsvpc mode is required for Fargate tasks. */ networkConfiguration?: pulumi.Input; /** * An array of placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. */ orderedPlacementStrategies?: pulumi.Input[]>; /** * An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below. */ placementConstraints?: pulumi.Input[]>; /** * Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0`. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see [AWS Fargate Platform Versions](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html). */ platformVersion?: pulumi.Input; /** * Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: `TASK_DEFINITION`. */ propagateTags?: pulumi.Input; /** * A map of tags to assign to ecs resources. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The number of tasks to create based on the TaskDefinition. Defaults to `1`. */ taskCount?: pulumi.Input; /** * The ARN of the task definition to use if the event target is an Amazon ECS cluster. */ taskDefinitionArn: pulumi.Input; } export interface EventTargetEcsTargetCapacityProviderStrategy { /** * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to `0`. */ base?: pulumi.Input; /** * Short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. */ weight?: pulumi.Input; } export interface EventTargetEcsTargetNetworkConfiguration { /** * Assign a public IP address to the ENI (Fargate launch type only). Valid values are `true` or `false`. Defaults to `false`. * * For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) */ assignPublicIp?: pulumi.Input; /** * The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * The subnets associated with the task or service. */ subnets: pulumi.Input[]>; } export interface EventTargetEcsTargetOrderedPlacementStrategy { /** * The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host`, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone`. For the `binpack` placement strategy, valid values are `cpu` and `memory`. For the `random` placement strategy, this field is not used. For more information, see [Amazon ECS task placement strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html). */ field?: pulumi.Input; /** * Type of placement strategy. The only valid values at this time are `binpack`, `random` and `spread`. */ type: pulumi.Input; } export interface EventTargetEcsTargetPlacementConstraint { /** * Cluster Query Language expression to apply to the constraint. Does not need to be specified for the `distinctInstance` type. For more information, see [Cluster Query Language in the Amazon EC2 Container Service Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html). */ expression?: pulumi.Input; /** * Type of constraint. The only valid values at this time are `memberOf` and `distinctInstance`. */ type: pulumi.Input; } export interface EventTargetHttpTarget { /** * Enables you to specify HTTP headers to add to the request. */ headerParameters?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The list of values that correspond sequentially to any path variables in your endpoint ARN (for example `arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*`). */ pathParameterValues?: pulumi.Input[]>; /** * Represents keys/values of query string parameters that are appended to the invoked endpoint. */ queryStringParameters?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface EventTargetInputTransformer { /** * Key value pairs specified in the form of JSONPath (for example, time = $.time) * * You can have as many as 100 key-value pairs. * * You must use JSON dot notation, not bracket notation. * * The keys can't start with "AWS". */ inputPaths?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes. */ inputTemplate: pulumi.Input; } export interface EventTargetKinesisTarget { /** * The JSON path to be extracted from the event and used as the partition key. */ partitionKeyPath?: pulumi.Input; } export interface EventTargetRedshiftTarget { /** * The name of the database. */ database: pulumi.Input; /** * The database user name. */ dbUser?: pulumi.Input; /** * The name or ARN of the secret that enables access to the database. */ secretsManagerArn?: pulumi.Input; /** * The SQL statement text to run. */ sql?: pulumi.Input; /** * The name of the SQL statement. */ statementName?: pulumi.Input; /** * Indicates whether to send an event back to EventBridge after the SQL statement runs. */ withEvent?: pulumi.Input; } export interface EventTargetRetryPolicy { /** * The age in seconds to continue to make retry attempts. */ maximumEventAgeInSeconds?: pulumi.Input; /** * maximum number of retry attempts to make before the request fails */ maximumRetryAttempts?: pulumi.Input; } export interface EventTargetRunCommandTarget { /** * Can be either `tag:tag-key` or `InstanceIds`. */ key: pulumi.Input; /** * If Key is `tag:tag-key`, Values is a list of tag values. If Key is `InstanceIds`, Values is a list of Amazon EC2 instance IDs. */ values: pulumi.Input[]>; } export interface EventTargetSagemakerPipelineTarget { /** * List of Parameter names and values for SageMaker Model Building Pipeline execution. */ pipelineParameterLists?: pulumi.Input[]>; } export interface EventTargetSagemakerPipelineTargetPipelineParameterList { /** * Name of parameter to start execution of a SageMaker Model Building Pipeline. */ name: pulumi.Input; /** * Value of parameter to start execution of a SageMaker Model Building Pipeline. */ value: pulumi.Input; } export interface EventTargetSqsTarget { /** * The FIFO message group ID to use as the target. */ messageGroupId?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatement { /** * Set of at least 1 sensitive data identifiers that you want to mask. Read more in [Types of data that you can protect](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html). */ dataIdentifiers: string[]; /** * Configures the data protection operation applied by this statement. */ operation: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperation; /** * Name of this statement. */ sid?: string; } export interface GetLogDataProtectionPolicyDocumentStatementArgs { /** * Set of at least 1 sensitive data identifiers that you want to mask. Read more in [Types of data that you can protect](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html). */ dataIdentifiers: pulumi.Input[]>; /** * Configures the data protection operation applied by this statement. */ operation: pulumi.Input; /** * Name of this statement. */ sid?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperation { /** * Configures the detection of sensitive data. */ audit?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAudit; /** * Configures the masking of sensitive data. * * > Every policy statement must specify exactly one operation. */ deidentify?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationDeidentify; } export interface GetLogDataProtectionPolicyDocumentStatementOperationArgs { /** * Configures the detection of sensitive data. */ audit?: pulumi.Input; /** * Configures the masking of sensitive data. * * > Every policy statement must specify exactly one operation. */ deidentify?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAudit { /** * Configures destinations to send audit findings to. */ findingsDestination: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditArgs { /** * Configures destinations to send audit findings to. */ findingsDestination: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestination { /** * Configures CloudWatch Logs as a findings destination. */ cloudwatchLogs?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs; /** * Configures Kinesis Firehose as a findings destination. */ firehose?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose; /** * Configures S3 as a findings destination. */ s3?: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationArgs { /** * Configures CloudWatch Logs as a findings destination. */ cloudwatchLogs?: pulumi.Input; /** * Configures Kinesis Firehose as a findings destination. */ firehose?: pulumi.Input; /** * Configures S3 as a findings destination. */ s3?: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogs { /** * Name of the CloudWatch Log Group to send findings to. */ logGroup: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogsArgs { /** * Name of the CloudWatch Log Group to send findings to. */ logGroup: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehose { /** * Name of the Kinesis Firehose Delivery Stream to send findings to. */ deliveryStream: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehoseArgs { /** * Name of the Kinesis Firehose Delivery Stream to send findings to. */ deliveryStream: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3 { /** * Name of the S3 Bucket to send findings to. */ bucket: string; } export interface GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3Args { /** * Name of the S3 Bucket to send findings to. */ bucket: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentify { /** * An empty object that configures masking. */ maskConfig: inputs.cloudwatch.GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyArgs { /** * An empty object that configures masking. */ maskConfig: pulumi.Input; } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfig { } export interface GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyMaskConfigArgs { } export interface InternetMonitorHealthEventsConfig { /** * The health event threshold percentage set for availability scores. */ availabilityScoreThreshold?: pulumi.Input; /** * The health event threshold percentage set for performance scores. */ performanceScoreThreshold?: pulumi.Input; } export interface InternetMonitorInternetMeasurementsLogDelivery { s3Config?: pulumi.Input; } export interface InternetMonitorInternetMeasurementsLogDeliveryS3Config { bucketName: pulumi.Input; bucketPrefix?: pulumi.Input; logDeliveryStatus?: pulumi.Input; } export interface LogMetricFilterMetricTransformation { /** * The value to emit when a filter pattern does not match a log event. Conflicts with `dimensions`. */ defaultValue?: pulumi.Input; /** * Map of fields to use as dimensions for the metric. Up to 3 dimensions are allowed. Conflicts with `defaultValue`. */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The name of the CloudWatch metric to which the monitored log information should be published (e.g., `ErrorCount`) */ name: pulumi.Input; /** * The destination namespace of the CloudWatch metric. */ namespace: pulumi.Input; /** * The unit to assign to the metric. If you omit this, the unit is set as `None`. */ unit?: pulumi.Input; /** * What to publish to the metric. For example, if you're counting the occurrences of a particular term like "Error", the value will be "1" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event. */ value: pulumi.Input; } export interface MetricAlarmMetricQuery { /** * The ID of the account where the metrics are located, if this is a cross-account alarm. */ accountId?: pulumi.Input; /** * The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the id of the other metrics to refer to those metrics, and can also use the id of other expressions to use the result of those expressions. For more information about metric math expressions, see Metric Math Syntax and Functions in the [Amazon CloudWatch User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax). */ expression?: pulumi.Input; /** * A short name used to tie this object to the results in the response. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter. */ id: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. */ label?: pulumi.Input; /** * The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data. */ metric?: pulumi.Input; /** * Granularity in seconds of returned data points. * For metrics with regular resolution, valid values are any multiple of `60`. * For high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`. */ period?: pulumi.Input; /** * Specify exactly one `metricQuery` to be `true` to use that `metricQuery` result as the alarm. * * > **NOTE:** You must specify either `metric` or `expression`. Not both. */ returnData?: pulumi.Input; } export interface MetricAlarmMetricQueryMetric { /** * The dimensions for this metric. For the list of available dimensions see the AWS documentation [here](http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ dimensions?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * The name for this metric. * See docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ metricName: pulumi.Input; /** * The namespace for this metric. See docs for the [list of namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html). * See docs for [supported metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html). */ namespace?: pulumi.Input; /** * Granularity in seconds of returned data points. * For metrics with regular resolution, valid values are any multiple of `60`. * For high-resolution metrics, valid values are `1`, `5`, `10`, `30`, or any multiple of `60`. */ period: pulumi.Input; /** * The statistic to apply to this metric. * See docs for [supported statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html). */ stat: pulumi.Input; /** * The unit for this metric. */ unit?: pulumi.Input; } export interface MetricStreamExcludeFilter { /** * An array that defines the metrics you want to exclude for this metric namespace */ metricNames?: pulumi.Input[]>; /** * Name of the metric namespace in the filter. */ namespace: pulumi.Input; } export interface MetricStreamIncludeFilter { /** * An array that defines the metrics you want to include for this metric namespace */ metricNames?: pulumi.Input[]>; /** * Name of the metric namespace in the filter. */ namespace: pulumi.Input; } export interface MetricStreamStatisticsConfiguration { /** * The additional statistics to stream for the metrics listed in `includeMetrics`. */ additionalStatistics: pulumi.Input[]>; /** * An array that defines the metrics that are to have additional statistics streamed. See details below. */ includeMetrics: pulumi.Input[]>; } export interface MetricStreamStatisticsConfigurationIncludeMetric { /** * The name of the metric. */ metricName: pulumi.Input; namespace: pulumi.Input; } } export namespace codeartifact { export interface RepositoryExternalConnections { /** * The name of the external connection associated with a repository. */ externalConnectionName: pulumi.Input; packageFormat?: pulumi.Input; status?: pulumi.Input; } export interface RepositoryUpstream { /** * The name of an upstream repository. */ repositoryName: pulumi.Input; } } export namespace codebuild { export interface FleetScalingConfiguration { desiredCapacity?: pulumi.Input; /** * Maximum number of instances in the fleet when auto-scaling. */ maxCapacity?: pulumi.Input; /** * Scaling type for a compute fleet. Valid value: `TARGET_TRACKING_SCALING`. */ scalingType?: pulumi.Input; /** * Configuration block. Detailed below. */ targetTrackingScalingConfigs?: pulumi.Input[]>; } export interface FleetScalingConfigurationTargetTrackingScalingConfig { /** * Metric type to determine auto-scaling. Valid value: `FLEET_UTILIZATION_RATE`. */ metricType?: pulumi.Input; /** * Value of metricType when to start scaling. */ targetValue?: pulumi.Input; } export interface FleetStatus { /** * Additional information about a compute fleet. */ context?: pulumi.Input; /** * Message associated with the status of a compute fleet. */ message?: pulumi.Input; /** * Status code of the compute fleet. */ statusCode?: pulumi.Input; } export interface FleetVpcConfig { /** * A list of one or more security groups IDs in your Amazon VPC. */ securityGroupIds: pulumi.Input[]>; /** * A list of one or more subnet IDs in your Amazon VPC. */ subnets: pulumi.Input[]>; /** * The ID of the Amazon VPC. */ vpcId: pulumi.Input; } export interface ProjectArtifacts { /** * Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification. */ artifactIdentifier?: pulumi.Input; /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored. If `type` is set to `S3`, this is the name of the output bucket. */ location?: pulumi.Input; /** * Name of the project. If `type` is set to `S3`, this is the name of the output artifact object */ name?: pulumi.Input; /** * Namespace to use in storing build artifacts. If `type` is set to `S3`, then valid values are `BUILD_ID`, `NONE`. */ namespaceType?: pulumi.Input; /** * Whether a name specified in the build specification overrides the artifact name. */ overrideArtifactName?: pulumi.Input; /** * Type of build output artifact to create. If `type` is set to `S3`, valid values are `NONE`, `ZIP` */ packaging?: pulumi.Input; /** * If `type` is set to `S3`, this is the path to the output artifact. */ path?: pulumi.Input; /** * Build output artifact's type. Valid values: `CODEPIPELINE`, `NO_ARTIFACTS`, `S3`. */ type: pulumi.Input; } export interface ProjectBuildBatchConfig { /** * Specifies if the build artifacts for the batch build should be combined into a single artifact location. */ combineArtifacts?: pulumi.Input; /** * Configuration block specifying the restrictions for the batch build. Detailed below. */ restrictions?: pulumi.Input; /** * Specifies the service role ARN for the batch build project. */ serviceRole: pulumi.Input; /** * Specifies the maximum amount of time, in minutes, that the batch build must be completed in. */ timeoutInMins?: pulumi.Input; } export interface ProjectBuildBatchConfigRestrictions { /** * An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the AWS CodeBuild User Guide for these values. */ computeTypesAlloweds?: pulumi.Input[]>; /** * Specifies the maximum number of builds allowed. */ maximumBuildsAllowed?: pulumi.Input; } export interface ProjectCache { /** * Location where the AWS CodeBuild project stores cached resources. For type `S3`, the value must be a valid S3 bucket name/prefix. */ location?: pulumi.Input; /** * Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: `LOCAL_SOURCE_CACHE`, `LOCAL_DOCKER_LAYER_CACHE`, `LOCAL_CUSTOM_CACHE`. */ modes?: pulumi.Input[]>; /** * Type of storage that will be used for the AWS CodeBuild project cache. Valid values: `NO_CACHE`, `LOCAL`, `S3`. Defaults to `NO_CACHE`. */ type?: pulumi.Input; } export interface ProjectEnvironment { /** * ARN of the S3 bucket, path prefix and object key that contains the PEM-encoded certificate. */ certificate?: pulumi.Input; /** * Information about the compute resources the build project will use. Valid values: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE`, `BUILD_GENERAL1_2XLARGE`, `BUILD_LAMBDA_1GB`, `BUILD_LAMBDA_2GB`, `BUILD_LAMBDA_4GB`, `BUILD_LAMBDA_8GB`, `BUILD_LAMBDA_10GB`. `BUILD_GENERAL1_SMALL` is only valid if `type` is set to `LINUX_CONTAINER`. When `type` is set to `LINUX_GPU_CONTAINER`, `computeType` must be `BUILD_GENERAL1_LARGE`. When `type` is set to `LINUX_LAMBDA_CONTAINER` or `ARM_LAMBDA_CONTAINER`, `computeType` must be `BUILD_LAMBDA_XGB`.` */ computeType: pulumi.Input; /** * Configuration block. Detailed below. */ environmentVariables?: pulumi.Input[]>; /** * Configuration block. Detailed below. */ fleet?: pulumi.Input; /** * Docker image to use for this build project. Valid values include [Docker images provided by CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html) (e.g `aws/codebuild/amazonlinux2-x86_64-standard:4.0`), [Docker Hub images](https://hub.docker.com/) (e.g., `pulumi/pulumi:latest`), and full Docker repository URIs such as those for ECR (e.g., `137112412989.dkr.ecr.us-west-2.amazonaws.com/amazonlinux:latest`). */ image: pulumi.Input; /** * Type of credentials AWS CodeBuild uses to pull images in your build. Valid values: `CODEBUILD`, `SERVICE_ROLE`. When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CodeBuild credentials. Defaults to `CODEBUILD`. */ imagePullCredentialsType?: pulumi.Input; /** * Whether to enable running the Docker daemon inside a Docker container. Defaults to `false`. */ privilegedMode?: pulumi.Input; /** * Configuration block. Detailed below. */ registryCredential?: pulumi.Input; /** * Type of build environment to use for related builds. Valid values: `LINUX_CONTAINER`, `LINUX_GPU_CONTAINER`, `WINDOWS_CONTAINER` (deprecated), `WINDOWS_SERVER_2019_CONTAINER`, `ARM_CONTAINER`, `LINUX_LAMBDA_CONTAINER`, `ARM_LAMBDA_CONTAINER`. For additional information, see the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html). */ type: pulumi.Input; } export interface ProjectEnvironmentEnvironmentVariable { /** * Environment variable's name or key. */ name: pulumi.Input; /** * Type of environment variable. Valid values: `PARAMETER_STORE`, `PLAINTEXT`, `SECRETS_MANAGER`. */ type?: pulumi.Input; /** * Environment variable's value. */ value: pulumi.Input; } export interface ProjectEnvironmentFleet { /** * Compute fleet ARN for the build project. */ fleetArn?: pulumi.Input; } export interface ProjectEnvironmentRegistryCredential { /** * ARN or name of credentials created using AWS Secrets Manager. */ credential: pulumi.Input; /** * Service that created the credentials to access a private Docker registry. Valid value: `SECRETS_MANAGER` (AWS Secrets Manager). */ credentialProvider: pulumi.Input; } export interface ProjectFileSystemLocation { /** * The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD\_. For example, if you specify my-efs for identifier, a new environment variable is create named CODEBUILD_MY-EFS. */ identifier?: pulumi.Input; /** * A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path`. */ location?: pulumi.Input; /** * The mount options for a file system created by AWS EFS. */ mountOptions?: pulumi.Input; /** * The location in the container where you mount the file system. */ mountPoint?: pulumi.Input; /** * The type of the file system. The one supported type is `EFS`. */ type?: pulumi.Input; } export interface ProjectLogsConfig { /** * Configuration block. Detailed below. */ cloudwatchLogs?: pulumi.Input; /** * Configuration block. Detailed below. */ s3Logs?: pulumi.Input; } export interface ProjectLogsConfigCloudwatchLogs { /** * Group name of the logs in CloudWatch Logs. */ groupName?: pulumi.Input; /** * Current status of logs in CloudWatch Logs for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `ENABLED`. */ status?: pulumi.Input; /** * Prefix of the log stream name of the logs in CloudWatch Logs. */ streamName?: pulumi.Input; } export interface ProjectLogsConfigS3Logs { /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. your CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting S3 logs. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Name of the S3 bucket and the path prefix for S3 logs. Must be set if status is `ENABLED`, otherwise it must be empty. */ location?: pulumi.Input; /** * Current status of logs in S3 for a build project. Valid values: `ENABLED`, `DISABLED`. Defaults to `DISABLED`. */ status?: pulumi.Input; } export interface ProjectSecondaryArtifact { /** * Artifact identifier. Must be the same specified inside the AWS CodeBuild build specification. */ artifactIdentifier: pulumi.Input; /** * Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects. Valid values are `NONE`, `READ_ONLY`, and `FULL`. The CodeBuild service role must have the `s3:PutBucketAcl` permission. This permission allows CodeBuild to modify the access control list for the bucket. */ bucketOwnerAccess?: pulumi.Input; /** * Whether to disable encrypting output artifacts. If `type` is set to `NO_ARTIFACTS`, this value is ignored. Defaults to `false`. */ encryptionDisabled?: pulumi.Input; /** * Information about the build output artifact location. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output bucket. If `path` is not specified, `location` can specify the path of the output artifact in the output bucket. */ location?: pulumi.Input; /** * Name of the project. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the name of the output artifact object. */ name?: pulumi.Input; /** * Namespace to use in storing build artifacts. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `BUILD_ID` or `NONE`. */ namespaceType?: pulumi.Input; /** * Whether a name specified in the build specification overrides the artifact name. */ overrideArtifactName?: pulumi.Input; /** * Type of build output artifact to create. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, valid values are `NONE` or `ZIP`. */ packaging?: pulumi.Input; /** * Along with `namespaceType` and `name`, the pattern that AWS CodeBuild uses to name and store the output artifact. If `type` is set to `CODEPIPELINE` or `NO_ARTIFACTS`, this value is ignored if specified. If `type` is set to `S3`, this is the path to the output artifact. */ path?: pulumi.Input; /** * Build output artifact's type. Valid values `CODEPIPELINE`, `NO_ARTIFACTS`, and `S3`. */ type: pulumi.Input; } export interface ProjectSecondarySource { /** * Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. `buildStatusConfig` blocks are documented below. */ buildStatusConfig?: pulumi.Input; /** * The build spec declaration to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. It can either be a path to a file residing in the repository to be built or a local file path leveraging the `file()` built-in. */ buildspec?: pulumi.Input; /** * Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details. */ gitCloneDepth?: pulumi.Input; /** * Configuration block. Detailed below. */ gitSubmodulesConfig?: pulumi.Input; /** * Ignore SSL warnings when connecting to source control. */ insecureSsl?: pulumi.Input; /** * Location of the source code from git or s3. */ location?: pulumi.Input; /** * Whether to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. */ reportBuildStatus?: pulumi.Input; /** * An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length. */ sourceIdentifier: pulumi.Input; /** * Type of repository that contains the source code to be built. Valid values: `BITBUCKET`, `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `GITLAB`, `GITLAB_SELF_MANAGED`, `NO_SOURCE`, `S3`. */ type: pulumi.Input; } export interface ProjectSecondarySourceBuildStatusConfig { /** * Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ context?: pulumi.Input; /** * Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ targetUrl?: pulumi.Input; } export interface ProjectSecondarySourceGitSubmodulesConfig { /** * Whether to fetch Git submodules for the AWS CodeBuild build project. */ fetchSubmodules: pulumi.Input; } export interface ProjectSecondarySourceVersion { /** * An identifier for a source in the build project. */ sourceIdentifier: pulumi.Input; /** * The source version for the corresponding source identifier. See [AWS docs](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectSourceVersion.html#CodeBuild-Type-ProjectSourceVersion-sourceVersion) for more details. */ sourceVersion: pulumi.Input; } export interface ProjectSource { /** * Configuration block that contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. `buildStatusConfig` blocks are documented below. */ buildStatusConfig?: pulumi.Input; /** * Build specification to use for this build project's related builds. This must be set when `type` is `NO_SOURCE`. Also, if a non-default buildspec file name or file path aside from the root is used, it must be specified. */ buildspec?: pulumi.Input; /** * Truncate git history to this many commits. Use `0` for a `Full` checkout which you need to run commands like `git branch --show-current`. See [AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source](https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-github-gitclone.html) for details. */ gitCloneDepth?: pulumi.Input; /** * Configuration block. Detailed below. */ gitSubmodulesConfig?: pulumi.Input; /** * Ignore SSL warnings when connecting to source control. */ insecureSsl?: pulumi.Input; /** * Location of the source code from git or s3. */ location?: pulumi.Input; /** * Whether to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. */ reportBuildStatus?: pulumi.Input; /** * Type of repository that contains the source code to be built. Valid values: `BITBUCKET`, `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `GITLAB`, `GITLAB_SELF_MANAGED`, `NO_SOURCE`, `S3`. */ type: pulumi.Input; } export interface ProjectSourceBuildStatusConfig { /** * Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ context?: pulumi.Input; /** * Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider. */ targetUrl?: pulumi.Input; } export interface ProjectSourceGitSubmodulesConfig { /** * Whether to fetch Git submodules for the AWS CodeBuild build project. */ fetchSubmodules: pulumi.Input; } export interface ProjectVpcConfig { /** * Security group IDs to assign to running builds. */ securityGroupIds: pulumi.Input[]>; /** * Subnet IDs within which to run builds. */ subnets: pulumi.Input[]>; /** * ID of the VPC within which to run builds. */ vpcId: pulumi.Input; } export interface ReportGroupExportConfig { /** * contains information about the S3 bucket where the run of a report is exported. see S3 Destination documented below. */ s3Destination?: pulumi.Input; /** * The export configuration type. Valid values are `S3` and `NO_EXPORT`. */ type: pulumi.Input; } export interface ReportGroupExportConfigS3Destination { /** * The name of the S3 bucket where the raw data of a report are exported. */ bucket: pulumi.Input; /** * A boolean value that specifies if the results of a report are encrypted. * **Note: the API does not currently allow setting encryption as disabled** */ encryptionDisabled?: pulumi.Input; /** * The encryption key for the report's encrypted raw data. The KMS key ARN. */ encryptionKey: pulumi.Input; /** * The type of build output artifact to create. Valid values are: `NONE` (default) and `ZIP`. */ packaging?: pulumi.Input; /** * The path to the exported report's raw data results. */ path?: pulumi.Input; } export interface WebhookFilterGroup { /** * A webhook filter for the group. Filter blocks are documented below. */ filters?: pulumi.Input[]>; } export interface WebhookFilterGroupFilter { /** * If set to `true`, the specified filter does *not* trigger a build. Defaults to `false`. */ excludeMatchedPattern?: pulumi.Input; /** * For a filter that uses `EVENT` type, a comma-separated string that specifies one event: `PUSH`, `PULL_REQUEST_CREATED`, `PULL_REQUEST_UPDATED`, `PULL_REQUEST_REOPENED`. `PULL_REQUEST_MERGED`, `WORKFLOW_JOB_QUEUED` works with GitHub & GitHub Enterprise only. For a filter that uses any of the other filter types, a regular expression. */ pattern: pulumi.Input; /** * The webhook filter group's type. Valid values for this parameter are: `EVENT`, `BASE_REF`, `HEAD_REF`, `ACTOR_ACCOUNT_ID`, `FILE_PATH`, `COMMIT_MESSAGE`, `WORKFLOW_NAME`, `TAG_NAME`, `RELEASE_NAME`. At least one filter group must specify `EVENT` as its type. */ type: pulumi.Input; } export interface WebhookScopeConfiguration { /** * The domain of the GitHub Enterprise organization. Required if your project's source type is GITHUB_ENTERPRISE. */ domain?: pulumi.Input; /** * The name of either the enterprise or organization. */ name: pulumi.Input; /** * The type of scope for a GitHub webhook. Valid values for this parameter are: `GITHUB_ORGANIZATION`, `GITHUB_GLOBAL`. */ scope: pulumi.Input; } } export namespace codecatalyst { export interface DevEnvironmentIdes { /** * The name of the IDE. Valid values include Cloud9, IntelliJ, PyCharm, GoLand, and VSCode. */ name?: pulumi.Input; /** * A link to the IDE runtime image. This parameter is not required if the name is VSCode. Values of the runtime can be for example public.ecr.aws/jetbrains/py,public.ecr.aws/jetbrains/go */ runtime?: pulumi.Input; } export interface DevEnvironmentPersistentStorage { /** * The size of the persistent storage in gigabytes (specifically GiB). Valid values for storage are based on memory sizes in 16GB increments. Valid values are 16, 32, and 64. */ size: pulumi.Input; } export interface DevEnvironmentRepository { /** * The name of the branch in a source repository. * * persistent storage (` persistentStorage`) supports the following: */ branchName?: pulumi.Input; /** * The name of the source repository. */ repositoryName: pulumi.Input; } export interface GetDevEnvironmentRepository { branchName?: string; repositoryName?: string; } export interface GetDevEnvironmentRepositoryArgs { branchName?: pulumi.Input; repositoryName?: pulumi.Input; } } export namespace codecommit { export interface TriggerTrigger { /** * The branches that will be included in the trigger configuration. If no branches are specified, the trigger will apply to all branches. */ branches?: pulumi.Input[]>; /** * Any custom data associated with the trigger that will be included in the information sent to the target of the trigger. */ customData?: pulumi.Input; /** * The ARN of the resource that is the target for a trigger. For example, the ARN of a topic in Amazon Simple Notification Service (SNS). */ destinationArn: pulumi.Input; /** * The repository events that will cause the trigger to run actions in another service, such as sending a notification through Amazon Simple Notification Service (SNS). If no events are specified, the trigger will run for all repository events. Event types include: `all`, `updateReference`, `createReference`, `deleteReference`. */ events: pulumi.Input[]>; /** * The name of the trigger. */ name: pulumi.Input; } } export namespace codedeploy { export interface DeploymentConfigMinimumHealthyHosts { /** * The type can either be `FLEET_PERCENT` or `HOST_COUNT`. */ type?: pulumi.Input; /** * The value when the type is `FLEET_PERCENT` represents the minimum number of healthy instances as * a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the * deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances. * When the type is `HOST_COUNT`, the value represents the minimum number of healthy instances as an absolute value. */ value?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfig { /** * The time based canary configuration information. If `type` is `TimeBasedLinear`, use `timeBasedLinear` instead. */ timeBasedCanary?: pulumi.Input; /** * The time based linear configuration information. If `type` is `TimeBasedCanary`, use `timeBasedCanary` instead. */ timeBasedLinear?: pulumi.Input; /** * Type of traffic routing config. One of `TimeBasedCanary`, `TimeBasedLinear`, `AllAtOnce`. */ type?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfigTimeBasedCanary { /** * The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment. */ interval?: pulumi.Input; /** * The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment. */ percentage?: pulumi.Input; } export interface DeploymentConfigTrafficRoutingConfigTimeBasedLinear { /** * The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment. */ interval?: pulumi.Input; /** * The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment. */ percentage?: pulumi.Input; } export interface DeploymentConfigZonalConfig { /** * The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the first Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds`, then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone. */ firstZoneMonitorDurationInSeconds?: pulumi.Input; /** * The number or percentage of instances that must remain available per Availability Zone during a deployment. If you don't specify a value under `minimumHealthyHostsPerZone`, then CodeDeploy uses a default value of 0 percent. This block is more documented below. */ minimumHealthyHostsPerZone?: pulumi.Input; /** * The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. If you don't specify a `monitorDurationInSeconds`, CodeDeploy starts deploying to the next Availability Zone immediately. */ monitorDurationInSeconds?: pulumi.Input; } export interface DeploymentConfigZonalConfigMinimumHealthyHostsPerZone { /** * The type can either be `FLEET_PERCENT` or `HOST_COUNT`. */ type?: pulumi.Input; /** * The value when the type is `FLEET_PERCENT` represents the minimum number of healthy instances as a percentage of the total number of instances in the Availability Zone during a deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances. When the type is `HOST_COUNT`, the value represents the minimum number of healthy instances in the Availability Zone as an absolute value. */ value?: pulumi.Input; } export interface DeploymentGroupAlarmConfiguration { /** * A list of alarms configured for the deployment group. */ alarms?: pulumi.Input[]>; /** * Indicates whether the alarm configuration is enabled. This option is useful when you want to temporarily deactivate alarm monitoring for a deployment group without having to add the same alarms again later. */ enabled?: pulumi.Input; /** * Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from CloudWatch. The default value is `false`. */ ignorePollAlarmFailure?: pulumi.Input; } export interface DeploymentGroupAutoRollbackConfiguration { /** * Indicates whether a defined automatic rollback configuration is currently enabled for this Deployment Group. If you enable automatic rollback, you must specify at least one event type. */ enabled?: pulumi.Input; /** * The event type or types that trigger a rollback. Supported types are `DEPLOYMENT_FAILURE`, `DEPLOYMENT_STOP_ON_ALARM` and `DEPLOYMENT_STOP_ON_REQUEST`. * * _Only one `autoRollbackConfiguration` is allowed_. */ events?: pulumi.Input[]>; } export interface DeploymentGroupBlueGreenDeploymentConfig { /** * Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment (documented below). */ deploymentReadyOption?: pulumi.Input; /** * Information about how instances are provisioned for a replacement environment in a blue/green deployment (documented below). */ greenFleetProvisioningOption?: pulumi.Input; /** * Information about whether to terminate instances in the original fleet during a blue/green deployment (documented below). * * _Only one `blueGreenDeploymentConfig` is allowed_. */ terminateBlueInstancesOnDeploymentSuccess?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigDeploymentReadyOption { /** * When to reroute traffic from an original environment to a replacement environment in a blue/green deployment. * * `CONTINUE_DEPLOYMENT`: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment. * * `STOP_DEPLOYMENT`: Do not register new instances with load balancer unless traffic is rerouted manually. If traffic is not rerouted manually before the end of the specified wait period, the deployment status is changed to Stopped. */ actionOnTimeout?: pulumi.Input; /** * The number of minutes to wait before the status of a blue/green deployment changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout`. */ waitTimeInMinutes?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigGreenFleetProvisioningOption { /** * The method used to add instances to a replacement environment. * * `DISCOVER_EXISTING`: Use instances that already exist or will be created manually. * * `COPY_AUTO_SCALING_GROUP`: Use settings from a specified **Auto Scaling** group to define and create instances in a new Auto Scaling group. _Exactly one Auto Scaling group must be specified_ when selecting `COPY_AUTO_SCALING_GROUP`. Use `autoscalingGroups` to specify the Auto Scaling group. */ action?: pulumi.Input; } export interface DeploymentGroupBlueGreenDeploymentConfigTerminateBlueInstancesOnDeploymentSuccess { /** * The action to take on instances in the original environment after a successful blue/green deployment. * * `TERMINATE`: Instances are terminated after a specified wait time. * * `KEEP_ALIVE`: Instances are left running after they are deregistered from the load balancer and removed from the deployment group. */ action?: pulumi.Input; /** * The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. */ terminationWaitTimeInMinutes?: pulumi.Input; } export interface DeploymentGroupDeploymentStyle { /** * Indicates whether to route deployment traffic behind a load balancer. Valid Values are `WITH_TRAFFIC_CONTROL` or `WITHOUT_TRAFFIC_CONTROL`. Default is `WITHOUT_TRAFFIC_CONTROL`. */ deploymentOption?: pulumi.Input; /** * Indicates whether to run an in-place deployment or a blue/green deployment. Valid Values are `IN_PLACE` or `BLUE_GREEN`. Default is `IN_PLACE`. * * _Only one `deploymentStyle` is allowed_. */ deploymentType?: pulumi.Input; } export interface DeploymentGroupEc2TagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. * * Multiple occurrences of `ec2TagFilter` are allowed, where any instance that matches to at least one of the tag filters is selected. */ value?: pulumi.Input; } export interface DeploymentGroupEc2TagSet { /** * Tag filters associated with the deployment group. See the AWS docs for details. */ ec2TagFilters?: pulumi.Input[]>; } export interface DeploymentGroupEc2TagSetEc2TagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. * * Multiple occurrences of `ec2TagFilter` are allowed, where any instance that matches to at least one of the tag filters is selected. */ value?: pulumi.Input; } export interface DeploymentGroupEcsService { /** * The name of the ECS cluster. */ clusterName: pulumi.Input; /** * The name of the ECS service. */ serviceName: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfo { /** * The Classic Elastic Load Balancer to use in a deployment. Conflicts with `targetGroupInfo` and `targetGroupPairInfo`. */ elbInfos?: pulumi.Input[]>; /** * The (Application/Network Load Balancer) target group to use in a deployment. Conflicts with `elbInfo` and `targetGroupPairInfo`. */ targetGroupInfos?: pulumi.Input[]>; /** * The (Application/Network Load Balancer) target group pair to use in a deployment. Conflicts with `elbInfo` and `targetGroupInfo`. */ targetGroupPairInfo?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoElbInfo { /** * The name of the load balancer that will be used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. */ name?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupInfo { /** * The name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. */ name?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfo { /** * Configuration block for the production traffic route (documented below). */ prodTrafficRoute: pulumi.Input; /** * Configuration blocks for a target group within a target group pair (documented below). */ targetGroups: pulumi.Input[]>; /** * Configuration block for the test traffic route (documented below). */ testTrafficRoute?: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoProdTrafficRoute { /** * List of Amazon Resource Names (ARNs) of the load balancer listeners. Must contain exactly one listener ARN. */ listenerArns: pulumi.Input[]>; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTargetGroup { /** * Name of the target group. */ name: pulumi.Input; } export interface DeploymentGroupLoadBalancerInfoTargetGroupPairInfoTestTrafficRoute { /** * List of Amazon Resource Names (ARNs) of the load balancer listeners. */ listenerArns: pulumi.Input[]>; } export interface DeploymentGroupOnPremisesInstanceTagFilter { /** * The key of the tag filter. */ key?: pulumi.Input; /** * The type of the tag filter, either `KEY_ONLY`, `VALUE_ONLY`, or `KEY_AND_VALUE`. */ type?: pulumi.Input; /** * The value of the tag filter. */ value?: pulumi.Input; } export interface DeploymentGroupTriggerConfiguration { /** * The event type or types for which notifications are triggered. Some values that are supported: `DeploymentStart`, `DeploymentSuccess`, `DeploymentFailure`, `DeploymentStop`, `DeploymentRollback`, `InstanceStart`, `InstanceSuccess`, `InstanceFailure`. See [the CodeDeploy documentation](http://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-sns-event-notifications-create-trigger.html) for all possible values. */ triggerEvents: pulumi.Input[]>; /** * The name of the notification trigger. */ triggerName: pulumi.Input; /** * The ARN of the SNS topic through which notifications are sent. */ triggerTargetArn: pulumi.Input; } } export namespace codeguruprofiler { export interface ProfilingGroupAgentOrchestrationConfig { /** * (Required) Boolean that specifies whether the profiling agent collects profiling data or */ profilingEnabled: pulumi.Input; } } export namespace codegurureviewer { export interface RepositoryAssociationKmsKeyDetails { /** * The encryption option for a repository association. It is either owned by AWS Key Management Service (KMS) (`AWS_OWNED_CMK`) or customer managed (`CUSTOMER_MANAGED_CMK`). */ encryptionOption?: pulumi.Input; /** * The ID of the AWS KMS key that is associated with a repository association. */ kmsKeyId?: pulumi.Input; } export interface RepositoryAssociationRepository { bitbucket?: pulumi.Input; codecommit?: pulumi.Input; githubEnterpriseServer?: pulumi.Input; s3Bucket?: pulumi.Input; } export interface RepositoryAssociationRepositoryBitbucket { /** * The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. */ connectionArn: pulumi.Input; /** * The name of the third party source repository. */ name: pulumi.Input; /** * The username for the account that owns the repository. */ owner: pulumi.Input; } export interface RepositoryAssociationRepositoryCodecommit { /** * The name of the AWS CodeCommit repository. */ name: pulumi.Input; } export interface RepositoryAssociationRepositoryGithubEnterpriseServer { /** * The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. */ connectionArn: pulumi.Input; /** * The name of the third party source repository. */ name: pulumi.Input; /** * The username for the account that owns the repository. */ owner: pulumi.Input; } export interface RepositoryAssociationRepositoryS3Bucket { /** * The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`. */ bucketName: pulumi.Input; /** * The name of the repository in the S3 bucket. */ name: pulumi.Input; } export interface RepositoryAssociationS3RepositoryDetail { /** * The name of the S3 bucket used for associating a new S3 repository. Note: The name must begin with `codeguru-reviewer-`. */ bucketName?: pulumi.Input; codeArtifacts?: pulumi.Input[]>; } export interface RepositoryAssociationS3RepositoryDetailCodeArtifact { buildArtifactsObjectKey?: pulumi.Input; sourceCodeArtifactsObjectKey?: pulumi.Input; } } export namespace codepipeline { export interface CustomActionTypeConfigurationProperty { /** * The description of the action configuration property. */ description?: pulumi.Input; /** * Whether the configuration property is a key. */ key: pulumi.Input; /** * The name of the action configuration property. */ name: pulumi.Input; /** * Indicates that the property will be used in conjunction with PollForJobs. */ queryable?: pulumi.Input; /** * Whether the configuration property is a required value. */ required: pulumi.Input; /** * Whether the configuration property is secret. */ secret: pulumi.Input; /** * The type of the configuration property. Valid values: `String`, `Number`, `Boolean` */ type?: pulumi.Input; } export interface CustomActionTypeInputArtifactDetails { /** * The maximum number of artifacts allowed for the action type. Min: 0, Max: 5 */ maximumCount: pulumi.Input; /** * The minimum number of artifacts allowed for the action type. Min: 0, Max: 5 */ minimumCount: pulumi.Input; } export interface CustomActionTypeOutputArtifactDetails { /** * The maximum number of artifacts allowed for the action type. Min: 0, Max: 5 */ maximumCount: pulumi.Input; /** * The minimum number of artifacts allowed for the action type. Min: 0, Max: 5 */ minimumCount: pulumi.Input; } export interface CustomActionTypeSettings { /** * The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system. */ entityUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system. */ executionUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action. */ revisionUrlTemplate?: pulumi.Input; /** * The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service. */ thirdPartyConfigurationUrl?: pulumi.Input; } export interface PipelineArtifactStore { /** * The encryption key block AWS CodePipeline uses to encrypt the data in the artifact store, such as an AWS Key Management Service (AWS KMS) key. If you don't specify a key, AWS CodePipeline uses the default key for Amazon Simple Storage Service (Amazon S3). An `encryptionKey` block is documented below. */ encryptionKey?: pulumi.Input; /** * The location where AWS CodePipeline stores artifacts for a pipeline; currently only `S3` is supported. */ location: pulumi.Input; /** * The region where the artifact store is located. Required for a cross-region CodePipeline, do not provide for a single-region CodePipeline. */ region?: pulumi.Input; /** * The type of the artifact store, such as Amazon S3 */ type: pulumi.Input; } export interface PipelineArtifactStoreEncryptionKey { /** * The KMS key ARN or ID */ id: pulumi.Input; /** * The type of key; currently only `KMS` is supported */ type: pulumi.Input; } export interface PipelineStage { /** * The action(s) to include in the stage. Defined as an `action` block below */ actions: pulumi.Input[]>; /** * The name of the stage. */ name: pulumi.Input; } export interface PipelineStageAction { /** * A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Possible values are `Approval`, `Build`, `Deploy`, `Invoke`, `Source` and `Test`. */ category: pulumi.Input; /** * A map of the action declaration's configuration. Configurations options for action types and providers can be found in the [Pipeline Structure Reference](http://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) and [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation. Note: The `DetectChanges` parameter (optional, default value is true) in the `configuration` section causes CodePipeline to automatically start your pipeline upon new commits. Please refer to AWS Documentation for more details: https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html#action-reference-CodestarConnectionSource-config. */ configuration?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * A list of artifact names to be worked on. */ inputArtifacts?: pulumi.Input[]>; /** * The action declaration's name. */ name: pulumi.Input; /** * The namespace all output variables will be accessed from. */ namespace?: pulumi.Input; /** * A list of artifact names to output. Output artifact names must be unique within a pipeline. */ outputArtifacts?: pulumi.Input[]>; /** * The creator of the action being called. Possible values are `AWS`, `Custom` and `ThirdParty`. */ owner: pulumi.Input; /** * The provider of the service being called by the action. Valid providers are determined by the action category. Provider names are listed in the [Action Structure Reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) documentation. */ provider: pulumi.Input; /** * The region in which to run the action. */ region?: pulumi.Input; /** * The ARN of the IAM service role that will perform the declared action. This is assumed through the roleArn for the pipeline. */ roleArn?: pulumi.Input; /** * The order in which actions are run. */ runOrder?: pulumi.Input; timeoutInMinutes?: pulumi.Input; /** * A string that identifies the action type. */ version: pulumi.Input; } export interface PipelineTrigger { /** * Provides the filter criteria and the source stage for the repository event that starts the pipeline. For more information, refer to the [AWS documentation](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-filter.html). A `gitConfiguration` block is documented below. */ gitConfiguration: pulumi.Input; /** * The source provider for the event. Possible value is `CodeStarSourceConnection`. */ providerType: pulumi.Input; } export interface PipelineTriggerGitConfiguration { /** * The field where the repository event that will start the pipeline is specified as pull requests. A `pullRequest` block is documented below. */ pullRequests?: pulumi.Input[]>; /** * The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details. A `push` block is documented below. */ pushes?: pulumi.Input[]>; /** * The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only. */ sourceActionName: pulumi.Input; } export interface PipelineTriggerGitConfigurationPullRequest { /** * The field that specifies to filter on branches for the pull request trigger configuration. A `branches` block is documented below. */ branches?: pulumi.Input; /** * A list that specifies which pull request events to filter on (opened, updated, closed) for the trigger configuration. Possible values are `OPEN`, `UPDATED ` and `CLOSED`. */ events?: pulumi.Input[]>; /** * The field that specifies to filter on file paths for the pull request trigger configuration. A `filePaths` block is documented below. */ filePaths?: pulumi.Input; } export interface PipelineTriggerGitConfigurationPullRequestBranches { /** * A list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * A list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } export interface PipelineTriggerGitConfigurationPullRequestFilePaths { /** * A list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * A list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } export interface PipelineTriggerGitConfigurationPush { /** * The field that specifies to filter on branches for the push trigger configuration. A `branches` block is documented below. */ branches?: pulumi.Input; /** * The field that specifies to filter on file paths for the push trigger configuration. A `filePaths` block is documented below. */ filePaths?: pulumi.Input; /** * The field that contains the details for the Git tags trigger configuration. A `tags` block is documented below. */ tags?: pulumi.Input; } export interface PipelineTriggerGitConfigurationPushBranches { /** * A list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * A list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } export interface PipelineTriggerGitConfigurationPushFilePaths { /** * A list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * A list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } export interface PipelineTriggerGitConfigurationPushTags { /** * A list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * A list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } export interface PipelineVariable { /** * The default value of a pipeline-level variable. */ defaultValue?: pulumi.Input; /** * The description of a pipeline-level variable. * * > **Note:** The input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions. */ description?: pulumi.Input; /** * The name of a pipeline-level variable. */ name: pulumi.Input; } export interface WebhookAuthenticationConfiguration { /** * A valid CIDR block for `IP` filtering. Required for `IP`. */ allowedIpRange?: pulumi.Input; /** * The shared secret for the GitHub repository webhook. Set this as `secret` in your `githubRepositoryWebhook`'s `configuration` block. Required for `GITHUB_HMAC`. */ secretToken?: pulumi.Input; } export interface WebhookFilter { /** * The [JSON path](https://github.com/json-path/JsonPath) to filter on. */ jsonPath: pulumi.Input; /** * The value to match on (e.g., `refs/heads/{Branch}`). See [AWS docs](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_WebhookFilterRule.html) for details. */ matchEquals: pulumi.Input; } } export namespace codestarconnections { export interface HostVpcConfiguration { /** * ID of the security group or security groups associated with the Amazon VPC connected to the infrastructure where your provider type is installed. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnet or subnets associated with the Amazon VPC connected to the infrastructure where your provider type is installed. */ subnetIds: pulumi.Input[]>; /** * The value of the Transport Layer Security (TLS) certificate associated with the infrastructure where your provider type is installed. */ tlsCertificate?: pulumi.Input; /** * The ID of the Amazon VPC connected to the infrastructure where your provider type is installed. */ vpcId: pulumi.Input; } } export namespace codestarnotifications { export interface NotificationRuleTarget { /** * The ARN of notification rule target. For example, a SNS Topic ARN. */ address: pulumi.Input; /** * The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`. */ status?: pulumi.Input; /** * The type of the notification target. Default value is `SNS`. */ type?: pulumi.Input; } } export namespace cognito { export interface IdentityPoolCognitoIdentityProvider { /** * The client ID for the Amazon Cognito Identity User Pool. */ clientId?: pulumi.Input; /** * The provider name for an Amazon Cognito Identity User Pool. */ providerName?: pulumi.Input; /** * Whether server-side token validation is enabled for the identity provider’s token or not. */ serverSideTokenCheck?: pulumi.Input; } export interface IdentityPoolRoleAttachmentRoleMapping { /** * Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type. `Required` if you specify Token or Rules as the Type. */ ambiguousRoleResolution?: pulumi.Input; /** * A string identifying the identity provider, for example, "graph.facebook.com" or "cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id". Depends on `cognitoIdentityProviders` set on `aws.cognito.IdentityPool` resource or a `aws.cognito.IdentityProvider` resource. */ identityProvider: pulumi.Input; /** * The Rules Configuration to be used for mapping users to roles. You can specify up to 25 rules per identity provider. Rules are evaluated in order. The first one to match specifies the role. */ mappingRules?: pulumi.Input[]>; /** * The role mapping type. */ type: pulumi.Input; } export interface IdentityPoolRoleAttachmentRoleMappingMappingRule { /** * The claim name that must be present in the token, for example, "isAdmin" or "paid". */ claim: pulumi.Input; /** * The match condition that specifies how closely the claim value in the IdP token must match Value. */ matchType: pulumi.Input; /** * The role ARN. */ roleArn: pulumi.Input; /** * A brief string that the claim must match, for example, "paid" or "yes". */ value: pulumi.Input; } export interface ManagedUserPoolClientAnalyticsConfiguration { /** * Application ARN for an Amazon Pinpoint application. It conflicts with `externalId` and `roleArn`. */ applicationArn?: pulumi.Input; /** * Unique identifier for an Amazon Pinpoint application. */ applicationId?: pulumi.Input; /** * ID for the Analytics Configuration and conflicts with `applicationArn`. */ externalId?: pulumi.Input; /** * ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. It conflicts with `applicationArn`. */ roleArn?: pulumi.Input; /** * If `userDataShared` is set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics. */ userDataShared?: pulumi.Input; } export interface ManagedUserPoolClientTokenValidityUnits { /** * Time unit for the value in `accessTokenValidity` and defaults to `hours`. */ accessToken?: pulumi.Input; /** * Time unit for the value in `idTokenValidity`, and it defaults to `hours`. */ idToken?: pulumi.Input; /** * Time unit for the value in `refreshTokenValidity` and defaults to `days`. */ refreshToken?: pulumi.Input; } export interface ResourceServerScope { /** * The scope description. */ scopeDescription: pulumi.Input; /** * The scope name. */ scopeName: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfiguration { /** * Account takeover risk configuration actions. See details below. */ actions: pulumi.Input; /** * The notify configuration used to construct email notifications. See details below. */ notifyConfiguration: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActions { /** * Action to take for a high risk. See action block below. */ highAction?: pulumi.Input; /** * Action to take for a low risk. See action block below. */ lowAction?: pulumi.Input; /** * Action to take for a medium risk. See action block below. */ mediumAction?: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsHighAction { eventAction: pulumi.Input; /** * Whether to send a notification. */ notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsLowAction { eventAction: pulumi.Input; /** * Whether to send a notification. */ notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationActionsMediumAction { eventAction: pulumi.Input; /** * Whether to send a notification. */ notify: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration { /** * Email template used when a detected risk event is blocked. See notify email type below. */ blockEmail?: pulumi.Input; /** * The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES. */ from?: pulumi.Input; /** * The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk. See notify email type below. */ mfaEmail?: pulumi.Input; /** * The email template used when a detected risk event is allowed. See notify email type below. */ noActionEmail?: pulumi.Input; /** * The destination to which the receiver of an email should reply to. */ replyTo?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter. */ sourceArn: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationBlockEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationMfaEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfigurationNoActionEmail { /** * The email HTML body. */ htmlBody: pulumi.Input; /** * The email subject. */ subject: pulumi.Input; /** * The email text body. */ textBody: pulumi.Input; } export interface RiskConfigurationCompromisedCredentialsRiskConfiguration { /** * The compromised credentials risk configuration actions. See details below. */ actions: pulumi.Input; /** * Perform the action for these events. The default is to perform all events if no event filter is specified. Valid values are `SIGN_IN`, `PASSWORD_CHANGE`, and `SIGN_UP`. */ eventFilters?: pulumi.Input[]>; } export interface RiskConfigurationCompromisedCredentialsRiskConfigurationActions { /** * The event action. Valid values are `BLOCK` or `NO_ACTION`. */ eventAction: pulumi.Input; } export interface RiskConfigurationRiskExceptionConfiguration { /** * Overrides the risk decision to always block the pre-authentication requests. * The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix. * Can contain a maximum of 200 items. */ blockedIpRangeLists?: pulumi.Input[]>; /** * Risk detection isn't performed on the IP addresses in this range list. * The IP range is in CIDR notation. * Can contain a maximum of 200 items. */ skippedIpRangeLists?: pulumi.Input[]>; } export interface UserPoolAccountRecoverySetting { /** * List of Account Recovery Options of the following structure: */ recoveryMechanisms?: pulumi.Input[]>; } export interface UserPoolAccountRecoverySettingRecoveryMechanism { /** * Recovery method for a user. Can be of the following: `verifiedEmail`, `verifiedPhoneNumber`, and `adminOnly`. */ name: pulumi.Input; /** * Positive integer specifying priority of a method with 1 being the highest priority. */ priority: pulumi.Input; } export interface UserPoolAdminCreateUserConfig { /** * Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app. */ allowAdminCreateUserOnly?: pulumi.Input; /** * Invite message template structure. Detailed below. */ inviteMessageTemplate?: pulumi.Input; } export interface UserPoolAdminCreateUserConfigInviteMessageTemplate { /** * Message template for email messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively. */ emailMessage?: pulumi.Input; /** * Subject line for email messages. */ emailSubject?: pulumi.Input; /** * Message template for SMS messages. Must contain `{username}` and `{####}` placeholders, for username and temporary password, respectively. */ smsMessage?: pulumi.Input; } export interface UserPoolClientAnalyticsConfiguration { /** * Application ARN for an Amazon Pinpoint application. Conflicts with `externalId` and `roleArn`. */ applicationArn?: pulumi.Input; /** * Application ID for an Amazon Pinpoint application. */ applicationId?: pulumi.Input; /** * ID for the Analytics Configuration. Conflicts with `applicationArn`. */ externalId?: pulumi.Input; /** * ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Conflicts with `applicationArn`. */ roleArn?: pulumi.Input; /** * If set to `true`, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics. */ userDataShared?: pulumi.Input; } export interface UserPoolClientTokenValidityUnits { /** * Time unit in for the value in `accessTokenValidity`, defaults to `hours`. */ accessToken?: pulumi.Input; /** * Time unit in for the value in `idTokenValidity`, defaults to `hours`. */ idToken?: pulumi.Input; /** * Time unit in for the value in `refreshTokenValidity`, defaults to `days`. */ refreshToken?: pulumi.Input; } export interface UserPoolDeviceConfiguration { /** * Whether a challenge is required on a new device. Only applicable to a new device. */ challengeRequiredOnNewDevice?: pulumi.Input; /** * Whether a device is only remembered on user prompt. `false` equates to "Always" remember, `true` is "User Opt In," and not using a `deviceConfiguration` block is "No." */ deviceOnlyRememberedOnUserPrompt?: pulumi.Input; } export interface UserPoolEmailConfiguration { /** * Email configuration set name from SES. */ configurationSet?: pulumi.Input; /** * Email delivery method to use. `COGNITO_DEFAULT` for the default email functionality built into Cognito or `DEVELOPER` to use your Amazon SES configuration. Required to be `DEVELOPER` if `fromEmailAddress` is set. */ emailSendingAccount?: pulumi.Input; /** * Sender’s email address or sender’s display name with their email address (e.g., `john@example.com`, `John Smith ` or `\"John Smith Ph.D.\" `). Escaped double quotes are required around display names that contain certain characters as specified in [RFC 5322](https://tools.ietf.org/html/rfc5322). */ fromEmailAddress?: pulumi.Input; /** * REPLY-TO email address. */ replyToEmailAddress?: pulumi.Input; /** * ARN of the SES verified email identity to use. Required if `emailSendingAccount` is set to `DEVELOPER`. */ sourceArn?: pulumi.Input; } export interface UserPoolLambdaConfig { /** * ARN of the lambda creating an authentication challenge. */ createAuthChallenge?: pulumi.Input; /** * A custom email sender AWS Lambda trigger. See customEmailSender Below. */ customEmailSender?: pulumi.Input; /** * Custom Message AWS Lambda trigger. */ customMessage?: pulumi.Input; /** * A custom SMS sender AWS Lambda trigger. See customSmsSender Below. */ customSmsSender?: pulumi.Input; /** * Defines the authentication challenge. */ defineAuthChallenge?: pulumi.Input; /** * The Amazon Resource Name of Key Management Service Customer master keys. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to CustomEmailSender and CustomSMSSender. */ kmsKeyId?: pulumi.Input; /** * Post-authentication AWS Lambda trigger. */ postAuthentication?: pulumi.Input; /** * Post-confirmation AWS Lambda trigger. */ postConfirmation?: pulumi.Input; /** * Pre-authentication AWS Lambda trigger. */ preAuthentication?: pulumi.Input; /** * Pre-registration AWS Lambda trigger. */ preSignUp?: pulumi.Input; /** * Allow to customize identity token claims before token generation. Set this parameter for legacy purposes; for new instances of pre token generation triggers, set the lambdaArn of `preTokenGenerationConfig`. */ preTokenGeneration?: pulumi.Input; /** * Allow to customize access tokens. See pre_token_configuration_type */ preTokenGenerationConfig?: pulumi.Input; /** * User migration Lambda config type. */ userMigration?: pulumi.Input; /** * Verifies the authentication challenge response. */ verifyAuthChallengeResponse?: pulumi.Input; } export interface UserPoolLambdaConfigCustomEmailSender { /** * The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send email notifications to users. */ lambdaArn: pulumi.Input; /** * The Lambda version represents the signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom email Lambda function. The only supported value is `V1_0`. */ lambdaVersion: pulumi.Input; } export interface UserPoolLambdaConfigCustomSmsSender { /** * The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to send SMS notifications to users. */ lambdaArn: pulumi.Input; /** * The Lambda version represents the signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom SMS Lambda function. The only supported value is `V1_0`. */ lambdaVersion: pulumi.Input; } export interface UserPoolLambdaConfigPreTokenGenerationConfig { lambdaArn: pulumi.Input; lambdaVersion: pulumi.Input; } export interface UserPoolPasswordPolicy { /** * Minimum length of the password policy that you have set. */ minimumLength?: pulumi.Input; /** * Number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of number of previous passwords specified by this argument. A value of 0 means that password history is not enforced. Valid values are between 0 and 24. * * **Note:** This argument requires advanced security features to be active in the user pool. */ passwordHistorySize?: pulumi.Input; /** * Whether you have required users to use at least one lowercase letter in their password. */ requireLowercase?: pulumi.Input; /** * Whether you have required users to use at least one number in their password. */ requireNumbers?: pulumi.Input; /** * Whether you have required users to use at least one symbol in their password. */ requireSymbols?: pulumi.Input; /** * Whether you have required users to use at least one uppercase letter in their password. */ requireUppercase?: pulumi.Input; /** * In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator. */ temporaryPasswordValidityDays?: pulumi.Input; } export interface UserPoolSchema { /** * Attribute data type. Must be one of `Boolean`, `Number`, `String`, `DateTime`. */ attributeDataType: pulumi.Input; /** * Whether the attribute type is developer only. */ developerOnlyAttribute?: pulumi.Input; /** * Whether the attribute can be changed once it has been created. */ mutable?: pulumi.Input; /** * Name of the attribute. */ name: pulumi.Input; /** * Configuration block for the constraints for an attribute of the number type. Detailed below. */ numberAttributeConstraints?: pulumi.Input; /** * Whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail. */ required?: pulumi.Input; /** * Constraints for an attribute of the string type. Detailed below. */ stringAttributeConstraints?: pulumi.Input; } export interface UserPoolSchemaNumberAttributeConstraints { /** * Maximum value of an attribute that is of the number data type. */ maxValue?: pulumi.Input; /** * Minimum value of an attribute that is of the number data type. */ minValue?: pulumi.Input; } export interface UserPoolSchemaStringAttributeConstraints { /** * Maximum length of an attribute value of the string type. */ maxLength?: pulumi.Input; /** * Minimum length of an attribute value of the string type. */ minLength?: pulumi.Input; } export interface UserPoolSmsConfiguration { /** * External ID used in IAM role trust relationships. For more information about using external IDs, see [How to Use an External ID When Granting Access to Your AWS Resources to a Third Party](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html). */ externalId: pulumi.Input; /** * ARN of the Amazon SNS caller. This is usually the IAM role that you've given Cognito permission to assume. */ snsCallerArn: pulumi.Input; /** * The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported Legacy Amazon SNS alternate Region. Amazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html). */ snsRegion?: pulumi.Input; } export interface UserPoolSoftwareTokenMfaConfiguration { /** * Boolean whether to enable software token Multi-Factor (MFA) tokens, such as Time-based One-Time Password (TOTP). To disable software token MFA When `smsConfiguration` is not present, the `mfaConfiguration` argument must be set to `OFF` and the `softwareTokenMfaConfiguration` configuration block must be fully removed. */ enabled: pulumi.Input; } export interface UserPoolUserAttributeUpdateSettings { /** * A list of attributes requiring verification before update. If set, the provided value(s) must also be set in `autoVerifiedAttributes`. Valid values: `email`, `phoneNumber`. */ attributesRequireVerificationBeforeUpdates: pulumi.Input[]>; } export interface UserPoolUserPoolAddOns { /** * Mode for advanced security, must be one of `OFF`, `AUDIT` or `ENFORCED`. */ advancedSecurityMode: pulumi.Input; } export interface UserPoolUsernameConfiguration { /** * Whether username case sensitivity will be applied for all users in the user pool through Cognito APIs. */ caseSensitive: pulumi.Input; } export interface UserPoolVerificationMessageTemplate { /** * Default email option. Must be either `CONFIRM_WITH_CODE` or `CONFIRM_WITH_LINK`. Defaults to `CONFIRM_WITH_CODE`. */ defaultEmailOption?: pulumi.Input; /** * Email message template. Must contain the `{####}` placeholder. Conflicts with `emailVerificationMessage` argument. */ emailMessage?: pulumi.Input; /** * Email message template for sending a confirmation link to the user, it must contain the `{##Click Here##}` placeholder. */ emailMessageByLink?: pulumi.Input; /** * Subject line for the email message template. Conflicts with `emailVerificationSubject` argument. */ emailSubject?: pulumi.Input; /** * Subject line for the email message template for sending a confirmation link to the user. */ emailSubjectByLink?: pulumi.Input; /** * SMS message template. Must contain the `{####}` placeholder. Conflicts with `smsVerificationMessage` argument. */ smsMessage?: pulumi.Input; } } export namespace comprehend { export interface DocumentClassifierInputDataConfig { /** * List of training datasets produced by Amazon SageMaker Ground Truth. * Used if `dataFormat` is `AUGMENTED_MANIFEST`. * See the `augmentedManifests` Configuration Block section below. */ augmentedManifests?: pulumi.Input[]>; /** * The format for the training data. * One of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`. */ dataFormat?: pulumi.Input; /** * Delimiter between labels when training a multi-label classifier. * Valid values are `|`, `~`, `!`, `@`, `#`, `$`, `%`, `^`, `*`, `-`, `_`, `+`, `=`, `\`, `:`, `;`, `>`, `?`, `/`, ``, and ``. * Default is `|`. */ labelDelimiter?: pulumi.Input; /** * Location of training documents. * Used if `dataFormat` is `COMPREHEND_CSV`. */ s3Uri?: pulumi.Input; testS3Uri?: pulumi.Input; } export interface DocumentClassifierInputDataConfigAugmentedManifest { /** * Location of annotation files. */ annotationDataS3Uri?: pulumi.Input; /** * The JSON attribute that contains the annotations for the training documents. */ attributeNames: pulumi.Input[]>; /** * Type of augmented manifest. * One of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`. */ documentType?: pulumi.Input; /** * Location of augmented manifest file. */ s3Uri: pulumi.Input; /** * Location of source PDF files. */ sourceDocumentsS3Uri?: pulumi.Input; /** * Purpose of data in augmented manifest. * One of `TRAIN` or `TEST`. */ split?: pulumi.Input; } export interface DocumentClassifierOutputDataConfig { /** * KMS Key used to encrypt the output documents. * Can be a KMS Key ID, a KMS Key ARN, a KMS Alias name, or a KMS Alias ARN. */ kmsKeyId?: pulumi.Input; /** * Full path for the output documents. */ outputS3Uri?: pulumi.Input; /** * Destination path for the output documents. * The full path to the output file will be returned in `outputS3Uri`. */ s3Uri: pulumi.Input; } export interface DocumentClassifierVpcConfig { /** * List of security group IDs. */ securityGroupIds: pulumi.Input[]>; /** * List of VPC subnets. */ subnets: pulumi.Input[]>; } export interface EntityRecognizerInputDataConfig { /** * Specifies location of the document annotation data. * See the `annotations` Configuration Block section below. * One of `annotations` or `entityList` is required. */ annotations?: pulumi.Input; /** * List of training datasets produced by Amazon SageMaker Ground Truth. * Used if `dataFormat` is `AUGMENTED_MANIFEST`. * See the `augmentedManifests` Configuration Block section below. */ augmentedManifests?: pulumi.Input[]>; /** * The format for the training data. * One of `COMPREHEND_CSV` or `AUGMENTED_MANIFEST`. */ dataFormat?: pulumi.Input; /** * Specifies a collection of training documents. * Used if `dataFormat` is `COMPREHEND_CSV`. * See the `documents` Configuration Block section below. */ documents?: pulumi.Input; /** * Specifies location of the entity list data. * See the `entityList` Configuration Block section below. * One of `entityList` or `annotations` is required. */ entityList?: pulumi.Input; /** * Set of entity types to be recognized. * Has a maximum of 25 items. * See the `entityTypes` Configuration Block section below. */ entityTypes: pulumi.Input[]>; } export interface EntityRecognizerInputDataConfigAnnotations { /** * Location of training annotations. */ s3Uri: pulumi.Input; testS3Uri?: pulumi.Input; } export interface EntityRecognizerInputDataConfigAugmentedManifest { /** * Location of annotation files. */ annotationDataS3Uri?: pulumi.Input; /** * The JSON attribute that contains the annotations for the training documents. */ attributeNames: pulumi.Input[]>; /** * Type of augmented manifest. * One of `PLAIN_TEXT_DOCUMENT` or `SEMI_STRUCTURED_DOCUMENT`. */ documentType?: pulumi.Input; /** * Location of augmented manifest file. */ s3Uri: pulumi.Input; /** * Location of source PDF files. */ sourceDocumentsS3Uri?: pulumi.Input; /** * Purpose of data in augmented manifest. * One of `TRAIN` or `TEST`. */ split?: pulumi.Input; } export interface EntityRecognizerInputDataConfigDocuments { /** * Specifies how the input files should be processed. * One of `ONE_DOC_PER_LINE` or `ONE_DOC_PER_FILE`. */ inputFormat?: pulumi.Input; /** * Location of training documents. */ s3Uri: pulumi.Input; testS3Uri?: pulumi.Input; } export interface EntityRecognizerInputDataConfigEntityList { /** * Location of entity list. */ s3Uri: pulumi.Input; } export interface EntityRecognizerInputDataConfigEntityType { /** * An entity type to be matched by the Entity Recognizer. * Cannot contain a newline (`\n`), carriage return (`\r`), or tab (`\t`). */ type: pulumi.Input; } export interface EntityRecognizerVpcConfig { /** * List of security group IDs. */ securityGroupIds: pulumi.Input[]>; /** * List of VPC subnets. */ subnets: pulumi.Input[]>; } } export namespace computeoptimizer { export interface EnrollmentStatusTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface RecommendationPreferencesExternalMetricsPreference { /** * The source options for external metrics preferences. Valid values: `Datadog`, `Dynatrace`, `NewRelic`, `Instana`. */ source: pulumi.Input; } export interface RecommendationPreferencesPreferredResource { /** * The preferred resource type values to exclude from the recommendation candidates. If this isn’t specified, all supported resources are included by default. */ excludeLists?: pulumi.Input[]>; /** * The preferred resource type values to include in the recommendation candidates. You can specify the exact resource type value, such as `"m5.large"`, or use wild card expressions, such as `"m5"`. If this isn’t specified, all supported resources are included by default. */ includeLists?: pulumi.Input[]>; name: pulumi.Input; } export interface RecommendationPreferencesScope { /** * The name of the scope. Valid values: `Organization`, `AccountId`, `ResourceArn`. */ name: pulumi.Input; /** * The value of the scope. `ALL_ACCOUNTS` for `Organization` scopes, AWS account ID for `AccountId` scopes, ARN of an EC2 instance or an Auto Scaling group for `ResourceArn` scopes. */ value: pulumi.Input; } export interface RecommendationPreferencesUtilizationPreference { /** * The name of the resource utilization metric name to customize. Valid values: `CpuUtilization`, `MemoryUtilization`. */ metricName: pulumi.Input; /** * The parameters to set when customizing the resource utilization thresholds. */ metricParameters?: pulumi.Input; } export interface RecommendationPreferencesUtilizationPreferenceMetricParameters { /** * The headroom value in percentage used for the specified metric parameter. Valid values: `PERCENT_30`, `PERCENT_20`, `PERCENT_10`, `PERCENT_0`. */ headroom: pulumi.Input; /** * The threshold value used for the specified metric parameter. You can only specify the threshold value for CPU utilization. Valid values: `P90`, `P95`, `P99_5`. */ threshold?: pulumi.Input; } } export namespace config { } export namespace connect { export interface BotAssociationLexBot { /** * The Region that the Amazon Lex (V1) bot was created in. Defaults to current region. */ lexRegion?: pulumi.Input; /** * The name of the Amazon Lex (V1) bot. */ name: pulumi.Input; } export interface GetBotAssociationLexBot { /** * Region that the Amazon Lex (V1) bot was created in. */ lexRegion?: string; /** * Name of the Amazon Lex (V1) bot. */ name: string; } export interface GetBotAssociationLexBotArgs { /** * Region that the Amazon Lex (V1) bot was created in. */ lexRegion?: pulumi.Input; /** * Name of the Amazon Lex (V1) bot. */ name: pulumi.Input; } export interface HoursOfOperationConfig { /** * Specifies the day that the hours of operation applies to. */ day: pulumi.Input; /** * A end time block specifies the time that your contact center closes. The `endTime` is documented below. */ endTime: pulumi.Input; /** * A start time block specifies the time that your contact center opens. The `startTime` is documented below. */ startTime: pulumi.Input; } export interface HoursOfOperationConfigEndTime { /** * Specifies the hour of closing. */ hours: pulumi.Input; /** * Specifies the minute of closing. */ minutes: pulumi.Input; } export interface HoursOfOperationConfigStartTime { /** * Specifies the hour of opening. */ hours: pulumi.Input; /** * Specifies the minute of opening. */ minutes: pulumi.Input; } export interface InstanceStorageConfigStorageConfig { /** * A block that specifies the configuration of the Kinesis Firehose delivery stream. Documented below. */ kinesisFirehoseConfig?: pulumi.Input; /** * A block that specifies the configuration of the Kinesis data stream. Documented below. */ kinesisStreamConfig?: pulumi.Input; /** * A block that specifies the configuration of the Kinesis video stream. Documented below. */ kinesisVideoStreamConfig?: pulumi.Input; /** * A block that specifies the configuration of S3 Bucket. Documented below. */ s3Config?: pulumi.Input; /** * A valid storage type. Valid Values: `S3` | `KINESIS_VIDEO_STREAM` | `KINESIS_STREAM` | `KINESIS_FIREHOSE`. */ storageType: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisFirehoseConfig { /** * The Amazon Resource Name (ARN) of the delivery stream. */ firehoseArn: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisStreamConfig { /** * The Amazon Resource Name (ARN) of the data stream. */ streamArn: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisVideoStreamConfig { /** * The encryption configuration. Documented below. */ encryptionConfig: pulumi.Input; /** * The prefix of the video stream. Minimum length of `1`. Maximum length of `128`. When read from the state, the value returned is `-connect--contact-` since the API appends additional details to the `prefix`. */ prefix: pulumi.Input; /** * The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. Minimum value of `0`. Maximum value of `87600`. A value of `0`, indicates that the stream does not persist data. */ retentionPeriodHours: pulumi.Input; } export interface InstanceStorageConfigStorageConfigKinesisVideoStreamConfigEncryptionConfig { /** * The type of encryption. Valid Values: `KMS`. */ encryptionType: pulumi.Input; /** * The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID. */ keyId: pulumi.Input; } export interface InstanceStorageConfigStorageConfigS3Config { /** * The S3 bucket name. */ bucketName: pulumi.Input; /** * The S3 bucket prefix. */ bucketPrefix: pulumi.Input; /** * The encryption configuration. Documented below. */ encryptionConfig?: pulumi.Input; } export interface InstanceStorageConfigStorageConfigS3ConfigEncryptionConfig { /** * The type of encryption. Valid Values: `KMS`. */ encryptionType: pulumi.Input; /** * The full ARN of the encryption key. Be sure to provide the full ARN of the encryption key, not just the ID. */ keyId: pulumi.Input; } export interface PhoneNumberStatus { /** * The status message. */ message?: pulumi.Input; /** * The status of the phone number. Valid Values: `CLAIMED` | `IN_PROGRESS` | `FAILED`. */ status?: pulumi.Input; } export interface QueueOutboundCallerConfig { /** * Specifies the caller ID name. */ outboundCallerIdName?: pulumi.Input; /** * Specifies the caller ID number. */ outboundCallerIdNumberId?: pulumi.Input; /** * Specifies outbound whisper flow to be used during an outbound call. */ outboundFlowId?: pulumi.Input; } export interface QuickConnectQuickConnectConfig { /** * Specifies the phone configuration of the Quick Connect. This is required only if `quickConnectType` is `PHONE_NUMBER`. The `phoneConfig` block is documented below. */ phoneConfigs?: pulumi.Input[]>; /** * Specifies the queue configuration of the Quick Connect. This is required only if `quickConnectType` is `QUEUE`. The `queueConfig` block is documented below. */ queueConfigs?: pulumi.Input[]>; /** * Specifies the configuration type of the quick connect. valid values are `PHONE_NUMBER`, `QUEUE`, `USER`. */ quickConnectType: pulumi.Input; /** * Specifies the user configuration of the Quick Connect. This is required only if `quickConnectType` is `USER`. The `userConfig` block is documented below. */ userConfigs?: pulumi.Input[]>; } export interface QuickConnectQuickConnectConfigPhoneConfig { /** * Specifies the phone number in in E.164 format. */ phoneNumber: pulumi.Input; } export interface QuickConnectQuickConnectConfigQueueConfig { /** * Specifies the identifier of the contact flow. */ contactFlowId: pulumi.Input; /** * Specifies the identifier for the queue. */ queueId: pulumi.Input; } export interface QuickConnectQuickConnectConfigUserConfig { /** * Specifies the identifier of the contact flow. */ contactFlowId: pulumi.Input; /** * Specifies the identifier for the user. */ userId: pulumi.Input; } export interface RoutingProfileMediaConcurrency { /** * Specifies the channels that agents can handle in the Contact Control Panel (CCP). Valid values are `VOICE`, `CHAT`, `TASK`. */ channel: pulumi.Input; /** * Specifies the number of contacts an agent can have on a channel simultaneously. Valid Range for `VOICE`: Minimum value of 1. Maximum value of 1. Valid Range for `CHAT`: Minimum value of 1. Maximum value of 10. Valid Range for `TASK`: Minimum value of 1. Maximum value of 10. */ concurrency: pulumi.Input; } export interface RoutingProfileQueueConfig { /** * Specifies the channels agents can handle in the Contact Control Panel (CCP) for this routing profile. Valid values are `VOICE`, `CHAT`, `TASK`. */ channel: pulumi.Input; /** * Specifies the delay, in seconds, that a contact should be in the queue before they are routed to an available agent */ delay: pulumi.Input; /** * Specifies the order in which contacts are to be handled for the queue. */ priority: pulumi.Input; /** * ARN for the queue. */ queueArn?: pulumi.Input; /** * Specifies the identifier for the queue. */ queueId: pulumi.Input; /** * Name for the queue. */ queueName?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPath { /** * A block that defines the details of level five. The level block is documented below. */ levelFives?: pulumi.Input[]>; /** * A block that defines the details of level four. The level block is documented below. */ levelFours?: pulumi.Input[]>; /** * A block that defines the details of level one. The level block is documented below. */ levelOnes?: pulumi.Input[]>; /** * A block that defines the details of level three. The level block is documented below. */ levelThrees?: pulumi.Input[]>; /** * A block that defines the details of level two. The level block is documented below. */ levelTwos?: pulumi.Input[]>; } export interface UserHierarchyGroupHierarchyPathLevelFife { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelFour { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelOne { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelThree { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyGroupHierarchyPathLevelTwo { /** * The Amazon Resource Name (ARN) of the hierarchy group. */ arn?: pulumi.Input; /** * The identifier of the hierarchy group. */ id?: pulumi.Input; /** * The name of the user hierarchy group. Must not be more than 100 characters. */ name?: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructure { /** * A block that defines the details of level five. The level block is documented below. * * Each level block supports the following arguments: */ levelFive?: pulumi.Input; /** * A block that defines the details of level four. The level block is documented below. */ levelFour?: pulumi.Input; /** * A block that defines the details of level one. The level block is documented below. */ levelOne?: pulumi.Input; /** * A block that defines the details of level three. The level block is documented below. */ levelThree?: pulumi.Input; /** * A block that defines the details of level two. The level block is documented below. */ levelTwo?: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelFive { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelFour { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelOne { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelThree { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserHierarchyStructureHierarchyStructureLevelTwo { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ arn?: pulumi.Input; /** * The identifier of the hierarchy level. */ id?: pulumi.Input; /** * The name of the user hierarchy level. Must not be more than 50 characters. */ name: pulumi.Input; } export interface UserIdentityInfo { /** * The email address. If you are using SAML for identity management and include this parameter, an error is returned. Note that updates to the `email` is supported. From the [UpdateUserIdentityInfo API documentation](https://docs.aws.amazon.com/connect/latest/APIReference/API_UpdateUserIdentityInfo.html) it is strongly recommended to limit who has the ability to invoke `UpdateUserIdentityInfo`. Someone with that ability can change the login credentials of other users by changing their email address. This poses a security risk to your organization. They can change the email address of a user to the attacker's email address, and then reset the password through email. For more information, see [Best Practices for Security Profiles](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-best-practices.html) in the Amazon Connect Administrator Guide. */ email?: pulumi.Input; /** * The first name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100. */ firstName?: pulumi.Input; /** * The last name. This is required if you are using Amazon Connect or SAML for identity management. Minimum length of 1. Maximum length of 100. */ lastName?: pulumi.Input; } export interface UserPhoneConfig { /** * The After Call Work (ACW) timeout setting, in seconds. Minimum value of 0. */ afterContactWorkTimeLimit?: pulumi.Input; /** * When Auto-Accept Call is enabled for an available agent, the agent connects to contacts automatically. */ autoAccept?: pulumi.Input; /** * The phone number for the user's desk phone. Required if `phoneType` is set as `DESK_PHONE`. */ deskPhoneNumber?: pulumi.Input; /** * The phone type. Valid values are `DESK_PHONE` and `SOFT_PHONE`. */ phoneType: pulumi.Input; } } export namespace controltower { export interface ControlTowerControlParameter { /** * The name of the parameter. */ key: pulumi.Input; /** * The value of the parameter. */ value: pulumi.Input; } export interface LandingZoneDriftStatus { /** * The drift status of the landing zone. */ status?: pulumi.Input; } } export namespace costexplorer { export interface AnomalySubscriptionSubscriber { /** * The address of the subscriber. If type is `SNS`, this will be the arn of the sns topic. If type is `EMAIL`, this will be the destination email address. */ address: pulumi.Input; /** * The type of subscription. Valid Values: `SNS` | `EMAIL`. */ type: pulumi.Input; } export interface AnomalySubscriptionThresholdExpression { /** * Return results that match both Dimension objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * Return results that do not match the Dimension object. */ not?: pulumi.Input; /** * Return results that match either Dimension object. */ ors?: pulumi.Input[]>; /** * Configuration block for the specific Tag to use for. See Tags below. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionAnd { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNot { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOr { /** * Configuration block for the filter that's based on values. See Cost Category below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific Dimension to use for. */ dimension?: pulumi.Input; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface AnomalySubscriptionThresholdExpressionOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface AnomalySubscriptionThresholdExpressionTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRule { /** * Configuration block for the value the line item is categorized as if the line item contains the matched dimension. See below. */ inheritedValue?: pulumi.Input; /** * Configuration block for the `Expression` object used to categorize costs. See below. */ rule?: pulumi.Input; /** * You can define the CostCategoryRule rule type as either `REGULAR` or `INHERITED_VALUE`. */ type?: pulumi.Input; /** * Default value for the cost category. */ value?: pulumi.Input; } export interface CostCategoryRuleInheritedValue { /** * Key to extract cost category values. */ dimensionKey?: pulumi.Input; /** * Name of the dimension that's used to group costs. If you specify `LINKED_ACCOUNT_NAME`, the cost category value is based on account name. If you specify `TAG`, the cost category value will be based on the value of the specified tag key. Valid values are `LINKED_ACCOUNT_NAME`, `TAG` */ dimensionName?: pulumi.Input; } export interface CostCategoryRuleRule { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Configuration block for the specific `Tag` to use for `Expression`. See below. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAnd { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAndAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAndAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndNot { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAndNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndOr { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleAndOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNot { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleNotAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleNotAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotNot { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleNotNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotOr { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleNotOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOr { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleOrAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleOrAndCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrAndDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrAndTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrNot { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleOrNotCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrNotDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrNotTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrOr { /** * Configuration block for the filter that's based on `CostCategory` values. See below. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See below. */ dimension?: pulumi.Input; /** * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input; } export interface CostCategoryRuleRuleOrOrCostCategory { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrOrDimension { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleOrTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategoryRuleRuleTags { /** * Key for the tag. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface CostCategorySplitChargeRule { /** * Method that's used to define how to split your source costs across your targets. Valid values are `FIXED`, `PROPORTIONAL`, `EVEN` */ method: pulumi.Input; /** * Configuration block for the parameters for a split charge method. This is only required for the `FIXED` method. See below. */ parameters?: pulumi.Input[]>; /** * Cost Category value that you want to split. */ source: pulumi.Input; /** * Cost Category values that you want to split costs across. These values can't be used as a source in other split charge rules. */ targets: pulumi.Input[]>; } export interface CostCategorySplitChargeRuleParameter { /** * Parameter type. */ type?: pulumi.Input; /** * Parameter values. */ values?: pulumi.Input[]>; } export interface GetTagsFilter { /** * Return results that match both `Dimension` objects. */ ands?: inputs.costexplorer.GetTagsFilterAnd[]; /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: inputs.costexplorer.GetTagsFilterCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: inputs.costexplorer.GetTagsFilterDimension; /** * Return results that match both `Dimension` object. */ not?: inputs.costexplorer.GetTagsFilterNot; /** * Return results that match both `Dimension` object. */ ors?: inputs.costexplorer.GetTagsFilterOr[]; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterTags; } export interface GetTagsFilterArgs { /** * Return results that match both `Dimension` objects. */ ands?: pulumi.Input[]>; /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: pulumi.Input; /** * Return results that match both `Dimension` object. */ not?: pulumi.Input; /** * Return results that match both `Dimension` object. */ ors?: pulumi.Input[]>; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterAnd { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: inputs.costexplorer.GetTagsFilterAndCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: inputs.costexplorer.GetTagsFilterAndDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterAndTags; } export interface GetTagsFilterAndArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterAndCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterAndCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterAndDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterAndDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterAndTags { key?: string; matchOptions?: string[]; values?: string[]; } export interface GetTagsFilterAndTagsArgs { key?: pulumi.Input; matchOptions?: pulumi.Input[]>; values?: pulumi.Input[]>; } export interface GetTagsFilterCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNot { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: inputs.costexplorer.GetTagsFilterNotCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: inputs.costexplorer.GetTagsFilterNotDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterNotTags; } export interface GetTagsFilterNotArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterNotCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterNotCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNotDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterNotDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterNotTags { key?: string; matchOptions?: string[]; values?: string[]; } export interface GetTagsFilterNotTagsArgs { key?: pulumi.Input; matchOptions?: pulumi.Input[]>; values?: pulumi.Input[]>; } export interface GetTagsFilterOr { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: inputs.costexplorer.GetTagsFilterOrCostCategory; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: inputs.costexplorer.GetTagsFilterOrDimension; /** * Tags that match your request. */ tags?: inputs.costexplorer.GetTagsFilterOrTags; } export interface GetTagsFilterOrArgs { /** * Configuration block for the filter that's based on `CostCategory` values. See `costCategory` block below for details. */ costCategory?: pulumi.Input; /** * Configuration block for the specific `Dimension` to use for `Expression`. See `dimension` block below for details. */ dimension?: pulumi.Input; /** * Tags that match your request. */ tags?: pulumi.Input; } export interface GetTagsFilterOrCostCategory { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterOrCostCategoryArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterOrDimension { /** * Unique name of the Cost Category. */ key?: string; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: string[]; /** * Specific value of the Cost Category. */ values?: string[]; } export interface GetTagsFilterOrDimensionArgs { /** * Unique name of the Cost Category. */ key?: pulumi.Input; /** * Match options that you can use to filter your results. MatchOptions is only applicable for actions related to cost category. The default values for MatchOptions is `EQUALS` and `CASE_SENSITIVE`. Valid values are: `EQUALS`, `ABSENT`, `STARTS_WITH`, `ENDS_WITH`, `CONTAINS`, `CASE_SENSITIVE`, `CASE_INSENSITIVE`. */ matchOptions?: pulumi.Input[]>; /** * Specific value of the Cost Category. */ values?: pulumi.Input[]>; } export interface GetTagsFilterOrTags { key?: string; matchOptions?: string[]; values?: string[]; } export interface GetTagsFilterOrTagsArgs { key?: pulumi.Input; matchOptions?: pulumi.Input[]>; values?: pulumi.Input[]>; } export interface GetTagsFilterTags { key?: string; matchOptions?: string[]; values?: string[]; } export interface GetTagsFilterTagsArgs { key?: pulumi.Input; matchOptions?: pulumi.Input[]>; values?: pulumi.Input[]>; } export interface GetTagsSortBy { /** * key that's used to sort the data. Valid values are: `BlendedCost`, `UnblendedCost`, `AmortizedCost`, `NetAmortizedCost`, `NetUnblendedCost`, `UsageQuantity`, `NormalizedUsageAmount`. */ key?: string; /** * order that's used to sort the data. Valid values are: `ASCENDING`, `DESCENDING`. */ sortOrder?: string; } export interface GetTagsSortByArgs { /** * key that's used to sort the data. Valid values are: `BlendedCost`, `UnblendedCost`, `AmortizedCost`, `NetAmortizedCost`, `NetUnblendedCost`, `UsageQuantity`, `NormalizedUsageAmount`. */ key?: pulumi.Input; /** * order that's used to sort the data. Valid values are: `ASCENDING`, `DESCENDING`. */ sortOrder?: pulumi.Input; } export interface GetTagsTimePeriod { /** * Beginning of the time period. */ end: string; /** * End of the time period. */ start: string; } export interface GetTagsTimePeriodArgs { /** * Beginning of the time period. */ end: pulumi.Input; /** * End of the time period. */ start: pulumi.Input; } } export namespace customerprofiles { export interface DomainMatching { /** * A block that specifies the configuration about the auto-merging process. Documented below. */ autoMerging?: pulumi.Input; /** * The flag that enables the matching process of duplicate profiles. */ enabled: pulumi.Input; /** * A block that specifies the configuration for exporting Identity Resolution results. Documented below. */ exportingConfig?: pulumi.Input; /** * A block that specifies the day and time when you want to start the Identity Resolution Job every week. Documented below. */ jobSchedule?: pulumi.Input; } export interface DomainMatchingAutoMerging { /** * A block that specifies how the auto-merging process should resolve conflicts between different profiles. Documented below. */ conflictResolution?: pulumi.Input; /** * A block that specifies a list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged. Documented below. * * `minAllowedConfidenceScoreForMerging ` - (Optional) A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means higher similarity required to merge profiles. */ consolidation?: pulumi.Input; /** * The flag that enables the auto-merging of duplicate profiles. */ enabled: pulumi.Input; minAllowedConfidenceScoreForMerging?: pulumi.Input; } export interface DomainMatchingAutoMergingConflictResolution { /** * How the auto-merging process should resolve conflicts between different profiles. Valid values are `RECENCY` and `SOURCE` */ conflictResolvingModel: pulumi.Input; /** * The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel`. */ sourceName?: pulumi.Input; } export interface DomainMatchingAutoMergingConsolidation { /** * A list of matching criteria. */ matchingAttributesLists: pulumi.Input[]>[]>; } export interface DomainMatchingExportingConfig { s3Exporting?: pulumi.Input; } export interface DomainMatchingExportingConfigS3Exporting { /** * The name of the S3 bucket where Identity Resolution Jobs write result files. */ s3BucketName: pulumi.Input; /** * The S3 key name of the location where Identity Resolution Jobs write result files. */ s3KeyName?: pulumi.Input; } export interface DomainMatchingJobSchedule { /** * The day when the Identity Resolution Job should run every week. */ dayOfTheWeek: pulumi.Input; /** * The time when the Identity Resolution Job should run every week. */ time: pulumi.Input; } export interface DomainRuleBasedMatching { /** * A block that configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles. Documented below. */ attributeTypesSelector?: pulumi.Input; /** * A block that specifies how the auto-merging process should resolve conflicts between different profiles. Documented below. */ conflictResolution?: pulumi.Input; /** * The flag that enables the rule-based matching process of duplicate profiles. */ enabled: pulumi.Input; /** * A block that specifies the configuration for exporting Identity Resolution results. Documented below. */ exportingConfig?: pulumi.Input; /** * A block that configures how the rule-based matching process should match profiles. You can have up to 15 `rule` in the `natchingRules`. Documented below. */ matchingRules?: pulumi.Input[]>; /** * Indicates the maximum allowed rule level for matching. */ maxAllowedRuleLevelForMatching?: pulumi.Input; /** * Indicates the maximum allowed rule level for merging. */ maxAllowedRuleLevelForMerging?: pulumi.Input; status?: pulumi.Input; } export interface DomainRuleBasedMatchingAttributeTypesSelector { /** * The `Address` type. You can choose from `Address`, `BusinessAddress`, `MaillingAddress`, and `ShippingAddress`. */ addresses?: pulumi.Input[]>; /** * Configures the `AttributeMatchingModel`, you can either choose `ONE_TO_ONE` or `MANY_TO_MANY`. */ attributeMatchingModel: pulumi.Input; /** * The `Email` type. You can choose from `EmailAddress`, `BusinessEmailAddress` and `PersonalEmailAddress`. */ emailAddresses?: pulumi.Input[]>; /** * The `PhoneNumber` type. You can choose from `PhoneNumber`, `HomePhoneNumber`, and `MobilePhoneNumber`. */ phoneNumbers?: pulumi.Input[]>; } export interface DomainRuleBasedMatchingConflictResolution { /** * How the auto-merging process should resolve conflicts between different profiles. Valid values are `RECENCY` and `SOURCE` */ conflictResolvingModel: pulumi.Input; /** * The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel`. */ sourceName?: pulumi.Input; } export interface DomainRuleBasedMatchingExportingConfig { s3Exporting?: pulumi.Input; } export interface DomainRuleBasedMatchingExportingConfigS3Exporting { /** * The name of the S3 bucket where Identity Resolution Jobs write result files. */ s3BucketName: pulumi.Input; /** * The S3 key name of the location where Identity Resolution Jobs write result files. */ s3KeyName?: pulumi.Input; } export interface DomainRuleBasedMatchingMatchingRule { /** * A single rule level of the `matchRules`. Configures how the rule-based matching process should match profiles. */ rules: pulumi.Input[]>; } export interface ProfileAddress { /** * The first line of a customer address. */ address1?: pulumi.Input; /** * The second line of a customer address. */ address2?: pulumi.Input; /** * The third line of a customer address. */ address3?: pulumi.Input; /** * The fourth line of a customer address. */ address4?: pulumi.Input; /** * The city in which a customer lives. */ city?: pulumi.Input; /** * The country in which a customer lives. */ country?: pulumi.Input; /** * The county in which a customer lives. */ county?: pulumi.Input; /** * The postal code of a customer address. */ postalCode?: pulumi.Input; /** * The province in which a customer lives. */ province?: pulumi.Input; /** * The state in which a customer lives. */ state?: pulumi.Input; } export interface ProfileBillingAddress { /** * The first line of a customer address. */ address1?: pulumi.Input; /** * The second line of a customer address. */ address2?: pulumi.Input; /** * The third line of a customer address. */ address3?: pulumi.Input; /** * The fourth line of a customer address. */ address4?: pulumi.Input; /** * The city in which a customer lives. */ city?: pulumi.Input; /** * The country in which a customer lives. */ country?: pulumi.Input; /** * The county in which a customer lives. */ county?: pulumi.Input; /** * The postal code of a customer address. */ postalCode?: pulumi.Input; /** * The province in which a customer lives. */ province?: pulumi.Input; /** * The state in which a customer lives. */ state?: pulumi.Input; } export interface ProfileMailingAddress { /** * The first line of a customer address. */ address1?: pulumi.Input; /** * The second line of a customer address. */ address2?: pulumi.Input; /** * The third line of a customer address. */ address3?: pulumi.Input; /** * The fourth line of a customer address. */ address4?: pulumi.Input; /** * The city in which a customer lives. */ city?: pulumi.Input; /** * The country in which a customer lives. */ country?: pulumi.Input; /** * The county in which a customer lives. */ county?: pulumi.Input; /** * The postal code of a customer address. */ postalCode?: pulumi.Input; /** * The province in which a customer lives. */ province?: pulumi.Input; /** * The state in which a customer lives. */ state?: pulumi.Input; } export interface ProfileShippingAddress { /** * The first line of a customer address. */ address1?: pulumi.Input; /** * The second line of a customer address. */ address2?: pulumi.Input; /** * The third line of a customer address. */ address3?: pulumi.Input; /** * The fourth line of a customer address. */ address4?: pulumi.Input; /** * The city in which a customer lives. */ city?: pulumi.Input; /** * The country in which a customer lives. */ country?: pulumi.Input; /** * The county in which a customer lives. */ county?: pulumi.Input; /** * The postal code of a customer address. */ postalCode?: pulumi.Input; /** * The province in which a customer lives. */ province?: pulumi.Input; /** * The state in which a customer lives. */ state?: pulumi.Input; } } export namespace datapipeline { export interface GetPipelineDefinitionParameterValue { /** * ID of the object. */ id?: string; /** * Field value, expressed as a String. */ stringValue?: string; } export interface GetPipelineDefinitionParameterValueArgs { /** * ID of the object. */ id?: pulumi.Input; /** * Field value, expressed as a String. */ stringValue?: pulumi.Input; } export interface PipelineDefinitionParameterObject { /** * Configuration block for attributes of the parameter object. See below */ attributes?: pulumi.Input[]>; /** * ID of the parameter object. */ id: pulumi.Input; } export interface PipelineDefinitionParameterObjectAttribute { /** * Field identifier. */ key: pulumi.Input; /** * Field value, expressed as a String. */ stringValue: pulumi.Input; } export interface PipelineDefinitionParameterValue { /** * ID of the parameter value. */ id: pulumi.Input; /** * Field value, expressed as a String. */ stringValue: pulumi.Input; } export interface PipelineDefinitionPipelineObject { /** * Configuration block for Key-value pairs that define the properties of the object. See below */ fields?: pulumi.Input[]>; /** * ID of the object. */ id: pulumi.Input; /** * ARN of the storage connector. */ name: pulumi.Input; } export interface PipelineDefinitionPipelineObjectField { /** * Field identifier. */ key: pulumi.Input; /** * Field value, expressed as the identifier of another object */ refValue?: pulumi.Input; /** * Field value, expressed as a String. */ stringValue?: pulumi.Input; } } export namespace datasync { export interface EfsLocationEc2Config { /** * List of Amazon Resource Names (ARNs) of the EC2 Security Groups that are associated with the EFS Mount Target. */ securityGroupArns: pulumi.Input[]>; /** * Amazon Resource Name (ARN) of the EC2 Subnet that is associated with the EFS Mount Target. */ subnetArn: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocol { /** * Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system. See below. */ nfs: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocolNfs { /** * Represents the mount options that are available for DataSync to access an NFS location. See below. */ mountOptions: pulumi.Input; } export interface FsxOpenZfsFileSystemProtocolNfsMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface LocationAzureBlobSasConfiguration { /** * A SAS token that provides permissions to access your Azure Blob Storage. */ token: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocol { /** * Network File System (NFS) protocol that DataSync uses to access your FSx ONTAP file system. See NFS below. */ nfs?: pulumi.Input; /** * Server Message Block (SMB) protocol that DataSync uses to access your FSx ONTAP file system. See [SMB] (#smb) below. */ smb?: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolNfs { /** * Mount options that are available for DataSync to access an NFS location. See NFS Mount Options below. */ mountOptions: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolNfsMountOptions { version?: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolSmb { /** * Fully qualified domain name of the Microsoft Active Directory (AD) that your storage virtual machine belongs to. */ domain?: pulumi.Input; /** * Mount options that are available for DataSync to access an SMB location. See SMB Mount Options below. */ mountOptions: pulumi.Input; /** * Password of a user who has permission to access your SVM. */ password: pulumi.Input; /** * Username that can mount the location and access the files, folders, and metadata that you need in the SVM. */ user: pulumi.Input; } export interface LocationFsxOntapFileSystemProtocolSmbMountOptions { version?: pulumi.Input; } export interface LocationHdfsNameNode { /** * The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network. */ hostname: pulumi.Input; /** * The port that the NameNode uses to listen to client requests. */ port: pulumi.Input; } export interface LocationHdfsQopConfiguration { /** * The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your dfs.data.transfer.protection setting in the hdfs-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`. */ dataTransferProtection?: pulumi.Input; /** * The RPC protection setting configured on the HDFS cluster. This setting corresponds to your hadoop.rpc.protection setting in your core-site.xml file on your Hadoop cluster. Valid values are `DISABLED`, `AUTHENTICATION`, `INTEGRITY` and `PRIVACY`. */ rpcProtection?: pulumi.Input; } export interface LocationSmbMountOptions { /** * The specific SMB version that you want DataSync to use for mounting your SMB share. Valid values: `AUTOMATIC`, `SMB2`, and `SMB3`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface NfsLocationMountOptions { /** * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC` */ version?: pulumi.Input; } export interface NfsLocationOnPremConfig { /** * List of Amazon Resource Names (ARNs) of the DataSync Agents used to connect to the NFS server. */ agentArns: pulumi.Input[]>; } export interface S3LocationS3Config { /** * ARN of the IAM Role used to connect to the S3 Bucket. */ bucketAccessRoleArn: pulumi.Input; } export interface TaskExcludes { /** * The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`. */ filterType?: pulumi.Input; /** * A single filter string that consists of the patterns to exclude. The patterns are delimited by "|" (that is, a pipe), for example: `/folder1|/folder2` */ value?: pulumi.Input; } export interface TaskIncludes { /** * The type of filter rule to apply. Valid values: `SIMPLE_PATTERN`. */ filterType?: pulumi.Input; /** * A single filter string that consists of the patterns to include. The patterns are delimited by "|" (that is, a pipe), for example: `/folder1|/folder2` */ value?: pulumi.Input; } export interface TaskOptions { /** * A file metadata that shows the last time a file was accessed (that is when the file was read or written to). If set to `BEST_EFFORT`, the DataSync Task attempts to preserve the original (that is, the version before sync `PREPARING` phase) `atime` attribute on all source files. Valid values: `BEST_EFFORT`, `NONE`. Default: `BEST_EFFORT`. */ atime?: pulumi.Input; /** * Limits the bandwidth utilized. For example, to set a maximum of 1 MB, set this value to `1048576`. Value values: `-1` or greater. Default: `-1` (unlimited). */ bytesPerSecond?: pulumi.Input; /** * Group identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID). */ gid?: pulumi.Input; /** * Determines the type of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide. Valid values: `OFF`, `BASIC`, `TRANSFER`. Default: `OFF`. */ logLevel?: pulumi.Input; /** * A file metadata that indicates the last time a file was modified (written to) before the sync `PREPARING` phase. Value values: `NONE`, `PRESERVE`. Default: `PRESERVE`. */ mtime?: pulumi.Input; /** * Specifies whether object tags are maintained when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the NONE value. Valid values: `PRESERVE`, `NONE`. Default value: `PRESERVE`. */ objectTags?: pulumi.Input; /** * Determines whether files at the destination should be overwritten or preserved when copying files. Valid values: `ALWAYS`, `NEVER`. Default: `ALWAYS`. */ overwriteMode?: pulumi.Input; /** * Determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. Valid values: `NONE`, `PRESERVE`. Default: `PRESERVE`. */ posixPermissions?: pulumi.Input; /** * Whether files deleted in the source should be removed or preserved in the destination file system. Valid values: `PRESERVE`, `REMOVE`. Default: `PRESERVE`. */ preserveDeletedFiles?: pulumi.Input; /** * Whether the DataSync Task should preserve the metadata of block and character devices in the source files system, and recreate the files with that device name and metadata on the destination. The DataSync Task can’t sync the actual contents of such devices, because many of the devices are non-terminal and don’t return an end of file (EOF) marker. Valid values: `NONE`, `PRESERVE`. Default: `NONE` (ignore special devices). */ preserveDevices?: pulumi.Input; /** * Determines which components of the SMB security descriptor are copied from source to destination objects. This value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. Valid values: `NONE`, `OWNER_DACL`, `OWNER_DACL_SACL`. Default: `OWNER_DACL`. */ securityDescriptorCopyFlags?: pulumi.Input; /** * Determines whether tasks should be queued before executing the tasks. Valid values: `ENABLED`, `DISABLED`. Default `ENABLED`. */ taskQueueing?: pulumi.Input; /** * Determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location. Valid values: `CHANGED`, `ALL`. Default: `CHANGED` */ transferMode?: pulumi.Input; /** * User identifier of the file's owners. Valid values: `BOTH`, `INT_VALUE`, `NAME`, `NONE`. Default: `INT_VALUE` (preserve integer value of the ID). */ uid?: pulumi.Input; /** * Whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. Valid values: `NONE`, `POINT_IN_TIME_CONSISTENT`, `ONLY_FILES_TRANSFERRED`. Default: `POINT_IN_TIME_CONSISTENT`. */ verifyMode?: pulumi.Input; } export interface TaskSchedule { /** * Specifies the schedule you want your task to use for repeated executions. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html). */ scheduleExpression: pulumi.Input; } export interface TaskTaskReportConfig { /** * Specifies the type of task report you'd like. Valid values: `SUMMARY_ONLY` and `STANDARD`. */ outputType?: pulumi.Input; /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`. */ reportLevel?: pulumi.Input; /** * Configuration block containing the configuration of the reporting level for aspects of your task report. See `reportOverrides` below. */ reportOverrides?: pulumi.Input; /** * Configuration block containing the configuration for the Amazon S3 bucket where DataSync uploads your task report. See `s3Destination` below. */ s3Destination: pulumi.Input; /** * Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you enable versioning on your bucket. Keep in mind that setting this to INCLUDE can increase the duration of your task execution. Valid values: `INCLUDE` and `NONE`. */ s3ObjectVersioning?: pulumi.Input; } export interface TaskTaskReportConfigReportOverrides { /** * Specifies the level of reporting for the files, objects, and directories that DataSync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`. */ deletedOverride?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that DataSync attempted to skip during your transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`. */ skippedOverride?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that DataSync attempted to transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`. */ transferredOverride?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that DataSync attempted to verify at the end of your transfer. Valid values: `ERRORS_ONLY` and `SUCCESSES_AND_ERRORS`. * * > **NOTE:** If any `reportOverrides` are set to the same value as `task_report_config.report_level`, they will always be flagged as changed. Only set overrides to a value that differs from `task_report_config.report_level`. */ verifiedOverride?: pulumi.Input; } export interface TaskTaskReportConfigS3Destination { /** * Specifies the Amazon Resource Name (ARN) of the IAM policy that allows DataSync to upload a task report to your S3 bucket. */ bucketAccessRoleArn: pulumi.Input; /** * Specifies the ARN of the S3 bucket where DataSync uploads your report. */ s3BucketArn: pulumi.Input; /** * Specifies a bucket prefix for your report. */ subdirectory?: pulumi.Input; } } export namespace datazone { export interface AssetTypeFormsInput { mapBlockKey: pulumi.Input; required?: pulumi.Input; typeIdentifier: pulumi.Input; typeRevision: pulumi.Input; } export interface AssetTypeTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface DomainSingleSignOn { type?: pulumi.Input; userAssignment?: pulumi.Input; } export interface DomainTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface EnvironmentLastDeployment { deploymentId: pulumi.Input; deploymentStatus: pulumi.Input; deploymentType: pulumi.Input; failureReasons: pulumi.Input[]>; isDeploymentComplete: pulumi.Input; messages: pulumi.Input[]>; } export interface EnvironmentLastDeploymentFailureReason { code: pulumi.Input; message: pulumi.Input; } export interface EnvironmentProfileUserParameter { /** * Name of the environment profile parameter. */ name?: pulumi.Input; /** * Value of the environment profile parameter. */ value?: pulumi.Input; } export interface EnvironmentProvisionedResource { /** * The name of the environment. */ name: pulumi.Input; provider: pulumi.Input; type: pulumi.Input; /** * The value of an environment profile parameter. */ value: pulumi.Input; } export interface EnvironmentTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface EnvironmentUserParameter { /** * The name of an environment profile parameter. */ name?: pulumi.Input; /** * The value of an environment profile parameter. */ value?: pulumi.Input; } export interface FormTypeImport { /** * Name of the form type. Must be the name of the structure in smithy document. */ name: pulumi.Input; /** * Revision of the Form Type. */ revision: pulumi.Input; } export interface FormTypeModel { /** * Smithy document that indicates the model of the API. Must be between the lengths 1 and 100,000 and be encoded as a smithy document. * * The following arguments are optional: */ smithy: pulumi.Input; } export interface FormTypeTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface GlossaryTermTermRelations { /** * String array that calssifies the term relations. */ classifies?: pulumi.Input[]>; isAs?: pulumi.Input[]>; } export interface GlossaryTermTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface ProjectFailureReason { code: pulumi.Input; message: pulumi.Input; } export interface ProjectTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface UserProfileDetail { iams: pulumi.Input[]>; ssos: pulumi.Input[]>; } export interface UserProfileDetailIam { arn: pulumi.Input; } export interface UserProfileDetailSso { firstName: pulumi.Input; lastName: pulumi.Input; userName: pulumi.Input; } export interface UserProfileTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace dax { export interface ClusterNode { address?: pulumi.Input; availabilityZone?: pulumi.Input; id?: pulumi.Input; /** * The port used by the configuration endpoint */ port?: pulumi.Input; } export interface ClusterServerSideEncryption { /** * Whether to enable encryption at rest. Defaults to `false`. */ enabled?: pulumi.Input; } export interface ParameterGroupParameter { /** * The name of the parameter. */ name: pulumi.Input; /** * The value for the parameter. */ value: pulumi.Input; } } export namespace devicefarm { export interface DevicePoolRule { /** * The rule's stringified attribute. Valid values are: `APPIUM_VERSION`, `ARN`, `AVAILABILITY`, `FLEET_TYPE`, `FORM_FACTOR`, `INSTANCE_ARN`, `INSTANCE_LABELS`, `MANUFACTURER`, `MODEL`, `OS_VERSION`, `PLATFORM`, `REMOTE_ACCESS_ENABLED`, `REMOTE_DEBUG_ENABLED`. */ attribute?: pulumi.Input; /** * Specifies how Device Farm compares the rule's attribute to the value. For the operators that are supported by each attribute. Valid values are: `EQUALS`, `NOT_IN`, `IN`, `GREATER_THAN`, `GREATER_THAN_OR_EQUALS`, `LESS_THAN`, `LESS_THAN_OR_EQUALS`, `CONTAINS`. */ operator?: pulumi.Input; /** * The rule's value. */ value?: pulumi.Input; } export interface TestGridProjectVpcConfig { /** * A list of VPC security group IDs in your Amazon VPC. */ securityGroupIds: pulumi.Input[]>; /** * A list of VPC subnet IDs in your Amazon VPC. */ subnetIds: pulumi.Input[]>; /** * The ID of the Amazon VPC. */ vpcId: pulumi.Input; } } export namespace devopsguru { export interface EventSourcesConfigEventSource { /** * Stores whether DevOps Guru is configured to consume recommendations which are generated from AWS CodeGuru Profiler. See `amazonCodeGuruProfiler` below. */ amazonCodeGuruProfilers?: pulumi.Input[]>; } export interface EventSourcesConfigEventSourceAmazonCodeGuruProfiler { /** * Status of the CodeGuru Profiler integration. Valid values are `ENABLED` and `DISABLED`. */ status: pulumi.Input; } export interface GetNotificationChannelFilter { /** * Events to receive notifications for. */ messageTypes?: string[]; /** * Severity levels to receive notifications for. */ severities?: string[]; } export interface GetNotificationChannelFilterArgs { /** * Events to receive notifications for. */ messageTypes?: pulumi.Input[]>; /** * Severity levels to receive notifications for. */ severities?: pulumi.Input[]>; } export interface GetNotificationChannelSn { /** * Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic. */ topicArn?: string; } export interface GetNotificationChannelSnArgs { /** * Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic. */ topicArn?: pulumi.Input; } export interface GetResourceCollectionCloudformation { /** * Array of the names of the AWS CloudFormation stacks. */ stackNames?: string[]; } export interface GetResourceCollectionCloudformationArgs { /** * Array of the names of the AWS CloudFormation stacks. */ stackNames?: pulumi.Input[]>; } export interface GetResourceCollectionTag { /** * An AWS tag key that is used to identify the AWS resources that DevOps Guru analyzes. */ appBoundaryKey?: string; /** * Array of tag values. */ tagValues?: string[]; } export interface GetResourceCollectionTagArgs { /** * An AWS tag key that is used to identify the AWS resources that DevOps Guru analyzes. */ appBoundaryKey?: pulumi.Input; /** * Array of tag values. */ tagValues?: pulumi.Input[]>; } export interface NotificationChannelFilters { /** * Events to receive notifications for. Valid values are `NEW_INSIGHT`, `CLOSED_INSIGHT`, `NEW_ASSOCIATION`, `SEVERITY_UPGRADED`, and `NEW_RECOMMENDATION`. */ messageTypes?: pulumi.Input[]>; /** * Severity levels to receive notifications for. Valid values are `LOW`, `MEDIUM`, and `HIGH`. */ severities?: pulumi.Input[]>; } export interface NotificationChannelSns { /** * Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic. */ topicArn: pulumi.Input; } export interface ResourceCollectionCloudformation { /** * Array of the names of the AWS CloudFormation stacks. If `type` is `AWS_SERVICE` (all acccount resources) this array should be a single item containing a wildcard (`"*"`). */ stackNames: pulumi.Input[]>; } export interface ResourceCollectionTags { /** * An AWS tag key that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this key make up your DevOps Guru application and analysis boundary. The key must begin with the prefix `DevOps-Guru-`. Any casing can be used for the prefix, but the associated tags __must use the same casing__ in their tag key. */ appBoundaryKey: pulumi.Input; /** * Array of tag values. These can be used to further filter for specific resources within the application boundary. To analyze all resources tagged with the `appBoundaryKey` regardless of the corresponding tag value, this array should be a single item containing a wildcard (`"*"`). */ tagValues: pulumi.Input[]>; } export interface ServiceIntegrationKmsServerSideEncryption { /** * KMS key ID. This value can be a key ID, key ARN, alias name, or alias ARN. */ kmsKeyId?: pulumi.Input; /** * Specifies whether KMS integration is enabled. Valid values are `DISABLED` and `ENABLED`. */ optInStatus?: pulumi.Input; /** * Type of KMS key used. Valid values are `CUSTOMER_MANAGED_KEY` and `AWS_OWNED_KMS_KEY`. */ type?: pulumi.Input; } export interface ServiceIntegrationLogsAnomalyDetection { /** * Specifies if DevOps Guru is configured to perform log anomaly detection on CloudWatch log groups. Valid values are `DISABLED` and `ENABLED`. */ optInStatus?: pulumi.Input; } export interface ServiceIntegrationOpsCenter { /** * Specifies if DevOps Guru is enabled to create an AWS Systems Manager OpsItem for each created insight. Valid values are `DISABLED` and `ENABLED`. */ optInStatus?: pulumi.Input; } } export namespace directconnect { } export namespace directoryservice { export interface DirectoryConnectSettings { availabilityZones?: pulumi.Input[]>; /** * The IP addresses of the AD Connector servers. */ connectIps?: pulumi.Input[]>; /** * The DNS IP addresses of the domain to connect to. */ customerDnsIps: pulumi.Input[]>; /** * The username corresponding to the password provided. */ customerUsername: pulumi.Input; /** * The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs). */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC that the directory is in. */ vpcId: pulumi.Input; } export interface DirectoryVpcSettings { availabilityZones?: pulumi.Input[]>; /** * The identifiers of the subnets for the directory servers (2 subnets in 2 different AZs). */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC that the directory is in. */ vpcId: pulumi.Input; } export interface ServiceRegionVpcSettings { /** * The identifiers of the subnets for the directory servers. */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC in which to create the directory. */ vpcId: pulumi.Input; } export interface SharedDirectoryTarget { /** * Identifier of the directory consumer account. */ id: pulumi.Input; /** * Type of identifier to be used in the `id` field. Valid value is `ACCOUNT`. Default is `ACCOUNT`. */ type?: pulumi.Input; } } export namespace dlm { export interface LifecyclePolicyPolicyDetails { /** * The actions to be performed when the event-based policy is triggered. You can specify only one action per policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `action` configuration block. */ action?: pulumi.Input; /** * The event that triggers the event-based policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `eventSource` configuration block. */ eventSource?: pulumi.Input; parameters?: pulumi.Input; /** * The valid target resource types and actions a policy can manage. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account. Default value is `EBS_SNAPSHOT_MANAGEMENT`. */ policyType?: pulumi.Input; /** * The location of the resources to backup. If the source resources are located in an AWS Region, specify `CLOUD`. If the source resources are located on an Outpost in your account, specify `OUTPOST`. If you specify `OUTPOST`, Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account. Valid values are `CLOUD` and `OUTPOST`. */ resourceLocations?: pulumi.Input; /** * A list of resource types that should be targeted by the lifecycle policy. Valid values are `VOLUME` and `INSTANCE`. */ resourceTypes?: pulumi.Input[]>; /** * See the `schedule` configuration block. */ schedules?: pulumi.Input[]>; /** * A map of tag keys and their values. Any resources that match the `resourceTypes` and are tagged with _any_ of these tags will be targeted. * * > Note: You cannot have overlapping lifecycle policies that share the same `targetTags`. Pulumi is unable to detect this at plan time but it will fail during apply. */ targetTags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface LifecyclePolicyPolicyDetailsAction { /** * The rule for copying shared snapshots across Regions. See the `crossRegionCopy` configuration block. */ crossRegionCopies: pulumi.Input[]>; name: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopy { /** * The encryption settings for the copied snapshot. See the `encryptionConfiguration` block. Max of 1 per action. */ encryptionConfiguration: pulumi.Input; retainRule?: pulumi.Input; target: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration { cmkArn?: pulumi.Input; encrypted?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule { interval: pulumi.Input; intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsEventSource { parameters: pulumi.Input; /** * The source of the event. Currently only managed CloudWatch Events rules are supported. Valid values are `MANAGED_CWE`. */ type: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsEventSourceParameters { /** * The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account. */ descriptionRegex: pulumi.Input; /** * The type of event. Currently, only `shareSnapshot` events are supported. */ eventType: pulumi.Input; /** * The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account. */ snapshotOwners: pulumi.Input[]>; } export interface LifecyclePolicyPolicyDetailsParameters { /** * Indicates whether to exclude the root volume from snapshots created using CreateSnapshots. The default is `false`. */ excludeBootVolume?: pulumi.Input; /** * Applies to AMI lifecycle policies only. Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted). */ noReboot?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsSchedule { copyTags?: pulumi.Input; /** * See the `createRule` block. Max of 1 per schedule. */ createRule: pulumi.Input; /** * See the `crossRegionCopyRule` block. Max of 3 per schedule. */ crossRegionCopyRules?: pulumi.Input[]>; deprecateRule?: pulumi.Input; /** * See the `fastRestoreRule` block. Max of 1 per schedule. */ fastRestoreRule?: pulumi.Input; name: pulumi.Input; retainRule: pulumi.Input; /** * See the `shareRule` block. Max of 1 per schedule. */ shareRule?: pulumi.Input; /** * A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these. */ tagsToAdd?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * A map of tag keys and variable values, where the values are determined when the policy is executed. Only `$(instance-id)` or `$(timestamp)` are valid values. Can only be used when `resourceTypes` is `INSTANCE`. */ variableTags?: pulumi.Input<{[key: string]: pulumi.Input}>; } export interface LifecyclePolicyPolicyDetailsScheduleCreateRule { /** * The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. Conflicts with `interval`, `intervalUnit`, and `times`. */ cronExpression?: pulumi.Input; interval?: pulumi.Input; intervalUnit?: pulumi.Input; /** * Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD`. To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL`. If you omit this parameter, `CLOUD` is used by default. If the policy targets resources in an AWS Region, then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost. Valid values are `CLOUD` and `OUTPOST_LOCAL`. */ location?: pulumi.Input; /** * A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1. Conflicts with `cronExpression`. Must be set if `interval` is set. */ times?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule { cmkArn?: pulumi.Input; copyTags?: pulumi.Input; deprecateRule?: pulumi.Input; encrypted: pulumi.Input; retainRule?: pulumi.Input; target: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleDeprecateRule { interval: pulumi.Input; intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRuleRetainRule { interval: pulumi.Input; intervalUnit: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleDeprecateRule { count?: pulumi.Input; interval?: pulumi.Input; intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleFastRestoreRule { /** * The Availability Zones in which to enable fast snapshot restore. */ availabilityZones: pulumi.Input[]>; count?: pulumi.Input; interval?: pulumi.Input; intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleRetainRule { count?: pulumi.Input; interval?: pulumi.Input; intervalUnit?: pulumi.Input; } export interface LifecyclePolicyPolicyDetailsScheduleShareRule { /** * The IDs of the AWS accounts with which to share the snapshots. */ targetAccounts: pulumi.Input[]>; /** * The period after which snapshots that are shared with other AWS accounts are automatically unshared. */ unshareInterval?: pulumi.Input; /** * The unit of time for the automatic unsharing interval. Valid values are `DAYS`, `WEEKS`, `MONTHS`, `YEARS`. */ unshareIntervalUnit?: pulumi.Input; } } export namespace dms { export interface EndpointElasticsearchSettings { /** * Endpoint for the OpenSearch cluster. */ endpointUri: pulumi.Input; /** * Maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster. Default is `300`. */ errorRetryDuration?: pulumi.Input; /** * Maximum percentage of records that can fail to be written before a full load operation stops. Default is `10`. */ fullLoadErrorPercentage?: pulumi.Input; /** * ARN of the IAM Role with permissions to write to the OpenSearch cluster. */ serviceAccessRoleArn: pulumi.Input; /** * Enable to migrate documentation using the documentation type `_doc`. OpenSearch and an Elasticsearch clusters only support the _doc documentation type in versions 7.x and later. The default value is `false`. */ useNewMappingType?: pulumi.Input; } export interface EndpointKafkaSettings { /** * Kafka broker location. Specify in the form broker-hostname-or-ip:port. */ broker: pulumi.Input; /** * Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. Default is `false`. */ includeControlDetails?: pulumi.Input; /** * Include NULL and empty columns for records migrated to the endpoint. Default is `false`. */ includeNullAndEmpty?: pulumi.Input; /** * Shows the partition value within the Kafka message output unless the partition type is `schema-table-type`. Default is `false`. */ includePartitionValue?: pulumi.Input; /** * Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table`, `drop-table`, `add-column`, `drop-column`, and `rename-column`. Default is `false`. */ includeTableAlterOperations?: pulumi.Input; /** * Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transactionId`, previous `transactionId`, and `transactionRecordId` (the record offset within a transaction). Default is `false`. */ includeTransactionDetails?: pulumi.Input; /** * Output format for the records created on the endpoint. Message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab). */ messageFormat?: pulumi.Input; /** * Maximum size in bytes for records created on the endpoint Default is `1,000,000`. */ messageMaxBytes?: pulumi.Input; /** * Set this optional parameter to true to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `noHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the `'0x'` prefix. */ noHexPrefix?: pulumi.Input; /** * Prefixes schema and table names to partition values, when the partition type is `primary-key-type`. Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. Default is `false`. */ partitionIncludeSchemaTable?: pulumi.Input; /** * Secure password you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. */ saslPassword?: pulumi.Input; /** * Secure user name you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication. */ saslUsername?: pulumi.Input; /** * Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption`, `ssl-authentication`, and `sasl-ssl`. `sasl-ssl` requires `saslUsername` and `saslPassword`. */ securityProtocol?: pulumi.Input; /** * ARN for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint. */ sslCaCertificateArn?: pulumi.Input; /** * ARN of the client certificate used to securely connect to a Kafka target endpoint. */ sslClientCertificateArn?: pulumi.Input; /** * ARN for the client private key used to securely connect to a Kafka target endpoint. */ sslClientKeyArn?: pulumi.Input; /** * Password for the client private key used to securely connect to a Kafka target endpoint. */ sslClientKeyPassword?: pulumi.Input; /** * Kafka topic for migration. Default is `kafka-default-topic`. */ topic?: pulumi.Input; } export interface EndpointKinesisSettings { /** * Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. Default is `false`. */ includeControlDetails?: pulumi.Input; /** * Include NULL and empty columns in the target. Default is `false`. */ includeNullAndEmpty?: pulumi.Input; /** * Shows the partition value within the Kinesis message output, unless the partition type is schema-table-type. Default is `false`. */ includePartitionValue?: pulumi.Input; /** * Includes any data definition language (DDL) operations that change the table in the control data. Default is `false`. */ includeTableAlterOperations?: pulumi.Input; /** * Provides detailed transaction information from the source database. Default is `false`. */ includeTransactionDetails?: pulumi.Input; /** * Output format for the records created. Default is `json`. Valid values are `json` and `json-unformatted` (a single line with no tab). */ messageFormat?: pulumi.Input; /** * Prefixes schema and table names to partition values, when the partition type is primary-key-type. Default is `false`. */ partitionIncludeSchemaTable?: pulumi.Input; /** * ARN of the IAM Role with permissions to write to the Kinesis data stream. */ serviceAccessRoleArn?: pulumi.Input; /** * ARN of the Kinesis data stream. */ streamArn?: pulumi.Input; } export interface EndpointMongodbSettings { /** * Authentication mechanism to access the MongoDB source endpoint. Default is `default`. */ authMechanism?: pulumi.Input; /** * Authentication database name. Not used when `authType` is `no`. Default is `admin`. */ authSource?: pulumi.Input; /** * Authentication type to access the MongoDB source endpoint. Default is `password`. */ authType?: pulumi.Input; /** * Number of documents to preview to determine the document organization. Use this setting when `nestingLevel` is set to `one`. Default is `1000`. */ docsToInvestigate?: pulumi.Input; /** * Document ID. Use this setting when `nestingLevel` is set to `none`. Default is `false`. */ extractDocId?: pulumi.Input; /** * Specifies either document or table mode. Default is `none`. Valid values are `one` (table mode) and `none` (document mode). */ nestingLevel?: pulumi.Input; } export interface EndpointPostgresSettings { /** * For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data. */ afterConnectScript?: pulumi.Input; /** * The Babelfish for Aurora PostgreSQL database name for the endpoint. */ babelfishDatabaseName?: pulumi.Input; /** * To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. */ captureDdls?: pulumi.Input; /** * Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints. */ databaseMode?: pulumi.Input; /** * Sets the schema in which the operational DDL database artifacts are created. Default is `public`. */ ddlArtifactsSchema?: pulumi.Input; /** * Sets the client statement timeout for the PostgreSQL instance, in seconds. Default value is `60`. */ executeTimeout?: pulumi.Input; /** * When set to `true`, this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize`. Default is `false`. */ failTasksOnLobTruncation?: pulumi.Input; /** * The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. */ heartbeatEnable?: pulumi.Input; /** * Sets the WAL heartbeat frequency (in minutes). Default value is `5`. */ heartbeatFrequency?: pulumi.Input; /** * Sets the schema in which the heartbeat artifacts are created. Default value is `public`. */ heartbeatSchema?: pulumi.Input; /** * You can use PostgreSQL endpoint settings to map a boolean as a boolean from your PostgreSQL source to a Amazon Redshift target. Default value is `false`. */ mapBooleanAsBoolean?: pulumi.Input; /** * Optional When true, DMS migrates JSONB values as CLOB. */ mapJsonbAsClob?: pulumi.Input; /** * Optional When true, DMS migrates LONG values as VARCHAR. */ mapLongVarcharAs?: pulumi.Input; /** * Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL. Default is `32,768 KB`. */ maxFileSize?: pulumi.Input; /** * Specifies the plugin to use to create a replication slot. Valid values: `pglogical`, `testDecoding`. */ pluginName?: pulumi.Input; /** * Sets the name of a previously created logical replication slot for a CDC load of the PostgreSQL source instance. */ slotName?: pulumi.Input; } export interface EndpointRedisSettings { /** * The password provided with the auth-role and auth-token options of the AuthType setting for a Redis target endpoint. */ authPassword?: pulumi.Input; /** * The type of authentication to perform when connecting to a Redis target. Options include `none`, `auth-token`, and `auth-role`. The `auth-token` option requires an `authPassword` value to be provided. The `auth-role` option requires `authUserName` and `authPassword` values to be provided. */ authType: pulumi.Input; /** * The username provided with the `auth-role` option of the AuthType setting for a Redis target endpoint. */ authUserName?: pulumi.Input; /** * Transmission Control Protocol (TCP) port for the endpoint. */ port: pulumi.Input; /** * Fully qualified domain name of the endpoint. */ serverName: pulumi.Input; /** * The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint. */ sslCaCertificateArn?: pulumi.Input; /** * The plaintext option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database. Options include `plaintext`, `ssl-encryption`. The default is `ssl-encryption`. */ sslSecurityProtocol?: pulumi.Input; } export interface EndpointRedshiftSettings { /** * Custom S3 Bucket Object prefix for intermediate storage. */ bucketFolder?: pulumi.Input; /** * Custom S3 Bucket name for intermediate storage. */ bucketName?: pulumi.Input; /** * The server-side encryption mode that you want to encrypt your intermediate .csv object files copied to S3. Defaults to `SSE_S3`. Valid values are `SSE_S3` and `SSE_KMS`. */ encryptionMode?: pulumi.Input; /** * ARN or Id of KMS Key to use when `encryptionMode` is `SSE_KMS`. */ serverSideEncryptionKmsKeyId?: pulumi.Input; /** * Amazon Resource Name (ARN) of the IAM Role with permissions to read from or write to the S3 Bucket for intermediate storage. */ serviceAccessRoleArn?: pulumi.Input; } export interface EndpointS3Settings { /** * Whether to add column name information to the .csv output file. Default is `false`. */ addColumnName?: pulumi.Input; /** * S3 object prefix. */ bucketFolder?: pulumi.Input; /** * S3 bucket name. */ bucketName?: pulumi.Input; /** * Predefined (canned) access control list for objects created in an S3 bucket. Valid values include `none`, `private`, `public-read`, `public-read-write`, `authenticated-read`, `aws-exec-read`, `bucket-owner-read`, and `bucket-owner-full-control`. Default is `none`. */ cannedAclForObjects?: pulumi.Input; /** * Whether to write insert and update operations to .csv or .parquet output files. Default is `false`. */ cdcInsertsAndUpdates?: pulumi.Input; /** * Whether to write insert operations to .csv or .parquet output files. Default is `false`. */ cdcInsertsOnly?: pulumi.Input; /** * Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3. Default is `60`. */ cdcMaxBatchInterval?: pulumi.Input; /** * Minimum file size condition as defined in kilobytes to output a file to Amazon S3. Default is `32000`. **NOTE:** Previously, this setting was measured in megabytes but now represents kilobytes. Update configurations accordingly. */ cdcMinFileSize?: pulumi.Input; /** * Folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `cdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. Supported in AWS DMS versions 3.4.2 and later. */ cdcPath?: pulumi.Input; /** * Set to compress target files. Default is `NONE`. Valid values are `GZIP` and `NONE`. */ compressionType?: pulumi.Input; /** * Delimiter used to separate columns in the source files. Default is `,`. */ csvDelimiter?: pulumi.Input; /** * String to use for all columns not included in the supplemental log. */ csvNoSupValue?: pulumi.Input; /** * String to as null when writing to the target. */ csvNullValue?: pulumi.Input; /** * Delimiter used to separate rows in the source files. Default is `\n`. */ csvRowDelimiter?: pulumi.Input; /** * Output format for the files that AWS DMS uses to create S3 objects. Valid values are `csv` and `parquet`. Default is `csv`. */ dataFormat?: pulumi.Input; /** * Size of one data page in bytes. Default is `1048576` (1 MiB). */ dataPageSize?: pulumi.Input; /** * Date separating delimiter to use during folder partitioning. Valid values are `SLASH`, `UNDERSCORE`, `DASH`, and `NONE`. Default is `SLASH`. */ datePartitionDelimiter?: pulumi.Input; /** * Partition S3 bucket folders based on transaction commit dates. Default is `false`. */ datePartitionEnabled?: pulumi.Input; /** * Date format to use during folder partitioning. Use this parameter when `datePartitionEnabled` is set to true. Valid values are `YYYYMMDD`, `YYYYMMDDHH`, `YYYYMM`, `MMYYYYDD`, and `DDMMYYYY`. Default is `YYYYMMDD`. */ datePartitionSequence?: pulumi.Input; /** * Maximum size in bytes of an encoded dictionary page of a column. Default is `1048576` (1 MiB). */ dictPageSizeLimit?: pulumi.Input; /** * Whether to enable statistics for Parquet pages and row groups. Default is `true`. */ enableStatistics?: pulumi.Input; /** * Type of encoding to use. Value values are `rleDictionary`, `plain`, and `plainDictionary`. Default is `rleDictionary`. */ encodingType?: pulumi.Input; /** * Server-side encryption mode that you want to encrypt your .csv or .parquet object files copied to S3. Valid values are `SSE_S3` and `SSE_KMS`. Default is `SSE_S3`. */ encryptionMode?: pulumi.Input; /** * JSON document that describes how AWS DMS should interpret the data. */ externalTableDefinition?: pulumi.Input; /** * Whether to integrate AWS Glue Data Catalog with an Amazon S3 target. See [Using AWS Glue Data Catalog with an Amazon S3 target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.GlueCatalog) for more information. Default is `false`. */ glueCatalogGeneration?: pulumi.Input; /** * When this value is set to `1`, DMS ignores the first row header in a .csv file. Default is `0`. */ ignoreHeaderRows?: pulumi.Input; /** * Whether to enable a full load to write INSERT operations to the .csv output files only to indicate how the rows were added to the source database. Default is `false`. */ includeOpForFullLoad?: pulumi.Input; /** * Maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load. Valid values are from `1` to `1048576`. Default is `1048576` (1 GB). */ maxFileSize?: pulumi.Input; /** * Specifies the precision of any TIMESTAMP column values written to an S3 object file in .parquet format. Default is `false`. */ parquetTimestampInMillisecond?: pulumi.Input; /** * Version of the .parquet file format. Default is `parquet-1-0`. Valid values are `parquet-1-0` and `parquet-2-0`. */ parquetVersion?: pulumi.Input; /** * Whether DMS saves the transaction order for a CDC load on the S3 target specified by `cdcPath`. Default is `false`. */ preserveTransactions?: pulumi.Input; /** * For an S3 source, whether each leading double quotation mark has to be followed by an ending double quotation mark. Default is `true`. */ rfc4180?: pulumi.Input; /** * Number of rows in a row group. Default is `10000`. */ rowGroupLength?: pulumi.Input; /** * ARN or Id of KMS Key to use when `encryptionMode` is `SSE_KMS`. */ serverSideEncryptionKmsKeyId?: pulumi.Input; /** * ARN of the IAM Role with permissions to read from or write to the S3 Bucket. */ serviceAccessRoleArn?: pulumi.Input; /** * Column to add with timestamp information to the endpoint data for an Amazon S3 target. */ timestampColumnName?: pulumi.Input; /** * Whether to use `csvNoSupValue` for columns not included in the supplemental log. */ useCsvNoSupValue?: pulumi.Input; /** * When set to true, uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when set to true, each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time. When set to false, the full load timestamp in the timestamp column increments with the time data arrives at the target. Default is `false`. */ useTaskStartTimeForFullLoadTimestamp?: pulumi.Input; } export interface ReplicationConfigComputeConfig { /** * The Availability Zone where the DMS Serverless replication using this configuration will run. The default value is a random. */ availabilityZone?: pulumi.Input; /** * A list of custom DNS name servers supported for the DMS Serverless replication to access your source or target database. */ dnsNameServers?: pulumi.Input; /** * An Key Management Service (KMS) key Amazon Resource Name (ARN) that is used to encrypt the data during DMS Serverless replication. If you don't specify a value for the KmsKeyId parameter, DMS uses your default encryption key. */ kmsKeyId?: pulumi.Input; /** * Specifies the maximum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 2 DCUs as the minimum value allowed. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. */ maxCapacityUnits?: pulumi.Input; /** * Specifies the minimum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. If this value isn't set DMS scans the current activity of available source tables to identify an optimum setting for this parameter. */ minCapacityUnits?: pulumi.Input; /** * Specifies if the replication instance is a multi-az deployment. You cannot set the `availabilityZone` parameter if the `multiAz` parameter is set to `true`. */ multiAz?: pulumi.Input; /** * The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). * * - Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. * - Format: `ddd:hh24:mi-ddd:hh24:mi` * - Valid Days: `mon, tue, wed, thu, fri, sat, sun` * - Constraints: Minimum 30-minute window. */ preferredMaintenanceWindow?: pulumi.Input; /** * Specifies a subnet group identifier to associate with the DMS Serverless replication. */ replicationSubnetGroupId: pulumi.Input; /** * Specifies the virtual private cloud (VPC) security group to use with the DMS Serverless replication. The VPC security group must work with the VPC containing the replication. */ vpcSecurityGroupIds?: pulumi.Input[]>; } } export namespace docdb { export interface ClusterParameterGroupParameter { /** * Valid values are `immediate` and `pending-reboot`. Defaults to `pending-reboot`. */ applyMethod?: pulumi.Input; /** * The name of the DocumentDB parameter. */ name: pulumi.Input; /** * The value of the DocumentDB parameter. */ value: pulumi.Input; } export interface ClusterRestoreToPointInTime { /** * The date and time to restore from. Value must be a time in Universal Coordinated Time (UTC) format and must be before the latest restorable time for the DB instance. Cannot be specified with `useLatestRestorableTime`. */ restoreToTime?: pulumi.Input; /** * The type of restore to be performed. Valid values are `full-copy`, `copy-on-write`. */ restoreType?: pulumi.Input; /** * The identifier of the source DB cluster from which to restore. Must match the identifier of an existing DB cluster. */ sourceClusterIdentifier: pulumi.Input; /** * A boolean value that indicates whether the DB cluster is restored from the latest backup time. Defaults to `false`. Cannot be specified with `restoreToTime`. */ useLatestRestorableTime?: pulumi.Input; } export interface ElasticClusterTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface GlobalClusterGlobalClusterMember { /** * Amazon Resource Name (ARN) of member DB Cluster. */ dbClusterArn?: pulumi.Input; /** * Whether the member is the primary DB Cluster. */ isWriter?: pulumi.Input; } } export namespace drs { export interface ReplicationConfigurationTemplatePitPolicy { /** * Whether this rule is enabled or not. */ enabled?: pulumi.Input; /** * How often, in the chosen units, a snapshot should be taken. */ interval: pulumi.Input; /** * Duration to retain a snapshot for, in the chosen `units`. */ retentionDuration: pulumi.Input; /** * ID of the rule. Valid values are integers. */ ruleId?: pulumi.Input; /** * Units used to measure the `interval` and `retentionDuration`. Valid values are `MINUTE`, `HOUR`, and `DAY`. */ units: pulumi.Input; } export interface ReplicationConfigurationTemplateTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } } export namespace dynamodb { export interface GetTableServerSideEncryption { enabled?: boolean; kmsKeyArn?: string; } export interface GetTableServerSideEncryptionArgs { enabled?: pulumi.Input; kmsKeyArn?: pulumi.Input; } export interface GlobalTableReplica { /** * AWS region name of replica DynamoDB TableE.g., `us-east-1` */ regionName: pulumi.Input; } export interface TableAttribute { /** * Name of the attribute */ name: pulumi.Input; /** * Attribute type. Valid values are `S` (string), `N` (number), `B` (binary). */ type: pulumi.Input; } export interface TableGlobalSecondaryIndex { /** * Name of the hash key in the index; must be defined as an attribute in the resource. */ hashKey: pulumi.Input; /** * Name of the index. */ name: pulumi.Input; /** * Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table. */ nonKeyAttributes?: pulumi.Input[]>; /** * Sets the maximum number of read and write units for the specified on-demand table. See below. */ onDemandThroughput?: pulumi.Input; /** * One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hashKey and sortKey attributes , `INCLUDE` projects into the index all of the attributes that are defined in `nonKeyAttributes` in addition to the attributes that that`KEYS_ONLY` project. */ projectionType: pulumi.Input; /** * Name of the range key; must be defined */ rangeKey?: pulumi.Input; /** * Number of read units for this index. Must be set if billingMode is set to PROVISIONED. */ readCapacity?: pulumi.Input; /** * Number of write units for this index. Must be set if billingMode is set to PROVISIONED. */ writeCapacity?: pulumi.Input; } export interface TableGlobalSecondaryIndexOnDemandThroughput { /** * Maximum number of read request units for the specified table. To specify set the value greater than or equal to 1. To remove set the value to -1. */ maxReadRequestUnits?: pulumi.Input; /** * Maximum number of write request units for the specified table. To specify set the value greater than or equal to 1. To remove set the value to -1. */ maxWriteRequestUnits?: pulumi.Input; } export interface TableImportTable { /** * Type of compression to be used on the input coming from the imported table. * Valid values are `GZIP`, `ZSTD` and `NONE`. */ inputCompressionType?: pulumi.Input; /** * The format of the source data. * Valid values are `CSV`, `DYNAMODB_JSON`, and `ION`. */ inputFormat: pulumi.Input; /** * Describe the format options for the data that was imported into the target table. * There is one value, `csv`. * See below. */ inputFormatOptions?: pulumi.Input; /** * Values for the S3 bucket the source file is imported from. * See below. */ s3BucketSource: pulumi.Input; } export interface TableImportTableInputFormatOptions { /** * This block contains the processing options for the CSV file being imported: */ csv?: pulumi.Input; } export interface TableImportTableInputFormatOptionsCsv { /** * The delimiter used for separating items in the CSV file being imported. */ delimiter?: pulumi.Input; /** * List of the headers used to specify a common header for all source CSV files being imported. */ headerLists?: pulumi.Input[]>; } export interface TableImportTableS3BucketSource { /** * The S3 bucket that is being imported from. */ bucket: pulumi.Input; /** * The account number of the S3 bucket that is being imported from. */ bucketOwner?: pulumi.Input; /** * The key prefix shared by all S3 Objects that are being imported. */ keyPrefix?: pulumi.Input; } export interface TableLocalSecondaryIndex { /** * Name of the index */ name: pulumi.Input; /** * Only required with `INCLUDE` as a projection type; a list of attributes to project into the index. These do not need to be defined as attributes on the table. */ nonKeyAttributes?: pulumi.Input[]>; /** * One of `ALL`, `INCLUDE` or `KEYS_ONLY` where `ALL` projects every attribute into the index, `KEYS_ONLY` projects into the index only the table and index hashKey and sortKey attributes , `INCLUDE` projects into the index all of the attributes that are defined in `nonKeyAttributes` in addition to the attributes that that`KEYS_ONLY` project. */ projectionType: pulumi.Input; /** * Name of the range key. */ rangeKey: pulumi.Input; } export interface TableOnDemandThroughput { /** * Maximum number of read request units for the specified table. To specify set the value greater than or equal to 1. To remove set the value to -1. */ maxReadRequestUnits?: pulumi.Input; /** * Maximum number of write request units for the specified table. To specify set the value greater than or equal to 1. To remove set the value to -1. */ maxWriteRequestUnits?: pulumi.Input; } export interface TablePointInTimeRecovery { /** * Whether to enable point-in-time recovery. It can take 10 minutes to enable for new tables. If the `pointInTimeRecovery` block is not provided, this defaults to `false`. */ enabled: pulumi.Input; } export interface TableReplica { /** * ARN of the table */ arn?: pulumi.Input; /** * ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys. */ kmsKeyArn?: pulumi.Input; /** * Whether to enable Point In Time Recovery for the replica. Default is `false`. */ pointInTimeRecovery?: pulumi.Input; /** * Whether to propagate the global table's tags to a replica. Default is `false`. Changes to tags only move in one direction: from global (source) to replica. In other words, tag drift on a replica will not trigger an update. Tag or replica changes on the global table, whether from drift or configuration changes, are propagated to replicas. Changing from `true` to `false` on a subsequent `apply` means replica tags are left as they were, unmanaged, not deleted. */ propagateTags?: pulumi.Input; /** * Region name of the replica. */ regionName: pulumi.Input; /** * ARN of the Table Stream. Only available when `streamEnabled = true` */ streamArn?: pulumi.Input; /** * Timestamp, in ISO 8601 format, for this stream. Note that this timestamp is not a unique identifier for the stream on its own. However, the combination of AWS customer ID, table name and this field is guaranteed to be unique. It can be used for creating CloudWatch Alarms. Only available when `streamEnabled = true`. */ streamLabel?: pulumi.Input; } export interface TableServerSideEncryption { /** * Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK). If `enabled` is `false` then server-side encryption is set to AWS-_owned_ key (shown as `DEFAULT` in the AWS console). Potentially confusingly, if `enabled` is `true` and no `kmsKeyArn` is specified then server-side encryption is set to the _default_ KMS-_managed_ key (shown as `KMS` in the AWS console). The [AWS KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) explains the difference between AWS-_owned_ and KMS-_managed_ keys. */ enabled: pulumi.Input; /** * ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys. */ kmsKeyArn?: pulumi.Input; } export interface TableTtl { /** * Name of the table attribute to store the TTL timestamp in. * Required if `enabled` is `true`, must not be set otherwise. */ attributeName?: pulumi.Input; /** * Whether TTL is enabled. * Default value is `false`. */ enabled?: pulumi.Input; } } export namespace ebs { export interface FastSnapshotRestoreTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; } export interface GetEbsVolumesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html). * For example, if matching against the `size` filter, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const tenOrTwentyGbVolumes = aws.ebs.getEbsVolumes({ * filters: [{ * name: "size", * values: [ * "10", * "20", * ], * }], * }); * ``` */ name: string; /** * Set of values that are accepted for the given field. * EBS Volume IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetEbsVolumesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html). * For example, if matching against the `size` filter, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const tenOrTwentyGbVolumes = aws.ebs.getEbsVolumes({ * filters: [{ * name: "size", * values: [ * "10", * "20", * ], * }], * }); * ``` */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * EBS Volume IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetSnapshotFilter { name: string; values: string[]; } export interface GetSnapshotFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetSnapshotIdsFilter { name: string; values: string[]; } export interface GetSnapshotIdsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVolumeFilter { name: string; values: string[]; } export interface GetVolumeFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface SnapshotImportClientData { /** * A user-defined comment about the disk upload. */ comment?: pulumi.Input; /** * The time that the disk upload ends. */ uploadEnd?: pulumi.Input; /** * The size of the uploaded disk image, in GiB. */ uploadSize?: pulumi.Input; /** * The time that the disk upload starts. */ uploadStart?: pulumi.Input; } export interface SnapshotImportDiskContainer { /** * The description of the disk image being imported. */ description?: pulumi.Input; /** * The format of the disk image being imported. One of `VHD` or `VMDK`. */ format: pulumi.Input; /** * The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon S3 URL (s3://..). One of `url` or `userBucket` must be set. */ url?: pulumi.Input; /** * The Amazon S3 bucket for the disk image. One of `url` or `userBucket` must be set. Detailed below. */ userBucket?: pulumi.Input; } export interface SnapshotImportDiskContainerUserBucket { /** * The name of the Amazon S3 bucket where the disk image is located. */ s3Bucket: pulumi.Input; /** * The file name of the disk image. */ s3Key: pulumi.Input; } } export namespace ec2 { export interface AmiCopyEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiCopyEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName?: pulumi.Input; } export interface AmiEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName: pulumi.Input; } export interface AmiFromInstanceEbsBlockDevice { /** * Boolean controlling whether the EBS volumes created to * support each created instance will be deleted once that instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Boolean controlling whether the created EBS volumes will be encrypted. Can't be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * Number of I/O operations per second the * created volumes will support. */ iops?: pulumi.Input; /** * ARN of the Outpost on which the snapshot is stored. * * > **Note:** You can specify `encrypted` or `snapshotId` but not both. */ outpostArn?: pulumi.Input; /** * ID of an EBS snapshot that will be used to initialize the created * EBS volumes. If set, the `volumeSize` attribute must be at least as large as the referenced * snapshot. */ snapshotId?: pulumi.Input; /** * Throughput that the EBS volume supports, in MiB/s. Only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * Size of created volumes in GiB. * If `snapshotId` is set and `volumeSize` is omitted then the volume will have the same size * as the selected snapshot. */ volumeSize?: pulumi.Input; /** * Type of EBS volume to create. Can be `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1` (Default: `standard`). */ volumeType?: pulumi.Input; } export interface AmiFromInstanceEphemeralBlockDevice { /** * Path at which the device is exposed to created instances. */ deviceName?: pulumi.Input; /** * Name for the ephemeral device, of the form "ephemeralN" where * *N* is a volume number starting from zero. */ virtualName?: pulumi.Input; } export interface CapacityBlockReservationTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; } export interface DefaultNetworkAclEgress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. * * > For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml). */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. * * The following arguments are optional: */ toPort: pulumi.Input; } export interface DefaultNetworkAclIngress { /** * The action to take. */ action: pulumi.Input; /** * The CIDR block to match. This must be a valid network mask. */ cidrBlock?: pulumi.Input; /** * The from port to match. */ fromPort: pulumi.Input; /** * The ICMP type code to be used. Default 0. */ icmpCode?: pulumi.Input; /** * The ICMP type to be used. Default 0. */ icmpType?: pulumi.Input; /** * The IPv6 CIDR block. * * > For more information on ICMP types and codes, see [Internet Control Message Protocol (ICMP) Parameters](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml). */ ipv6CidrBlock?: pulumi.Input; /** * The protocol to match. If using the -1 'all' protocol, you must specify a from and to port of 0. */ protocol: pulumi.Input; /** * The rule number. Used for ordering. */ ruleNo: pulumi.Input; /** * The to port to match. * * The following arguments are optional: */ toPort: pulumi.Input; } export interface DefaultRouteTableRoute { /** * The CIDR block of the route. */ cidrBlock?: pulumi.Input; /** * The Amazon Resource Name (ARN) of a core network. */ coreNetworkArn?: pulumi.Input; /** * The ID of a managed prefix list destination of the route. * * One of the following target arguments must be supplied: */ destinationPrefixListId?: pulumi.Input; /** * Identifier of a VPC Egress Only Internet Gateway. */ egressOnlyGatewayId?: pulumi.Input; /** * Identifier of a VPC internet gateway or a virtual private gateway. */ gatewayId?: pulumi.Input; /** * Identifier of an EC2 instance. */ instanceId?: pulumi.Input; /** * The Ipv6 CIDR block of the route */ ipv6CidrBlock?: pulumi.Input; /** * Identifier of a VPC NAT gateway. */ natGatewayId?: pulumi.Input; /** * Identifier of an EC2 network interface. */ networkInterfaceId?: pulumi.Input; /** * Identifier of an EC2 Transit Gateway. */ transitGatewayId?: pulumi.Input; /** * Identifier of a VPC Endpoint. This route must be removed prior to VPC Endpoint deletion. */ vpcEndpointId?: pulumi.Input; /** * Identifier of a VPC peering connection. * * Note that the default route, mapping the VPC's CIDR block to "local", is created implicitly and cannot be specified. */ vpcPeeringConnectionId?: pulumi.Input; } export interface DefaultSecurityGroupEgress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of this rule. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp`) */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of prefix list IDs (for allowing access to VPC endpoints) */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of "-1" (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this egress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). */ toPort: pulumi.Input; } export interface DefaultSecurityGroupIngress { /** * List of CIDR blocks. */ cidrBlocks?: pulumi.Input[]>; /** * Description of the security group. */ description?: pulumi.Input; /** * Start port (or ICMP type number if protocol is `icmp`) */ fromPort: pulumi.Input; /** * List of IPv6 CIDR blocks. */ ipv6CidrBlocks?: pulumi.Input[]>; /** * List of prefix list IDs (for allowing access to VPC endpoints) */ prefixListIds?: pulumi.Input[]>; /** * Protocol. If you select a protocol of "-1" (semantically equivalent to `all`, which is not a valid value here), you must specify a `fromPort` and `toPort` equal to `0`. If not `icmp`, `tcp`, `udp`, or `-1` use the [protocol number](https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). */ protocol: pulumi.Input; /** * List of security groups. A group name can be used relative to the default VPC. Otherwise, group ID. */ securityGroups?: pulumi.Input[]>; /** * Whether the security group itself will be added as a source to this egress rule. */ self?: pulumi.Input; /** * End range port (or ICMP code if protocol is `icmp`). */ toPort: pulumi.Input; } export interface EipDomainNameTimeouts { /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ create?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. */ delete?: pulumi.Input; /** * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). */ update?: pulumi.Input; } export interface FleetFleetInstanceSet { /** * The IDs of the instances. */ instanceIds?: pulumi.Input[]>; /** * The instance type. */ instanceType?: pulumi.Input; /** * Indicates if the instance that was launched is a Spot Instance or On-Demand Instance. */ lifecycle?: pulumi.Input; /** * The value is `Windows` for Windows instances. Otherwise, the value is blank. */ platform?: pulumi.Input; } export interface FleetLaunchTemplateConfig { /** * Nested argument containing EC2 Launch Template to use. Defined below. */ launchTemplateSpecification?: pulumi.Input; /** * Nested argument(s) containing parameters to override the same parameters in the Launch Template. Defined below. */ overrides?: pulumi.Input[]>; } export interface FleetLaunchTemplateConfigLaunchTemplateSpecification { /** * The ID of the launch template. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. */ launchTemplateName?: pulumi.Input; /** * The launch template version number, `$Latest`, or `$Default.` */ version: pulumi.Input; } export interface FleetLaunchTemplateConfigOverride { /** * Availability Zone in which to launch the instances. */ availabilityZone?: pulumi.Input; /** * Override the instance type in the Launch Template with instance types that satisfy the requirements. */ instanceRequirements?: pulumi.Input; /** * Instance type. */ instanceType?: pulumi.Input; /** * Maximum price per unit hour that you are willing to pay for a Spot Instance. */ maxPrice?: pulumi.Input; /** * Priority for the launch template override. If `onDemandOptions` `allocationStrategy` is set to `prioritized`, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. Valid values are whole numbers starting at 0. */ priority?: pulumi.Input; /** * ID of the subnet in which to launch the instances. */ subnetId?: pulumi.Input; /** * Number of units provided by the specified instance type. */ weightedCapacity?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum limits. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * The accelerator types that must be on the instance type. Default is any accelerator type. */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards,represented by an asterisk (\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. Default is any instance type. * * If you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicates whether burstable performance T instance types are `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include. Default is any manufacturer. * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*). The following are examples: `c5*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * If you specify `AllowedInstanceTypes`, you can't specify `ExcludedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Valid values are `current` and `previous`. Default is `current` and `previous` generation instance types. */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Valid values are `hdd` and `ssd`. Default any storage type. */ localStorageTypes?: pulumi.Input[]>; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spotMaxPricePercentageOverLowestPrice` */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU, in GiB. Default is no minimum or maximum limits. */ memoryMib: pulumi.Input; /** * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is No minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set `targetCapacityUnitType` to `vcpu` or `memory-mib`, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `maxSpotPriceAsPercentageOfOptimalOnDemandPrice` * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsAcceleratorTotalMemoryMib { /** * The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsBaselineEbsBandwidthMbps { /** * The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.. */ max?: pulumi.Input; /** * The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryGibPerVcpu { /** * The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsMemoryMib { /** * The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory, in MiB. To specify no minimum limit, specify `0`. */ min: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkBandwidthGbps { /** * The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsNetworkInterfaceCount { /** * The maximum number of network interfaces. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of network interfaces. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsTotalLocalStorageGb { /** * The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } export interface FleetLaunchTemplateConfigOverrideInstanceRequirementsVcpuCount { /** * The maximum number of vCPUs. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of vCPUs. To specify no minimum limit, specify `0`. */ min: pulumi.Input; } export interface FleetOnDemandOptions { /** * The order of the launch template overrides to use in fulfilling On-Demand capacity. Valid values: `lowestPrice`, `prioritized`. Default: `lowestPrice`. */ allocationStrategy?: pulumi.Input; /** * The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity. Supported only for fleets of type `instant`. */ capacityReservationOptions?: pulumi.Input; /** * The maximum amount per hour for On-Demand Instances that you're willing to pay. */ maxTotalPrice?: pulumi.Input; /** * The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances. Supported only for fleets of type `instant`. * If you specify `minTargetCapacity`, at least one of the following must be specified: `singleAvailabilityZone` or `singleInstanceType`. */ minTargetCapacity?: pulumi.Input; /** * Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. Supported only for fleets of type `instant`. */ singleAvailabilityZone?: pulumi.Input; /** * Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. Supported only for fleets of type `instant`. */ singleInstanceType?: pulumi.Input; } export interface FleetOnDemandOptionsCapacityReservationOptions { /** * Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity. Valid values: `use-capacity-reservations-first`. */ usageStrategy?: pulumi.Input; } export interface FleetSpotOptions { /** * How to allocate the target capacity across the Spot pools. Valid values: `diversified`, `lowestPrice`, `capacity-optimized`, `capacity-optimized-prioritized` and `price-capacity-optimized`. Default: `lowestPrice`. */ allocationStrategy?: pulumi.Input; /** * Behavior when a Spot Instance is interrupted. Valid values: `hibernate`, `stop`, `terminate`. Default: `terminate`. */ instanceInterruptionBehavior?: pulumi.Input; /** * Number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot `allocationStrategy` is set to `lowestPrice`. Default: `1`. */ instancePoolsToUseCount?: pulumi.Input; /** * Nested argument containing maintenance strategies for managing your Spot Instances that are at an elevated risk of being interrupted. Defined below. */ maintenanceStrategies?: pulumi.Input; } export interface FleetSpotOptionsMaintenanceStrategies { /** * Nested argument containing the capacity rebalance for your fleet request. Defined below. */ capacityRebalance?: pulumi.Input; } export interface FleetSpotOptionsMaintenanceStrategiesCapacityRebalance { /** * The replacement strategy to use. Only available for fleets of `type` set to `maintain`. Valid values: `launch`. */ replacementStrategy?: pulumi.Input; terminationDelay?: pulumi.Input; } export interface FleetTargetCapacitySpecification { /** * Default target capacity type. Valid values: `on-demand`, `spot`. */ defaultTargetCapacityType: pulumi.Input; /** * The number of On-Demand units to request. */ onDemandTargetCapacity?: pulumi.Input; /** * The number of Spot units to request. */ spotTargetCapacity?: pulumi.Input; /** * The unit for the target capacity. * If you specify `targetCapacityUnitType`, `instanceRequirements` must be specified. */ targetCapacityUnitType?: pulumi.Input; /** * The number of units to request, filled using `defaultTargetCapacityType`. */ totalTargetCapacity: pulumi.Input; } export interface FlowLogDestinationOptions { /** * The format for the flow log. Default value: `plain-text`. Valid values: `plain-text`, `parquet`. */ fileFormat?: pulumi.Input; /** * Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. Default value: `false`. */ hiveCompatiblePartitions?: pulumi.Input; /** * Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. Default value: `false`. */ perHourPartition?: pulumi.Input; } export interface GetAmiFilter { /** * Name of the AMI that was provided during image creation. */ name: string; values: string[]; } export interface GetAmiFilterArgs { /** * Name of the AMI that was provided during image creation. */ name: pulumi.Input; values: pulumi.Input[]>; } export interface GetAmiIdsFilter { name: string; values: string[]; } export interface GetAmiIdsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetCoipPoolFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: string; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: string[]; } export interface GetCoipPoolFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetCoipPoolsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: string; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: string[]; } export interface GetCoipPoolsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeCoipPools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A COIP Pool will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetCustomerGatewayFilter { name: string; values: string[]; } export interface GetCustomerGatewayFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetDedicatedHostFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html). */ name: string; /** * Set of values that are accepted for the given field. A host will be selected if any one of the given values matches. */ values: string[]; } export interface GetDedicatedHostFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeHosts.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A host will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetEipsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html). */ name: string; /** * Set of values that are accepted for the given field. An Elastic IP will be selected if any one of the given values matches. */ values: string[]; } export interface GetEipsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. An Elastic IP will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetElasticIpFilter { name: string; values: string[]; } export interface GetElasticIpFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInstanceFilter { name: string; values: string[]; } export interface GetInstanceFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInstanceTypeOfferingFilter { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypeOfferingFilterArgs { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstanceTypeOfferingsFilter { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypeOfferingsFilterArgs { /** * Name of the filter. The `location` filter depends on the top-level `locationType` argument and if not specified, defaults to the current region. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstanceTypesFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetInstanceTypesFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetInstancesFilter { name: string; values: string[]; } export interface GetInstancesFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetInternetGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * An Internet Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetInternetGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInternetGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * An Internet Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetKeyPairFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeKeyPairs API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetKeyPairFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeKeyPairs API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeKeyPairs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetLaunchTemplateFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetLaunchTemplateFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeLaunchTemplates API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLaunchTemplates.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayRouteTableFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A local gateway route table will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayRouteTableFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A local gateway route table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewayRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceGroupFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceGroupFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewayVirtualInterfaceGroupsFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetLocalGatewayVirtualInterfaceGroupsFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetLocalGatewaysFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetLocalGatewaysFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeLocalGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Local Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetManagedPrefixListFilter { /** * Name of the filter field. Valid values can be found in the EC2 [DescribeManagedPrefixLists](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetManagedPrefixListFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [DescribeManagedPrefixLists](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetManagedPrefixListsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html). */ name: string; /** * Set of values that are accepted for the given field. * A managed prefix list will be selected if any one of the given values matches. */ values: string[]; } export interface GetManagedPrefixListsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeManagedPrefixLists.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A managed prefix list will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNatGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * An Nat Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetNatGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * An Nat Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNatGatewaysFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A Nat Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetNatGatewaysFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Nat Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNetworkAclsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetNetworkAclsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkAcls.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetNetworkInsightsAnalysisFilter { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetNetworkInsightsAnalysisFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsAnalyses`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsAnalyses.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetNetworkInsightsPathFilter { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsPaths`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html) API Reference. */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetNetworkInsightsPathFilterArgs { /** * Name of the filter field. Valid values can be found in the EC2 [`DescribeNetworkInsightsPaths`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInsightsPaths.html) API Reference. */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetNetworkInterfaceFilter { name: string; values: string[]; } export interface GetNetworkInterfaceFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetNetworkInterfacesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html). */ name: string; /** * Set of values that are accepted for the given field. */ values: string[]; } export interface GetNetworkInterfacesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. */ values: pulumi.Input[]>; } export interface GetPrefixListFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetPrefixListFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribePrefixLists API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePrefixLists.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetPublicIpv4PoolsFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html). */ name: string; /** * Set of values that are accepted for the given field. Pool IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetPublicIpv4PoolsFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribePublicIpv4Pools.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. Pool IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetRouteTableFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. A Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTableFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSecurityGroupFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html). */ name: string; /** * Set of values that are accepted for the given field. * A Security Group will be selected if any one of the given values matches. */ values: string[]; } export interface GetSecurityGroupFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Security Group will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSecurityGroupsFilter { name: string; values: string[]; } export interface GetSecurityGroupsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetSpotPriceFilter { /** * Name of the filter. */ name: string; /** * List of one or more values for the filter. */ values: string[]; } export interface GetSpotPriceFilterArgs { /** * Name of the filter. */ name: pulumi.Input; /** * List of one or more values for the filter. */ values: pulumi.Input[]>; } export interface GetSubnetFilter { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). */ name: string; /** * Set of values that are accepted for the given field. A subnet will be selected if any one of the given values matches. */ values: string[]; } export interface GetSubnetFilterArgs { /** * Name of the field to filter by, as defined by [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. A subnet will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetSubnetsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). * For example, if matching against tag `Name`, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const selected = aws.ec2.getSubnets({ * filters: [{ * name: "tag:Name", * values: [""], * }], * }); * ``` */ name: string; /** * Set of values that are accepted for the given field. * Subnet IDs will be selected if any one of the given values match. */ values: string[]; } export interface GetSubnetsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSubnets.html). * For example, if matching against tag `Name`, use: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const selected = aws.ec2.getSubnets({ * filters: [{ * name: "tag:Name", * values: [""], * }], * }); * ``` */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * Subnet IDs will be selected if any one of the given values match. */ values: pulumi.Input[]>; } export interface GetTransitGatewayRouteTablesFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html). */ name: string; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: string[]; } export interface GetTransitGatewayRouteTablesFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayRouteTables.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A Transit Gateway Route Table will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcDhcpOptionsFilter { /** * Name of the field to filter. */ name: string; /** * Set of values for filtering. */ values: string[]; } export interface GetVpcDhcpOptionsFilterArgs { /** * Name of the field to filter. */ name: pulumi.Input; /** * Set of values for filtering. */ values: pulumi.Input[]>; } export interface GetVpcEndpointFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Endpoint will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcEndpointFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpoints.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Endpoint will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcEndpointServiceFilter { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html). */ name: string; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: string[]; } export interface GetVpcEndpointServiceFilterArgs { /** * Name of the filter field. Valid values can be found in the [EC2 DescribeVpcEndpointServices API Reference](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcEndpointServices.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given filter field. Results will be selected if any given value matches. */ values: pulumi.Input[]>; } export interface GetVpcFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcIamPoolCidrsFilter { name: string; values: string[]; } export interface GetVpcIamPoolCidrsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVpcIamPoolFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIamPoolFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIamPoolsFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIamPoolsFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIpamPoolCidrsFilter { name: string; values: string[]; } export interface GetVpcIpamPoolCidrsFilterArgs { name: pulumi.Input; values: pulumi.Input[]>; } export interface GetVpcIpamPoolFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIpamPoolFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcIpamPoolsFilter { /** * The name of the filter. Filter names are case-sensitive. */ name: string; /** * The filter values. Filter values are case-sensitive. */ values: string[]; } export interface GetVpcIpamPoolsFilterArgs { /** * The name of the filter. Filter names are case-sensitive. */ name: pulumi.Input; /** * The filter values. Filter values are case-sensitive. */ values: pulumi.Input[]>; } export interface GetVpcPeeringConnectionFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcPeeringConnectionFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcPeeringConnectionsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcPeeringConnectionsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcPeeringConnections.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC Peering Connection will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpcsFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpcsFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPC will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface GetVpnGatewayFilter { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html). */ name: string; /** * Set of values that are accepted for the given field. * A VPN Gateway will be selected if any one of the given values matches. */ values: string[]; } export interface GetVpnGatewayFilterArgs { /** * Name of the field to filter by, as defined by * [the underlying AWS API](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpnGateways.html). */ name: pulumi.Input; /** * Set of values that are accepted for the given field. * A VPN Gateway will be selected if any one of the given values matches. */ values: pulumi.Input[]>; } export interface InstanceCapacityReservationSpecification { /** * Indicates the instance's Capacity Reservation preferences. Can be `"open"` or `"none"`. (Default: `"open"`). */ capacityReservationPreference?: pulumi.Input; /** * Information about the target Capacity Reservation. See Capacity Reservation Target below for more details. * * For more information, see the documentation on [Capacity Reservations](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/capacity-reservations-using.html). */ capacityReservationTarget?: pulumi.Input; } export interface InstanceCapacityReservationSpecificationCapacityReservationTarget { /** * ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } export interface InstanceCpuOptions { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`. */ amdSevSnp?: pulumi.Input; /** * Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options [CPU Cores and Threads Per CPU Core Per Instance Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html#cpu-options-supported-instances-values) - specifying this option for unsupported instance types will return an error from the EC2 API. */ coreCount?: pulumi.Input; /** * If set to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See [Optimizing CPU Options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) for more information. * * For more information, see the documentation on [Optimizing CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html). */ threadsPerCore?: pulumi.Input; } export interface InstanceCreditSpecification { /** * Credit option for CPU usage. Valid values include `standard` or `unlimited`. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default. */ cpuCredits?: pulumi.Input; } export interface InstanceEbsBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Name of the device to mount. */ deviceName: pulumi.Input; /** * Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. Defaults to `false`. Cannot be used with `snapshotId`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Snapshot ID to mount. */ snapshotId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. */ tagsAll?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`. */ volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to `gp2`. * * > **NOTE:** Currently, changes to the `ebsBlockDevice` configuration of _existing_ resources cannot be automatically detected by this provider. To manage changes and attachments of an EBS block to an instance, use the `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources instead. If you use `ebsBlockDevice` on an `aws.ec2.Instance`, this provider will assume management over the full set of non-root EBS block devices for the instance, treating additional block devices as drift. For this reason, `ebsBlockDevice` cannot be mixed with external `aws.ebs.Volume` and `aws.ec2.VolumeAttachment` resources for a given instance. */ volumeType?: pulumi.Input; } export interface InstanceEnclaveOptions { /** * Whether Nitro Enclaves will be enabled on the instance. Defaults to `false`. * * For more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html). */ enabled?: pulumi.Input; } export interface InstanceEphemeralBlockDevice { /** * Name of the block device to mount on the instance. */ deviceName: pulumi.Input; /** * Suppresses the specified device included in the AMI's block device mapping. */ noDevice?: pulumi.Input; /** * [Instance Store Device Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) (e.g., `ephemeral0`). * * Each AWS Instance type has a different set of Instance Store block devices available for attachment. AWS [publishes a list](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#StorageOnInstanceTypes) of which ephemeral devices are available on each type. The devices are always identified by the `virtualName` in the format `ephemeral{0..N}`. */ virtualName?: pulumi.Input; } export interface InstanceInstanceMarketOptions { /** * Type of market for the instance. Valid values are `spot` and `capacity-block`. Defaults to `spot`. Required if `spotOptions` is specified. */ marketType?: pulumi.Input; /** * Block to configure the options for Spot Instances. See Spot Options below for details on attributes. */ spotOptions?: pulumi.Input; } export interface InstanceInstanceMarketOptionsSpotOptions { /** * The behavior when a Spot Instance is interrupted. Valid values include `hibernate`, `stop`, `terminate` . The default is `terminate`. */ instanceInterruptionBehavior?: pulumi.Input; /** * The maximum hourly price that you're willing to pay for a Spot Instance. */ maxPrice?: pulumi.Input; /** * The Spot Instance request type. Valid values include `one-time`, `persistent`. Persistent Spot Instance requests are only supported when the instance interruption behavior is either hibernate or stop. The default is `one-time`. */ spotInstanceType?: pulumi.Input; /** * The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). Supported only for persistent requests. */ validUntil?: pulumi.Input; } export interface InstanceLaunchTemplate { /** * ID of the launch template. Conflicts with `name`. */ id?: pulumi.Input; /** * Name of the launch template. Conflicts with `id`. */ name?: pulumi.Input; /** * Template version. Can be a specific version number, `$Latest` or `$Default`. The default value is `$Default`. */ version?: pulumi.Input; } export interface InstanceMaintenanceOptions { /** * Automatic recovery behavior of the Instance. Can be `"default"` or `"disabled"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details. */ autoRecovery?: pulumi.Input; } export interface InstanceMetadataOptions { /** * Whether the metadata service is available. Valid values include `enabled` or `disabled`. Defaults to `enabled`. */ httpEndpoint?: pulumi.Input; /** * Whether the IPv6 endpoint for the instance metadata service is enabled. Defaults to `disabled`. */ httpProtocolIpv6?: pulumi.Input; /** * Desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Valid values are integer from `1` to `64`. Defaults to `1`. */ httpPutResponseHopLimit?: pulumi.Input; /** * Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Valid values include `optional` or `required`. */ httpTokens?: pulumi.Input; /** * Enables or disables access to instance tags from the instance metadata service. Valid values include `enabled` or `disabled`. Defaults to `disabled`. * * For more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). */ instanceMetadataTags?: pulumi.Input; } export interface InstanceNetworkInterface { /** * Whether or not to delete the network interface on instance termination. Defaults to `false`. Currently, the only valid value is `false`, as this is only supported when creating new network interfaces when launching an instance. */ deleteOnTermination?: pulumi.Input; /** * Integer index of the network interface attachment. Limited by instance type. */ deviceIndex: pulumi.Input; /** * Integer index of the network card. Limited by instance type. The default index is `0`. */ networkCardIndex?: pulumi.Input; /** * ID of the network interface to attach. */ networkInterfaceId: pulumi.Input; } export interface InstancePrivateDnsNameOptions { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * Type of hostname for Amazon EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 native subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. Valid values: `ip-name` and `resource-name`. */ hostnameType?: pulumi.Input; } export interface InstanceRootBlockDevice { /** * Whether the volume should be destroyed on instance termination. Defaults to `true`. */ deleteOnTermination?: pulumi.Input; /** * Device name, e.g., `/dev/sdh` or `xvdh`. */ deviceName?: pulumi.Input; /** * Whether to enable volume encryption. Defaults to `false`. Must be configured to perform drift detection. */ encrypted?: pulumi.Input; /** * Amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). Only valid for volumeType of `io1`, `io2` or `gp3`. */ iops?: pulumi.Input; /** * Amazon Resource Name (ARN) of the KMS Key to use when encrypting the volume. Must be configured to perform drift detection. */ kmsKeyId?: pulumi.Input; /** * Map of tags to assign to the device. */ tags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. */ tagsAll?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * Throughput to provision for a volume in mebibytes per second (MiB/s). This is only valid for `volumeType` of `gp3`. */ throughput?: pulumi.Input; /** * ID of the volume. For example, the ID can be accessed like this, `aws_instance.web.root_block_device.0.volume_id`. */ volumeId?: pulumi.Input; /** * Size of the volume in gibibytes (GiB). */ volumeSize?: pulumi.Input; /** * Type of volume. Valid values include `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1`, or `st1`. Defaults to the volume type that the AMI uses. * * Modifying the `encrypted` or `kmsKeyId` settings of the `rootBlockDevice` requires resource replacement. */ volumeType?: pulumi.Input; } export interface LaunchConfigurationEbsBlockDevice { deleteOnTermination?: pulumi.Input; deviceName: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; noDevice?: pulumi.Input; snapshotId?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface LaunchConfigurationEphemeralBlockDevice { deviceName: pulumi.Input; noDevice?: pulumi.Input; virtualName?: pulumi.Input; } export interface LaunchConfigurationMetadataOptions { /** * The state of the metadata service: `enabled`, `disabled`. */ httpEndpoint?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. */ httpPutResponseHopLimit?: pulumi.Input; /** * If session tokens are required: `optional`, `required`. */ httpTokens?: pulumi.Input; } export interface LaunchConfigurationRootBlockDevice { deleteOnTermination?: pulumi.Input; encrypted?: pulumi.Input; iops?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } export interface LaunchTemplateBlockDeviceMapping { /** * The name of the device to mount. */ deviceName?: pulumi.Input; /** * Configure EBS volume properties. */ ebs?: pulumi.Input; /** * Suppresses the specified device included in the AMI's block device mapping. */ noDevice?: pulumi.Input; /** * The [Instance Store Device * Name](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#InstanceStoreDeviceNames) * (e.g., `"ephemeral0"`). */ virtualName?: pulumi.Input; } export interface LaunchTemplateBlockDeviceMappingEbs { /** * Whether the volume should be destroyed on instance termination. * See [Preserving Amazon EBS Volumes on Instance Termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/preserving-volumes-on-termination.html) for more information. */ deleteOnTermination?: pulumi.Input; /** * Enables [EBS encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) on the volume. * Cannot be used with `snapshotId`. */ encrypted?: pulumi.Input; /** * The amount of provisioned [IOPS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html). * This must be set with a `volumeType` of `"io1/io2/gp3"`. */ iops?: pulumi.Input; /** * The ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. * `encrypted` must be set to `true` when this is set. */ kmsKeyId?: pulumi.Input; /** * The Snapshot ID to mount. */ snapshotId?: pulumi.Input; /** * The throughput to provision for a `gp3` volume in MiB/s (specified as an integer, e.g., 500), with a maximum of 1,000 MiB/s. */ throughput?: pulumi.Input; /** * The size of the volume in gigabytes. */ volumeSize?: pulumi.Input; /** * The volume type. * Can be one of `standard`, `gp2`, `gp3`, `io1`, `io2`, `sc1` or `st1`. */ volumeType?: pulumi.Input; } export interface LaunchTemplateCapacityReservationSpecification { /** * Indicates the instance's Capacity Reservation preferences. Can be `open` or `none`. (Default `none`). */ capacityReservationPreference?: pulumi.Input; /** * Used to target a specific Capacity Reservation: */ capacityReservationTarget?: pulumi.Input; } export interface LaunchTemplateCapacityReservationSpecificationCapacityReservationTarget { /** * The ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * The ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } export interface LaunchTemplateCpuOptions { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. Valid values are `enabled` and `disabled`. */ amdSevSnp?: pulumi.Input; /** * The number of CPU cores for the instance. */ coreCount?: pulumi.Input; /** * The number of threads per CPU core. * To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. * Otherwise, specify the default value of 2. * * Both number of CPU cores and threads per core must be specified. Valid number of CPU cores and threads per core for the instance type can be found in the [CPU Options Documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html?shortFooter=true#cpu-options-supported-instances-values) */ threadsPerCore?: pulumi.Input; } export interface LaunchTemplateCreditSpecification { /** * The credit option for CPU usage. * Can be `standard` or `unlimited`. * T3 instances are launched as `unlimited` by default. * T2 instances are launched as `standard` by default. */ cpuCredits?: pulumi.Input; } export interface LaunchTemplateElasticGpuSpecification { /** * The [Elastic GPU Type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-graphics.html#elastic-graphics-basics) */ type: pulumi.Input; } export interface LaunchTemplateElasticInferenceAccelerator { /** * Accelerator type. */ type: pulumi.Input; } export interface LaunchTemplateEnclaveOptions { /** * If set to `true`, Nitro Enclaves will be enabled on the instance. * * For more information, see the documentation on [Nitro Enclaves](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html). */ enabled?: pulumi.Input; } export interface LaunchTemplateHibernationOptions { /** * If set to `true`, the launched EC2 instance will hibernation enabled. */ configured: pulumi.Input; } export interface LaunchTemplateIamInstanceProfile { /** * The Amazon Resource Name (ARN) of the instance profile. Conflicts with `name`. */ arn?: pulumi.Input; /** * The name of the instance profile. */ name?: pulumi.Input; } export interface LaunchTemplateInstanceMarketOptions { /** * The market type. Can be `spot`. */ marketType?: pulumi.Input; /** * The options for [Spot Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html) */ spotOptions?: pulumi.Input; } export interface LaunchTemplateInstanceMarketOptionsSpotOptions { /** * The required duration in minutes. This value must be a multiple of 60. */ blockDurationMinutes?: pulumi.Input; /** * The behavior when a Spot Instance is interrupted. Can be `hibernate`, * `stop`, or `terminate`. (Default: `terminate`). */ instanceInterruptionBehavior?: pulumi.Input; /** * The maximum hourly price you're willing to pay for the Spot Instances. */ maxPrice?: pulumi.Input; /** * The Spot Instance request type. Can be `one-time`, or `persistent`. */ spotInstanceType?: pulumi.Input; /** * The end date of the request. */ validUntil?: pulumi.Input; } export interface LaunchTemplateInstanceRequirements { /** * Block describing the minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips). Default is no minimum or maximum. */ acceleratorCount?: pulumi.Input; /** * List of accelerator manufacturer names. Default is any manufacturer. * * ``` * Valid names: * * amazon-web-services * * amd * * nvidia * * xilinx * ``` */ acceleratorManufacturers?: pulumi.Input[]>; /** * List of accelerator names. Default is any acclerator. * * ``` * Valid names: * * a100 - NVIDIA A100 GPUs * * v100 - NVIDIA V100 GPUs * * k80 - NVIDIA K80 GPUs * * t4 - NVIDIA T4 GPUs * * m60 - NVIDIA M60 GPUs * * radeon-pro-v520 - AMD Radeon Pro V520 GPUs * * vu9p - Xilinx VU9P FPGAs * ``` */ acceleratorNames?: pulumi.Input[]>; /** * Block describing the minimum and maximum total memory of the accelerators. Default is no minimum or maximum. */ acceleratorTotalMemoryMib?: pulumi.Input; /** * List of accelerator types. Default is any accelerator type. * * ``` * Valid types: * * fpga * * gpu * * inference * ``` */ acceleratorTypes?: pulumi.Input[]>; /** * List of instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. You can use strings with one or more wild cards, represented by an asterisk (\*), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are allowing the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are allowing all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is all instance types. * * > **NOTE:** If you specify `allowedInstanceTypes`, you can't specify `excludedInstanceTypes`. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicate whether bare metal instace types should be `included`, `excluded`, or `required`. Default is `excluded`. */ bareMetal?: pulumi.Input; /** * Block describing the minimum and maximum baseline EBS bandwidth, in Mbps. Default is no minimum or maximum. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicate whether burstable performance instance types should be `included`, `excluded`, or `required`. Default is `excluded`. */ burstablePerformance?: pulumi.Input; /** * List of CPU manufacturer names. Default is any manufacturer. * * > **NOTE:** Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * ``` * Valid names: * * amazon-web-services * * amd * * intel * ``` */ cpuManufacturers?: pulumi.Input[]>; /** * List of instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (\*), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge`, `c5*.*`, `m5a.*`, `r*`, `*3*`. For example, if you specify `c5*`, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*`, you are excluding all the M5a instance types, but not the M5n instance types. Maximum of 400 entries in the list; each entry is limited to 30 characters. Default is no excluded instance types. * * > **NOTE:** If you specify `excludedInstanceTypes`, you can't specify `allowedInstanceTypes`. */ excludedInstanceTypes?: pulumi.Input[]>; /** * List of instance generation names. Default is any generation. * * ``` * Valid names: * * current - Recommended for best performance. * * previous - For existing applications optimized for older instance types. * ``` */ instanceGenerations?: pulumi.Input[]>; /** * Indicate whether instance types with local storage volumes are `included`, `excluded`, or `required`. Default is `included`. */ localStorage?: pulumi.Input; /** * List of local storage type names. Default any storage type. * * ``` * Value names: * * hdd - hard disk drive * * ssd - solid state drive * ``` */ localStorageTypes?: pulumi.Input[]>; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Conflicts with `spotMaxPricePercentageOverLowestPrice` */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (GiB) per vCPU. Default is no minimum or maximum. */ memoryGibPerVcpu?: pulumi.Input; /** * Block describing the minimum and maximum amount of memory (MiB). Default is no maximum. */ memoryMib: pulumi.Input; /** * Block describing the minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). Default is no minimum or maximum. */ networkBandwidthGbps?: pulumi.Input; /** * Block describing the minimum and maximum number of network interfaces. Default is no minimum or maximum. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances. This is the maximum you’ll pay for an On-Demand Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 20. * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicate whether instance types must support On-Demand Instance Hibernation, either `true` or `false`. Default is `false`. */ requireHibernateSupport?: pulumi.Input; /** * The price protection threshold for Spot Instances. This is the maximum you’ll pay for a Spot Instance, expressed as a percentage higher than the cheapest M, C, or R instance type with your specified attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price is higher than your threshold. The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. To turn off price protection, specify a high value, such as 999999. Default is 100. Conflicts with `maxSpotPriceAsPercentageOfOptimalOnDemandPrice` * * If you set DesiredCapacityType to vcpu or memory-mib, the price protection threshold is applied based on the per vCPU or per memory price instead of the per instance price. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Block describing the minimum and maximum total local storage (GB). Default is no minimum or maximum. */ totalLocalStorageGb?: pulumi.Input; /** * Block describing the minimum and maximum number of vCPUs. Default is no maximum. */ vcpuCount: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsAcceleratorCount { /** * Maximum. Set to `0` to exclude instance types with accelerators. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsAcceleratorTotalMemoryMib { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsBaselineEbsBandwidthMbps { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsMemoryGibPerVcpu { /** * Maximum. May be a decimal number, e.g. `0.5`. */ max?: pulumi.Input; /** * Minimum. May be a decimal number, e.g. `0.5`. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsMemoryMib { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsNetworkBandwidthGbps { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsNetworkInterfaceCount { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsTotalLocalStorageGb { /** * Maximum. May be a decimal number, e.g. `0.5`. */ max?: pulumi.Input; /** * Minimum. May be a decimal number, e.g. `0.5`. */ min?: pulumi.Input; } export interface LaunchTemplateInstanceRequirementsVcpuCount { /** * Maximum. */ max?: pulumi.Input; /** * Minimum. */ min: pulumi.Input; } export interface LaunchTemplateLicenseSpecification { /** * ARN of the license configuration. */ licenseConfigurationArn: pulumi.Input; } export interface LaunchTemplateMaintenanceOptions { /** * Disables the automatic recovery behavior of your instance or sets it to default. Can be `"default"` or `"disabled"`. See [Recover your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html) for more details. */ autoRecovery?: pulumi.Input; } export interface LaunchTemplateMetadataOptions { /** * Whether the metadata service is available. Can be `"enabled"` or `"disabled"`. (Default: `"enabled"`). */ httpEndpoint?: pulumi.Input; /** * Enables or disables the IPv6 endpoint for the instance metadata service. Can be `"enabled"` or `"disabled"`. */ httpProtocolIpv6?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. Can be an integer from `1` to `64`. (Default: `1`). */ httpPutResponseHopLimit?: pulumi.Input; /** * Whether or not the metadata service requires session tokens, also referred to as _Instance Metadata Service Version 2 (IMDSv2)_. Can be `"optional"` or `"required"`. (Default: `"optional"`). */ httpTokens?: pulumi.Input; /** * Enables or disables access to instance tags from the instance metadata service. Can be `"enabled"` or `"disabled"`. * * For more information, see the documentation on the [Instance Metadata Service](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). */ instanceMetadataTags?: pulumi.Input; } export interface LaunchTemplateMonitoring { /** * If `true`, the launched EC2 instance will have detailed monitoring enabled. */ enabled?: pulumi.Input; } export interface LaunchTemplateNetworkInterface { /** * Associate a Carrier IP address with `eth0` for a new network interface. * Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. * Boolean value, can be left unset. */ associateCarrierIpAddress?: pulumi.Input; /** * Associate a public ip address with the network interface. * Boolean value, can be left unset. */ associatePublicIpAddress?: pulumi.Input; /** * Whether the network interface should be destroyed on instance termination. */ deleteOnTermination?: pulumi.Input; /** * Description of the network interface. */ description?: pulumi.Input; /** * The integer index of the network interface attachment. */ deviceIndex?: pulumi.Input; /** * The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa`. */ interfaceType?: pulumi.Input; /** * The number of secondary private IPv4 addresses to assign to a network interface. Conflicts with `ipv4Addresses` */ ipv4AddressCount?: pulumi.Input; /** * One or more private IPv4 addresses to associate. Conflicts with `ipv4AddressCount` */ ipv4Addresses?: pulumi.Input[]>; /** * The number of IPv4 prefixes to be automatically assigned to the network interface. Conflicts with `ipv4Prefixes` */ ipv4PrefixCount?: pulumi.Input; /** * One or more IPv4 prefixes to be assigned to the network interface. Conflicts with `ipv4PrefixCount` */ ipv4Prefixes?: pulumi.Input[]>; /** * The number of IPv6 addresses to assign to a network interface. Conflicts with `ipv6Addresses` */ ipv6AddressCount?: pulumi.Input; /** * One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. Conflicts with `ipv6AddressCount` */ ipv6Addresses?: pulumi.Input[]>; /** * The number of IPv6 prefixes to be automatically assigned to the network interface. Conflicts with `ipv6Prefixes` */ ipv6PrefixCount?: pulumi.Input; /** * One or more IPv6 prefixes to be assigned to the network interface. Conflicts with `ipv6PrefixCount` */ ipv6Prefixes?: pulumi.Input[]>; /** * The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0. */ networkCardIndex?: pulumi.Input; /** * The ID of the network interface to attach. */ networkInterfaceId?: pulumi.Input; /** * Whether the first IPv6 GUA will be made the primary IPv6 address. */ primaryIpv6?: pulumi.Input; /** * The primary private IPv4 address. */ privateIpAddress?: pulumi.Input; /** * A list of security group IDs to associate. */ securityGroups?: pulumi.Input[]>; /** * The VPC Subnet ID to associate. */ subnetId?: pulumi.Input; } export interface LaunchTemplatePlacement { /** * The affinity setting for an instance on a Dedicated Host. */ affinity?: pulumi.Input; /** * The Availability Zone for the instance. */ availabilityZone?: pulumi.Input; /** * The name of the placement group for the instance. */ groupName?: pulumi.Input; /** * The ID of the Dedicated Host for the instance. */ hostId?: pulumi.Input; /** * The ARN of the Host Resource Group in which to launch instances. */ hostResourceGroupArn?: pulumi.Input; /** * The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition. */ partitionNumber?: pulumi.Input; /** * Reserved for future use. */ spreadDomain?: pulumi.Input; /** * The tenancy of the instance (if the instance is running in a VPC). Can be `default`, `dedicated`, or `host`. */ tenancy?: pulumi.Input; } export interface LaunchTemplatePrivateDnsNameOptions { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * The type of hostname