Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Add option to bundle aws sdk as part of code asset #1

Closed
wants to merge 1,572 commits into from

Conversation

jonife
Copy link

@jonife jonife commented Feb 21, 2024

REPLACE THIS TEXT BLOCK

Describe the reason for this change, what the solution is, and any
The BundlingOptions in NodejsFunction construct removes AWS SDK dependencies by default.

This uses Lambda Provided SDK in the resulting function. This has higher cold start than a bundled function with AWS SDK dependencies included.

This happens, because the Node.js runtime has to do module resolution and go through multiple files while reading dependency code in the bundled function which uses Lambda Provided SDK. When SDK in bundled with the function code, the cold starts are lower as the as Node.js runtime has to read single file without any module resolution.

Result from reproduction:

{
'NodejsFunction default (uses Lambda Provided SDK)': 1227.1435,
'NodejsFunction custom (uses Customer Deployed SDK)': 929.441
}

related to this issue: aws#25492

important design decisions you made.
While maintaining backward compatibility, an new option useAwsSDK was introduced to include the sdk in the code asset

Closes aws#25492.


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

neilkuan and others added 30 commits January 11, 2024 18:58
feat(cloudwatch-action): support alarm lambda action

Closes aws#28483 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ws#28669)

`--debug` exists for exactly one purpose: Printing source-mapped traces so we can find the code that is going wrong. 
Let's always enabled tracing when debugging.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ws#28672)

ECS now supports managed instance draining which facilitates graceful termination of Amazon ECS instances for Capacity Providers.

Add a new constructor property, `enableManagedDraining`, to `AsgCapacityProvider`, to allow users to enable this feature.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ws#28660)

>  Can't destroy a stack that includes a rds database and rds parameter group where the database has removalPolicy property set to RemovalPolicy.RETAIN

### The following is the current behaviour:
```
const parameterGroup = new ParameterGroup(this, 'ParameterGroup', {
    ...
}

const database = new DatabaseInstance(this, 'DatabaseInstance', {
    parameterGroup: parameterGroup,
    removalPolicy: RemovalPolicy.RETAIN,
    ...
})
```

When destroying the stack
```
When I destroy this stack I see the following errors:

2:04:24 PM | DELETE_FAILED        | AWS::RDS::DBParameterGroup                  | ParameterGroup5E32DECB
One or more database instances are still members of this parameter group xxx-database-parametergroup5e32decb-daetrwpaqpgw, so the group cannot be deleted (Service: Rd
s, Status Code: 400, Request ID: 389b18db-ea82-482b-a0e6-f64887da6f82)

2:19:21 PM | DELETE_FAILED        | AWS::EC2::SecurityGroup                     | DatabaseInstanceSecurityGroup8BDF0112
resource sg-0bfc8aacb3d3e3d4a has a dependent object (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 1eac5393-83df-48cf-bd75-41f25abb04
7a; Proxy: null)

```

As pointed out in the issue linked below, we cannot simply use the clusterRds' or instanceRds' removal policy because the parameter group can be simultaneously binded to a cluster and an instance. 

### New behaviour:
Add an optional property `removalPolicy` to the L2 Parameter Group resource and set the deletion policy to the generated L1 Parameter Group (Either cluster or instance) depending on the usage. 

Added unit test and integration test to verify that it works as expected.

Closes aws#22141

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-acmpca
│ └ resources
│    └[~] resource AWS::ACMPCA::CertificateAuthority
│      └ types
│         ├[~] type CrlConfiguration
│         │ └ properties
│         │    └[+] CrlDistributionPointExtensionConfiguration: CrlDistributionPointExtensionConfiguration
│         └[+] type CrlDistributionPointExtensionConfiguration
│           ├  documentation: Configures the default behavior of the CRL Distribution Point extension for certificates issued by your certificate authority
│           │  name: CrlDistributionPointExtensionConfiguration
│           └ properties
│              └OmitExtension: boolean (required)
├[~] service aws-aps
│ └ resources
│    └[~] resource AWS::APS::Workspace
│      └ properties
│         └[+] KmsKeyArn: string (immutable)
├[~] service aws-cloudtrail
│ └ resources
│    ├[~] resource AWS::CloudTrail::EventDataStore
│    │ └ types
│    │    └[~] type AdvancedFieldSelector
│    │      └ properties
│    │         └ Field: (documentation changed)
│    └[~] resource AWS::CloudTrail::Trail
│      └ types
│         └[~] type AdvancedFieldSelector
│           └ properties
│              └ Field: (documentation changed)
├[~] service aws-codebuild
│ └ resources
│    └[~] resource AWS::CodeBuild::Project
│      └ types
│         └[~] type Environment
│           └ properties
│              └ Type: (documentation changed)
├[~] service aws-dlm
│ └ resources
│    └[~] resource AWS::DLM::LifecyclePolicy
│      └ properties
│         └ DefaultPolicy: (documentation changed)
├[~] service aws-docdb
│ └ resources
│    └[~] resource AWS::DocDB::DBCluster
│      └ properties
│         └[+] StorageType: string
├[~] service aws-ec2
│ └ resources
│    └[~] resource AWS::EC2::NetworkInterface
│      ├ properties
│      │  ├[+] ConnectionTrackingSpecification: ConnectionTrackingSpecification
│      │  └ EnablePrimaryIpv6: (documentation changed)
│      ├ attributes
│      │  └ PrimaryIpv6Address: (documentation changed)
│      └ types
│         └[+] type ConnectionTrackingSpecification
│           ├  documentation: A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon Elastic Compute Cloud User Guide* .
│           │  name: ConnectionTrackingSpecification
│           └ properties
│              ├TcpEstablishedTimeout: integer
│              ├UdpStreamTimeout: integer
│              └UdpTimeout: integer
├[~] service aws-ecs
│ └ resources
│    ├[~] resource AWS::ECS::CapacityProvider
│    │ └ types
│    │    └[~] type AutoScalingGroupProvider
│    │      └ properties
│    │         └ ManagedDraining: (documentation changed)
│    └[~] resource AWS::ECS::TaskSet
│      └  - documentation: Create a task set in the specified cluster and service. This is used when a service uses the `EXTERNAL` deployment controller type. For more information, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) in the *Amazon Elastic Container Service Developer Guide* .
│         + documentation: Create a task set in the specified cluster and service. This is used when a service uses the `EXTERNAL` deployment controller type. For more information, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) in the *Amazon Elastic Container Service Developer Guide* .
│         You can create a maximum of 5 tasks sets for a deployment.
├[~] service aws-elasticache
│ └ resources
│    └[~] resource AWS::ElastiCache::ServerlessCache
│      └ properties
│         └ SubnetIds: (documentation changed)
├[~] service aws-fis
│ └ resources
│    └[~] resource AWS::FIS::ExperimentTemplate
│      ├  - documentation: Describes an experiment template.
│      │  + documentation: Specifies an experiment template.
│      │  An experiment template includes the following components:
│      │  - *Targets* : A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags.
│      │  - *Actions* : The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment.
│      │  - *Stop conditions* : If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm.
│      │  For more information, see [Experiment templates](https://docs.aws.amazon.com/fis/latest/userguide/experiment-templates.html) in the *AWS Fault Injection Service User Guide* .
│      └ types
│         ├[~] type ExperimentTemplateAction
│         │ └  - documentation: Describes an action for an experiment template.
│         │    + documentation: Specifies an action for an experiment template.
│         │    For more information, see [Actions](https://docs.aws.amazon.com/fis/latest/userguide/actions.html) in the *AWS Fault Injection Service User Guide* .
│         ├[~] type ExperimentTemplateLogConfiguration
│         │ ├  - documentation: Describes the configuration for experiment logging.
│         │ │  + documentation: Specifies the configuration for experiment logging.
│         │ │  For more information, see [Experiment logging](https://docs.aws.amazon.com/fis/latest/userguide/monitoring-logging.html) in the *AWS Fault Injection Service User Guide* .
│         │ └ properties
│         │    ├ CloudWatchLogsConfiguration: (documentation changed)
│         │    └ S3Configuration: (documentation changed)
│         ├[~] type ExperimentTemplateStopCondition
│         │ └  - documentation: Describes a stop condition for an experiment template.
│         │    + documentation: Specifies a stop condition for an experiment template.
│         │    For more information, see [Stop conditions](https://docs.aws.amazon.com/fis/latest/userguide/stop-conditions.html) in the *AWS Fault Injection Service User Guide* .
│         ├[~] type ExperimentTemplateTarget
│         │ ├  - documentation: Describes a target for an experiment template.
│         │ │  + documentation: Specifies a target for an experiment. You must specify at least one Amazon Resource Name (ARN) or at least one resource tag. You cannot specify both ARNs and tags.
│         │ │  For more information, see [Targets](https://docs.aws.amazon.com/fis/latest/userguide/targets.html) in the *AWS Fault Injection Service User Guide* .
│         │ └ properties
│         │    └ Parameters: (documentation changed)
│         └[~] type ExperimentTemplateTargetFilter
│           └  - documentation: Describes a filter used for the target resources in an experiment template.
│              + documentation: Specifies a filter used for the target resource input in an experiment template.
│              For more information, see [Resource filters](https://docs.aws.amazon.com/fis/latest/userguide/targets.html#target-filters) in the *AWS Fault Injection Service User Guide* .
├[~] service aws-fsx
│ └ resources
│    ├[~] resource AWS::FSx::FileSystem
│    │ ├  - documentation: The `AWS::FSx::FileSystem` resource is an Amazon FSx resource type that specifies an Amazon FSx file system. You can create any of the following supported file system types:
│    │ │  - Amazon FSx for Lustre
│    │ │  - Amazon FSx for NetApp ONTAP
│    │ │  - Amazon FSx for OpenZFS
│    │ │  - Amazon FSx for Windows File Server
│    │ │  + documentation: The `AWS::FSx::FileSystem` resource is an Amazon FSx resource type that specifies an Amazon FSx file system. You can create any of the following supported file system types:
│    │ │  - Amazon FSx for Lustre
│    │ │  - Amazon FSx for NetApp ONTAP
│    │ │  - FSx for OpenZFS
│    │ │  - Amazon FSx for Windows File Server
│    │ └ properties
│    │    ├ LustreConfiguration: (documentation changed)
│    │    ├ StorageCapacity: (documentation changed)
│    │    └ WindowsConfiguration: (documentation changed)
│    └[~] resource AWS::FSx::Volume
│      └ types
│         ├[~] type AggregateConfiguration
│         │ ├  - documentation: Used to specify configuration options for a volume’s storage aggregate or aggregates.
│         │ │  + documentation: Use to specify configuration options for a volume’s storage aggregate or aggregates.
│         │ └ properties
│         │    └ ConstituentsPerAggregate: (documentation changed)
│         └[~] type OntapConfiguration
│           └ properties
│              ├ AggregateConfiguration: (documentation changed)
│              ├ SizeInBytes: (documentation changed)
│              ├ StorageEfficiencyEnabled: (documentation changed)
│              └ VolumeStyle: (documentation changed)
├[~] service aws-guardduty
│ └ resources
│    └[~] resource AWS::GuardDuty::IPSet
│      └ properties
│         └ Name: - string (required)
│                 + string
├[~] service aws-iot
│ └ resources
│    └[~] resource AWS::IoT::DomainConfiguration
│      ├ properties
│      │  └[-] ServerCertificateConfig: ServerCertificateConfig
│      └ types
│         └[-] type ServerCertificateConfig
│           ├  name: ServerCertificateConfig
│           └ properties
│              └EnableOCSPCheck: boolean
├[~] service aws-lambda
│ └ resources
│    └[~] resource AWS::Lambda::Function
│      └ types
│         └[~] type LoggingConfig
│           └ properties
│              ├ ApplicationLogLevel: (documentation changed)
│              └ SystemLogLevel: (documentation changed)
├[~] service aws-location
│ └ resources
│    └[~] resource AWS::Location::Map
│      └ types
│         └[~] type MapConfiguration
│           └ properties
│              └ Style: (documentation changed)
├[~] service aws-quicksight
│ └ resources
│    ├[~] resource AWS::QuickSight::Analysis
│    │ └ properties
│    │    ├[+] Errors: Array<AnalysisError>
│    │    └[+] Sheets: Array<Sheet>
│    └[~] resource AWS::QuickSight::Topic
│      └ properties
│         └[+] UserExperienceVersion: string
├[~] service aws-rds
│ └ resources
│    └[~] resource AWS::RDS::EventSubscription
│      └ properties
│         └ SnsTopicArn: (documentation changed)
├[~] service aws-redshift
│ └ resources
│    └[~] resource AWS::Redshift::Cluster
│      ├ properties
│      │  ├ ManageMasterPassword: (documentation changed)
│      │  ├ MasterPasswordSecretKmsKeyId: (documentation changed)
│      │  └ NamespaceResourcePolicy: (documentation changed)
│      └ attributes
│         ├ ClusterNamespaceArn: (documentation changed)
│         └ Id: (documentation changed)
├[~] service aws-redshiftserverless
│ └ resources
│    └[~] resource AWS::RedshiftServerless::Workgroup
│      └ types
│         └[~] type Workgroup
│           └ properties
│              └ ConfigParameters: (documentation changed)
├[~] service aws-route53
│ └ resources
│    ├[~] resource AWS::Route53::RecordSet
│    │ └ properties
│    │    └ GeoLocation: (documentation changed)
│    └[~] resource AWS::Route53::RecordSetGroup
│      ├ attributes
│      │  └ Id: (documentation changed)
│      └ types
│         └[~] type RecordSet
│           └ properties
│              └ GeoLocation: (documentation changed)
├[~] service aws-sagemaker
│ └ resources
│    ├[~] resource AWS::SageMaker::FeatureGroup
│    │ ├ properties
│    │ │  └[+] ThroughputConfig: ThroughputConfig
│    │ └ types
│    │    └[+] type ThroughputConfig
│    │      ├  name: ThroughputConfig
│    │      └ properties
│    │         ├ThroughputMode: string (required)
│    │         ├ProvisionedReadCapacityUnits: integer
│    │         └ProvisionedWriteCapacityUnits: integer
│    ├[~] resource AWS::SageMaker::Model
│    │ └ types
│    │    ├[+] type ModelAccessConfig
│    │    │ ├  documentation: The access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig` . For more information, see [End-user license agreements](https://docs.aws.amazon.com/sagemaker/latest/dg/jumpstart-foundation-models-choose.html#jumpstart-foundation-models-choose-eula) .
│    │    │ │  name: ModelAccessConfig
│    │    │ └ properties
│    │    │    └AcceptEula: boolean (required)
│    │    └[~] type S3DataSource
│    │      └ properties
│    │         ├[+] ModelAccessConfig: ModelAccessConfig
│    │         └ S3Uri: (documentation changed)
│    └[~] resource AWS::SageMaker::ModelPackage
│      └ types
│         └[~] type S3DataSource
│           └ properties
│              └ S3Uri: (documentation changed)
├[~] service aws-ssm
│ └ resources
│    └[~] resource AWS::SSM::Parameter
│      └ properties
│         └ Type: (documentation changed)
└[~] service aws-transfer
  └ resources
     └[~] resource AWS::Transfer::Connector
       └  - documentation: Creates the connector, which captures the parameters for a connection for the AS2 or SFTP protocol. For AS2, the connector is required for sending files to an externally hosted AS2 server. For SFTP, the connector is required when sending files to an SFTP server or receiving files from an SFTP server. For more details about connectors, see [Create AS2 connectors](https://docs.aws.amazon.com/transfer/latest/userguide/create-b2b-server.html#configure-as2-connector) and [Create SFTP connectors](https://docs.aws.amazon.com/transfer/latest/userguide/configure-sftp-connector.html) .
          > You must specify exactly one configuration object: either for AS2 ( `As2Config` ) or SFTP ( `SftpConfig` ).
          + documentation: Creates the connector, which captures the parameters for a connection for the AS2 or SFTP protocol. For AS2, the connector is required for sending files to an externally hosted AS2 server. For SFTP, the connector is required when sending files to an SFTP server or receiving files from an SFTP server. For more details about connectors, see [Configure AS2 connectors](https://docs.aws.amazon.com/transfer/latest/userguide/configure-as2-connector.html) and [Create SFTP connectors](https://docs.aws.amazon.com/transfer/latest/userguide/configure-sftp-connector.html) .
          > You must specify exactly one configuration object: either for AS2 ( `As2Config` ) or SFTP ( `SftpConfig` ).
```
add abstraction team to mergify and merit badger

----

*By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache-2.0 license*

Co-authored-by: GZ <hz351086153@gmail.com>
…ws#28672)

ECS now supports managed instance draining which facilitates graceful termination of Amazon ECS instances for Capacity Providers.

Add a new constructor property, `enableManagedDraining`, to `AsgCapacityProvider`, to allow users to enable this feature.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

(cherry picked from commit aaa2a09)
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-ec2
│ └ resources
│    ├[~] resource AWS::EC2::IPAMPool
│    │ ├ properties
│    │ │  └[+] SourceResource: SourceResource (immutable)
│    │ └ types
│    │    └[+] type SourceResource
│    │      ├  documentation: The resource associated with this pool's space. Depending on the ResourceType, setting a SourceResource changes which space can be provisioned in this pool and which types of resources can receive allocations
│    │      │  name: SourceResource
│    │      └ properties
│    │         ├ResourceId: string (required)
│    │         ├ResourceType: string (required)
│    │         ├ResourceRegion: string (required)
│    │         └ResourceOwner: string (required)
│    └[~] resource AWS::EC2::NetworkInterface
│      ├ properties
│      │  └ ConnectionTrackingSpecification: (documentation changed)
│      └ types
│         └[~] type ConnectionTrackingSpecification
│           └  - documentation: A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon Elastic Compute Cloud User Guide* .
│              + documentation: Configurable options for connection tracking on a network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon Elastic Compute Cloud User Guide* .
├[~] service aws-ecs
│ └ resources
│    └[~] resource AWS::ECS::TaskDefinition
│      └ types
│         └[~] type Volume
│           └ properties
│              └[+] ConfiguredAtLaunch: boolean
├[~] service aws-fsx
│ └ resources
│    ├[~] resource AWS::FSx::FileSystem
│    │ ├ properties
│    │ │  └ SecurityGroupIds: (documentation changed)
│    │ └ types
│    │    ├[~] type OntapConfiguration
│    │    │ └ properties
│    │    │    └ RouteTableIds: (documentation changed)
│    │    └[~] type UserAndGroupQuotas
│    │      ├  - documentation: The configuration for how much storage a user or group can use on the volume.
│    │      │  + documentation: Used to configure quotas that define how much storage a user or group can use on an FSx for OpenZFS volume. For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the FSx for OpenZFS User Guide.
│    │      └ properties
│    │         ├ Id: (documentation changed)
│    │         ├ StorageCapacityQuotaGiB: (documentation changed)
│    │         └ Type: (documentation changed)
│    └[~] resource AWS::FSx::Volume
│      └ types
│         ├[~] type OntapConfiguration
│         │ └ properties
│         │    ├ AggregateConfiguration: (documentation changed)
│         │    ├ OntapVolumeType: (documentation changed)
│         │    ├ SizeInBytes: (documentation changed)
│         │    ├ SizeInMegabytes: (documentation changed)
│         │    ├ SnapshotPolicy: (documentation changed)
│         │    └ VolumeStyle: (documentation changed)
│         ├[~] type OpenZFSConfiguration
│         │ └ properties
│         │    └ UserAndGroupQuotas: (documentation changed)
│         └[~] type UserAndGroupQuotas
│           ├  - documentation: An object specifying how much storage users or groups can use on the volume.
│           │  + documentation: Configures how much storage users and groups can use on the volume.
│           └ properties
│              ├ Id: (documentation changed)
│              ├ StorageCapacityQuotaGiB: (documentation changed)
│              └ Type: (documentation changed)
├[~] service aws-guardduty
│ └ resources
│    └[~] resource AWS::GuardDuty::ThreatIntelSet
│      └ properties
│         └ Name: - string (required)
│                 + string
├[~] service aws-imagebuilder
│ └ resources
│    └[~] resource AWS::ImageBuilder::LifecyclePolicy
│      └ types
│         └[~] type RecipeSelection
│           └ properties
│              └ SemanticVersion: - string
│                                 + string (required)
├[~] service aws-kendra
│ └ resources
│    └[~] resource AWS::Kendra::DataSource
│      └ types
│         └[~] type S3DataSourceConfiguration
│           └  - documentation: Provides the configuration information to connect to an Amazon S3 bucket.
│              + documentation: Provides the configuration information to connect to an Amazon S3 bucket.
│              > `S3DataSourceConfiguration` is deprecated. Amazon VPC is not supported if you configure your Amazon S3 connector with this method. Use [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) to configure your Amazon S3 connector instead. See [Amazon S3 template schema](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html#ds-s3-schema) for more details.
├[~] service aws-managedblockchain
│ └ resources
│    └[~] resource AWS::ManagedBlockchain::Accessor
│      └ properties
│         └ NetworkType: (documentation changed)
├[~] service aws-networkmanager
│ └ resources
│    └[~] resource AWS::NetworkManager::Device
│      └ attributes
│         └ CreatedAt: (documentation changed)
├[~] service aws-redshiftserverless
│ └ resources
│    └[~] resource AWS::RedshiftServerless::Workgroup
│      ├ properties
│      │  └ ConfigParameters: (documentation changed)
│      └ types
│         ├[~] type ConfigParameter
│         │ └ properties
│         │    └ ParameterKey: (documentation changed)
│         └[~] type Workgroup
│           └ properties
│              └ ConfigParameters: (documentation changed)
├[~] service aws-sagemaker
│ └ resources
│    └[~] resource AWS::SageMaker::FeatureGroup
│      ├ properties
│      │  └ ThroughputConfig: (documentation changed)
│      └ types
│         └[~] type ThroughputConfig
│           ├  - documentation: undefined
│           │  + documentation: Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.
│           │  Note: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.
│           └ properties
│              ├ ProvisionedReadCapacityUnits: (documentation changed)
│              ├ ProvisionedWriteCapacityUnits: (documentation changed)
│              └ ThroughputMode: (documentation changed)
└[~] service aws-verifiedpermissions
  └ resources
     ├[~] resource AWS::VerifiedPermissions::Policy
     │ └ properties
     │    └ PolicyStoreId: - string (immutable)
     │                     + string (required, immutable)
     └[~] resource AWS::VerifiedPermissions::PolicyStore
       └ properties
          └[+] Description: string
```
Make the sync workflow a bit more efficient, by only fetching the branches we're actually planning on syncing from `upstream`.

Also document the limitations of GitHub Actions tokens more clearly.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
When executing the CDK app program fails, we don't print any useful debug information. This makes sense because we are passing all output from the program to the shell, expecting this would be enough to debug any faults. However the program might be faulty in a way that no (useful) output is printed. To help with this case print the failing command when `--debug` is enabled.

This might require a follow up with a better DX for the generic non debug case. For now this will improve the situation.

Related to aws#28637

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
… to install latest sdk version (aws#28688)

This introduced uncertainty into the resource behavior, adds at least 60s to the execution time and will cause deployments in CN regions to fail.

No tests add because the existing tests run with the `@aws-cdk/customresources:installLatestAwsSdkDefault` feature flag set to the recommended value. This change is merely change the `OpenSearchAccessPolicy` config for users that don't set the feature flag. We can safely do this, because we control the code for this custom resource and know it works with the provided SDK version.

Related to aws#27597

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds parameter to configure a dual stack vpc, `vpcProtocol: ec2.VpcProtocol.DUAL_STACK`.

By default a dual stack vpc will:

- Create an Amazon provided IPv6 CIDR block (/56) and associate it to the VPC.
- Assign a portion of the block to each of the subnets (/64)
- Enable autoassigning an IPv6 address for each subnet
- **Disable autoassigning public IPv4 addresses** for each subnet
- Create an Egress Only Internet Gateway for private subnets
- Configure IPv6 routes for IGWs and EIGWs

Addresses aws#894.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds parameter to configure a dual stack vpc, `vpcProtocol: ec2.VpcProtocol.DUAL_STACK`.

By default a dual stack vpc will:

- Create an Amazon provided IPv6 CIDR block (/56) and associate it to the VPC.
- Assign a portion of the block to each of the subnets (/64)
- Enable autoassigning an IPv6 address for each subnet
- **Disable autoassigning public IPv4 addresses** for each subnet
- Create an Egress Only Internet Gateway for private subnets
- Configure IPv6 routes for IGWs and EIGWs

Addresses aws#894.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
See CHANGELOG.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…igrate (aws#28678)

Apps generated from cdk migrate with resources that aren't already part of a stack will (soon) create a migrate.json file. This file contains the list of resources that should be imported upon creation of the new app.

If this file is present and the source is either `localfile` or the ARN environment matches the deployment environment, running `cdk deploy` will:
1. Create a new stack and import the resources listed in migrate.json.
2. Apply outputs and CDKMetadata through a normal deployment.

Note: `localfile` is a placeholder value so that we can run integration tests on this change. Once some of the other in-progress work is finished, this will be updated.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Reverts aws#27310 which allows setting up LogGroups for the state machine configured by the waiter custom-resource.

Refs: bfeef00

This reverts commit bfeef00.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Reverts aws#27310 which allows setting up LogGroups for the state machine configured by the waiter custom-resource.

Refs: bfeef00

This reverts commit bfeef00.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
RaphaelManke and others added 29 commits February 13, 2024 22:33
…le (aws#29063)

### Issue # (if applicable)

Closes #<issue number here>.

### Reason for this change

This PR adds a new alpha module to for EvenBridge pipes enrichments.

This is the base setup for future work and additional enrichments.

### Description of changes

The initial enrichment is the Lambda enrichment.

### Description of how you validated changes

- [x] Unittests
- [x] Integration test


### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…cryption` and note that we intend to default to `S3_MANAGED` in the future (aws#28978)

### Issue # (if applicable)

Relates to aws#28815

### Reason for this change

The App Staging Synthesizer is great - I've moved to using it for most of my stacks. However, the current default uses a Customer-Managed KMS key, which costs $1/month.

The default synthesizer bucket uses SSE-S3 encryption by default. This is nice because users do not incur additional fees for a KMS key.

In my opinion, SSE-S3 is good enough for most people. If folks need additional security, they should opt-in to SSE-KMS, which they can do via the `stagingBucketEncryption` property @msambol introduced with aws#28903.

### Description of changes

With guidance from @kaizencc [below](aws#28978 (comment)), this PR makes `stagingBucketEncryption` a required property, with a user-facing note that we intend to default to `S3_MANAGED` as the module is stablized.

### Description of how you validated changes

Updated unit tests.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)


BREAKING CHANGE: `stagingBucketEncryption` property is now required. For existing apps, specify `BucketEncryption.KMS` to retain existing behavior. For new apps, choose the bucket encryption that makes most sense for your use case. `BucketEncryption.S3_MANAGED` is available and is intended to be the default when this module is stabilized.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Every time I perform a CDK deployment, the logicalId hash of the deployment resource changes and causes the deployment resource to be deleted and recreated. I'm assuming it is because the configuration `content` is part of the hash creation and I am creating the content using `lazy` and at the time of the hash creation it is still a token.

Looking at the [CloudFormation
docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-deployment.html) for the deployment resource, a change to _any_ property causes a replacement so I don't think we need to control the recreation logic ourselves, we should just let CloudFormation do the resource replacement for us.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Signed-off-by: Vinayak Kukreja <vinakuk@amazon.com>
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
### Reason for this change

Aurora PostgreSQL 16.1 is available as of January 31, 2024. See https://docs.aws.amazon.com/AmazonRDS/latest/AuroraPostgreSQLReleaseNotes/AuroraPostgreSQL.Updates.html#AuroraPostgreSQL.Updates.20180305.161 for more information.

### Description of changes

Add constant for newly available Aurora Postgres cluster engine version 16.1

### Description of how you validated changes

No. Happy to add, if required.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes aws#29103. 

I tested the example and it deploys.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes aws#22645
Closes aws#27754

Spiritual successor of aws#27052

Somewhat related to aws#21181 but that might be another PR down the road.

@pahud ✋ Please review. I'm not particularly fond of how `aws-autoscaling` module ([here](https://github.com/aws/aws-cdk/blob/256cca4017a80f8643c5f5a5999a2ce0383eebf0/packages/aws-cdk-lib/aws-autoscaling/lib/scheduled-action.ts#L21)) is not using `cdk.TimeZone` class, hence why used it in this PR instead. I think we should we change `aws-autoscaling` implementation to do the same? It would be a breaking change... and most likely a brand new PR. LMK what you think. ✌️ 

Also, I may be slightly OCD but I kinda like better `timezone` vs `timeZone`, but I went with latter one to follow what `aws-autoscaling` did.

cc-ing @kaizencc for his input too 🙌  ... possibly related to aws#27105

### Reason for this change



Timezones have been supported in `AWS::ApplicationAutoScaling::ScalableTarget ScheduledAction` for a while now.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalabletarget-scheduledaction.html#cfn-applicationautoscaling-scalabletarget-scheduledaction-timezone


### Description of changes

Just added the support for `timezones` in `scalableTarget.scaleOnSchedule`

### Description of how you validated changes

Added unit tests for this feature.

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Closes aws#28990.

### Reason for this change

There are cases where a task definition is created to be compatible with both EC2 and Fargate, and then we want to run the task in Fargate.

### Description of changes

I created the `launchType` property. The `launchType` is overridden if the property is specified.

### Description of how you validated changes

Both unit and integ tests

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes aws#29135

### Reason for this change

Surface latest runtime versions in CDK. Older runtimes are being deprecated March 19, 2024

> To ensure uninterrupted canary runs and continued monitoring, AWS recommends customers to update their canaries to the latest Synthetics Runtimes versions: syn-nodejs-puppeteer-6.2 or higher for NodeJS-18, syn-nodejs-puppeteer-5.2 or higher for NodeJS-16, and syn-python-selenium-2.1 or higher for Python [2]. Canaries updated with latest Synthetics runtimes will continue running without interruption and receive future Lambda security updates.

### Description of changes

- feat(synthetics): add 5.2, 6.1, 6.2 nodejs runtimes, deprecate 3.x runtimes
- feat(synthetics): add syn-python-selenium-2.1 runtime
- test(synthetics): update integration tests to cover latest runtimes

### Description of how you validated changes

Attempted to run integration tests, but I don't have appropriate account setup

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change

`origins.httpOrigin` requires a trick to specify the Lambda Functions URL. 

### Description of changes

This eases that pain and simplifies integration.

### Description of how you validated changes



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

Closes #N/A

### Reason for this change

v2.127.0 updated the L1 construct for AWS::ECS::TaskDefinition, adding support for the property ContainerDefinitions.CredentialSpecs, [see](aws#29053). This PR adds support for CredentialSpecs property in the L2 construct used by `Ec2TaskDefinition.addContainer` method.

### Description of changes

Added property in L2 construct, updated unit test and added integration test.

### Description of how you validated changes

- [x] Unit test updated and validated
- [x] Integration test added and validated

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
remove madeline-k and MrArnoldPalmer from mergify.yml

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…29153)

### Issue # (if applicable)

part of aws#29041, aws#29039

Closes #<issue number here>.

### Reason for this change


The testing hierarchy was disorganized.

### Description of changes

Organized test as below.
No logical change.

```ts
describe('Application Load Balancer', () => {

  describe('ApplicationLoadBalancedFargateService', () => {
  ...
  })

  describe('ApplicationMultipleTargetGroupsFargateService', () => {
  ...
  })
})

describe('Network Load Balancer', () => {
  describe('NetworkLoadBalancedFargateService', () => {
  ...
  })

  describe('NetworkMultipleTargetGroupsFargateService', () => {
  ...
  })
})
```





### Description of how you validated changes


pass unit tests

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…to 2.5.0 (aws#29159)

Bumps [thollander/actions-comment-pull-request](https://github.com/thollander/actions-comment-pull-request) from 2.4.3 to 2.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/thollander/actions-comment-pull-request/releases">thollander/actions-comment-pull-request's releases</a>.</em></p>
<blockquote>
<h2>v2.4.3 : Node 20 version support</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.0 to 0.38.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/304">thollander/actions-comment-pull-request#304</a></li>
<li>feat: node 20 version support by <a href="https://github.com/thollander"><code>@​thollander</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/307">thollander/actions-comment-pull-request#307</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/thollander/actions-comment-pull-request/compare/v2.4.3...v2.5.0">https://github.com/thollander/actions-comment-pull-request/compare/v2.4.3...v2.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/thollander/actions-comment-pull-request/commit/fabd468d3a1a0b97feee5f6b9e499eab0dd903f6"><code>fabd468</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/307">#307</a> from thollander/feat/node-20</li>
<li><a href="https://github.com/thollander/actions-comment-pull-request/commit/cb9f4be78695d9811c6ad130dbfc0578ba444415"><code>cb9f4be</code></a> chore: bump to v2.5.0</li>
<li><a href="https://github.com/thollander/actions-comment-pull-request/commit/2f6921097b4dc86a5b9fca468fabe581271e7a06"><code>2f69210</code></a> feat: node 20 version support</li>
<li><a href="https://github.com/thollander/actions-comment-pull-request/commit/9d67388b9a94966eb262e68d9a3b368497990b77"><code>9d67388</code></a> chore(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.0 to 0.38.1 (<a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/304">#304</a>)</li>
<li><a href="https://github.com/thollander/actions-comment-pull-request/commit/88b3c3f072e8cc7eae4b09d1cc62d308a51ca923"><code>88b3c3f</code></a> docs: fix wrong indent</li>
<li>See full diff in <a href="https://github.com/thollander/actions-comment-pull-request/compare/1d3973dc4b8e1399c0620d3f2b1aa5e795465308...fabd468d3a1a0b97feee5f6b9e499eab0dd903f6">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thollander/actions-comment-pull-request&package-manager=github_actions&previous-version=2.4.3&new-version=2.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
…#29160)

Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 42.0.2 to 42.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p>
<blockquote>
<h2>v42.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v42.0.3 by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1939">tj-actions/changed-files#1939</a></li>
<li>chore: update formatting by <a href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1940">tj-actions/changed-files#1940</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v42...v42.0.4">https://github.com/tj-actions/changed-files/compare/v42...v42.0.4</a></p>
<h2>v42.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v42.0.2 by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1886">tj-actions/changed-files#1886</a></li>
<li>chore(deps): update dependency <code>@​types/uuid</code> to v9.0.8 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1887">tj-actions/changed-files#1887</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.7 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1888">tj-actions/changed-files#1888</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.8 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1889">tj-actions/changed-files#1889</a></li>
<li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1890">tj-actions/changed-files#1890</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.9 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1892">tj-actions/changed-files#1892</a></li>
<li>chore: fix broken matrix example links by <a href="https://github.com/levenleven"><code>@​levenleven</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1891">tj-actions/changed-files#1891</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.10 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1895">tj-actions/changed-files#1895</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1894">tj-actions/changed-files#1894</a></li>
<li>docs: add levenleven as a contributor for doc by <a href="https://github.com/allcontributors"><code>@​allcontributors</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1893">tj-actions/changed-files#1893</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1896">tj-actions/changed-files#1896</a></li>
<li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1897">tj-actions/changed-files#1897</a></li>
<li>chore(deps): update typescript-eslint monorepo to v6.20.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1898">tj-actions/changed-files#1898</a></li>
<li>chore: update test by <a href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1899">tj-actions/changed-files#1899</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.11 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1900">tj-actions/changed-files#1900</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.12 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1901">tj-actions/changed-files#1901</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.13 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1902">tj-actions/changed-files#1902</a></li>
<li>chore(deps): update peter-evans/create-pull-request action to v6 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1903">tj-actions/changed-files#1903</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.14 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1904">tj-actions/changed-files#1904</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.15 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1905">tj-actions/changed-files#1905</a></li>
<li>chore(deps): update dependency <code>@​types/jest</code> to v29.5.12 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1906">tj-actions/changed-files#1906</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.16 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1907">tj-actions/changed-files#1907</a></li>
<li>chore: create greetings workflow by <a href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1909">tj-actions/changed-files#1909</a></li>
<li>docs: add dan-hill2802 as a contributor for doc by <a href="https://github.com/allcontributors"><code>@​allcontributors</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1910">tj-actions/changed-files#1910</a></li>
<li>correct bash loop in examples by <a href="https://github.com/dan-hill2802"><code>@​dan-hill2802</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1908">tj-actions/changed-files#1908</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1911">tj-actions/changed-files#1911</a></li>
<li>chore(deps): update tj-actions/verify-changed-files action to v18 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1912">tj-actions/changed-files#1912</a></li>
<li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1913">tj-actions/changed-files#1913</a></li>
<li>chore(deps): update dependency prettier to v3.2.5 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1914">tj-actions/changed-files#1914</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1915">tj-actions/changed-files#1915</a></li>
<li>chore(deps): update typescript-eslint monorepo to v6.21.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1916">tj-actions/changed-files#1916</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1917">tj-actions/changed-files#1917</a></li>
<li>docs: add KeisukeYamashita as a contributor for doc by <a href="https://github.com/allcontributors"><code>@​allcontributors</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1919">tj-actions/changed-files#1919</a></li>
<li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1920">tj-actions/changed-files#1920</a></li>
<li>fix: broken link to matrix example workflow by <a href="https://github.com/KeisukeYamashita"><code>@​KeisukeYamashita</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1918">tj-actions/changed-files#1918</a></li>
<li>chore: update workflow-run-example.yml by <a href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1921">tj-actions/changed-files#1921</a></li>
<li>chore: update README.md by <a href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1922">tj-actions/changed-files#1922</a></li>
<li>chore(deps): update actions/setup-node action to v4.0.2 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1923">tj-actions/changed-files#1923</a></li>
<li>chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.0 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1924">tj-actions/changed-files#1924</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v20.11.17 by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/1925">tj-actions/changed-files#1925</a></li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a href="https://github.com/tj-actions/changed-files/compare/v42.0.3...v42.0.4">42.0.4</a> - (2024-02-18)</h1>
<h2>⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update formatting and add missing dist changes (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1940">#1940</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3f54ebb830831fc121d3263c1857cfbdc310cdb9">3f54ebb</a>)  - (Tonye Jack)</li>
</ul>
<h2>⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v42.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1939">#1939</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a>
Co-authored-by: GitHub Action <a href="mailto:action@github.com">action@github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/6f070cff38ff6dd3af1da87b6c8cdbcb8045e544">6f070cf</a>)  - (tj-actions[bot])</p>
<h1><a href="https://github.com/tj-actions/changed-files/compare/v42.0.2...v42.0.3">42.0.3</a> - (2024-02-17)</h1>
<h2>🐛 Bug Fixes</h2>
<ul>
<li><strong>payload_api, git_diff:</strong> Accessing correct property in payload and Replacing --quiet with --no-patch in git diff (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1934">#1934</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e3cac49049b6b59f85d64402e7477f0a211ceba0">e3cac49</a>)  - (Aravind)</li>
<li>Broken link to matrix example workflow (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1918">#1918</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ea35f7ea0028180dacddb2da5124befbdcd5287c">ea35f7e</a>)  - (KeisukeYamashita)</li>
</ul>
<h2>➕ Add</h2>
<ul>
<li>Added missing changes and modified dist assets.
(<a href="https://github.com/tj-actions/changed-files/commit/07ac0ac1689ff4da699108e90989bed8946c655a">07ac0ac</a>)  - (GitHub Action)</li>
</ul>
<h2>🔄 Update</h2>
<ul>
<li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1938">#1938</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/ec75ae5ab7296b81fd4cddb77294d6718932ebab">ec75ae5</a>)  - (tj-actions[bot])</p>
<ul>
<li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/8eced8a5dfe679a00fc7e6bcf4a149062d82cf71">8eced8a</a>)  - (Tonye Jack)</li>
<li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/b2d4e1b488ced71a4b179146ee5a7b8b5b3df94e">b2d4e1b</a>)  - (Tonye Jack)</li>
<li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1920">#1920</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/3399f8837f429519cf24ed4359003d14f3f41b0d">3399f88</a>)  - (tj-actions[bot])</p>
<ul>
<li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1917">#1917</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/8e56bc097abe73a65e6d3c0888ea6f640c4b5480">8e56bc0</a>)  - (tj-actions[bot])</p>
<ul>
<li>Update action.yml (<a href="https://github.com/tj-actions/changed-files/commit/f6d3fe51790f667e42e9dc12cf25330b9fd74c3f">f6d3fe5</a>)  - (Tonye Jack)</li>
<li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/efa99ea361dae4d03a985a185259587543eede5c">efa99ea</a>)  - (Tonye Jack)</li>
<li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/6d8f9bd37957780639752a3b4b505f4069c40711">6d8f9bd</a>)  - (Tonye Jack)</li>
<li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1915">#1915</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/7daee9e7cfe9c6e0cb6a782ba9785239ce9ee710">7daee9e</a>)  - (tj-actions[bot])</p>
<ul>
<li>Update README.md (<a href="https://github.com/tj-actions/changed-files/commit/99c80bdd472eb81ca8c582122685b14030d15bf4">99c80bd</a>)  - (Tonye Jack)</li>
<li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1911">#1911</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/aa3106085139b0f9138cf44fe701756ff9ee97b2">aa31060</a>)  - (tj-actions[bot])</p>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/tj-actions/changed-files/commit/3f54ebb830831fc121d3263c1857cfbdc310cdb9"><code>3f54ebb</code></a> chore: update formatting and add missing dist changes (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1940">#1940</a>)</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/6f070cff38ff6dd3af1da87b6c8cdbcb8045e544"><code>6f070cf</code></a> Upgraded to v42.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1939">#1939</a>)</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/ec75ae5ab7296b81fd4cddb77294d6718932ebab"><code>ec75ae5</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1938">#1938</a>)</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/4333ab5b20c7b9aa411f4a07771329cfb0c76a8c"><code>4333ab5</code></a> docs: add codesculpture as a contributor for code, and bug (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1937">#1937</a>)</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/e3cac49049b6b59f85d64402e7477f0a211ceba0"><code>e3cac49</code></a> fix(payload_api, git_diff): Accessing correct property in payload and Replaci...</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/68bd4537bdc54c6655242c1abe305f4db218e355"><code>68bd453</code></a> chore(deps): update github artifact actions to v4 (major) (<a href="https://redirect.github.com/tj-actions/changed-files/issues/1936">#1936</a>)</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/f0ce41b71c3bb642dfc7cb1ab61d14d3b56af681"><code>f0ce41b</code></a> chore(deps): update dependency eslint-plugin-jest to v27.9.0</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/ce451bf4305b235566956f53995646542519bb6d"><code>ce451bf</code></a> chore(deps): update dependency <code>@​types/node</code> to v20.11.19</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/7592e9e85578b94665efe3910aef29cc3c580acf"><code>7592e9e</code></a> chore(deps): update dependency <code>@​types/node</code> to v20.11.18</li>
<li><a href="https://github.com/tj-actions/changed-files/commit/999653c6727cb4c932803b25be2a0f5e8b639428"><code>999653c</code></a> chore(deps): lock file maintenance</li>
<li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/90a06d6ba9543371ab4df8eeca0be07ca6054959...3f54ebb830831fc121d3263c1857cfbdc310cdb9">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tj-actions/changed-files&package-manager=github_actions&previous-version=42.0.2&new-version=42.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
This PR adds support for Aurora MySQL 3.05.2.

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.3052.html


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable)

part of aws#29041, aws#29039
continuation of aws#29153

Closes #<issue number here>.

### Reason for this change

tests in `packages/aws-cdk-lib/aws-ecs-patterns/test/ec2/l3s.test.ts` was disorganized.


### Description of changes

- No logical change.
- Organized tests in `packages/aws-cdk-lib/aws-ecs-patterns/test/ec2/l3s.test.ts` as below.

```ts
describe('ApplicationLoadBalancedEc2Service', () => {
...
})

describe('NetworkLoadBalancedEc2Service', () => {
...
})
```

- move tests of `ApplicationLoadBalancedFargateService`, `NetworkLoadBalancedFargateService` in `packages/aws-cdk-lib/aws-ecs-patterns/test/ec2/l3s.test.ts` to `packages/aws-cdk-lib/aws-ecs-patterns/test/fargate/load-balanced-fargate-service.test.ts`.



### Description of how you validated changes

Pass unit tests


### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds a statement to match the document in the [docs](https://docs.aws.amazon.com/sns/latest/dg/sns-security-best-practices.html#enforce-encryption-data-in-transit):

```
{
  "Id": "ExamplePolicy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublishThroughSSLOnly",
      "Action": "SNS:Publish",
      "Effect": "Deny",
      "Resource": [
        "arn:aws:sns:us-east-1:1234567890:test-topic"
      ],
      "Condition": {
        "Bool": {
          "aws:SecureTransport": "false"
        }
      },
      "Principal": "*"
    }
  ]
}
```

Closes aws#29142.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
*Co-authored by*: @Beau-Gosse-dev

### Issue # (if applicable)



### Reason for this change

Lambda is launching dotnet8

### Description of changes

new runtime added

### Description of how you validated changes

integ tested

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…e alarm support (aws#29171)

### Reason for this change

Customers could create an alarm of type `IAlarm` where the alarm would be a composite alarm (for ex, when importing composite alarms, they return a type `IAlarm` instead of `CompositeAlarm`. This caused the logic that differentiates a composite alarm to mistakenly categorize the alarm incorrectly.

### Description of changes

Add one policy scoped to `*` for any alarm passed to an environment.

### Description of how you validated changes

Unit and integration tests

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…on (aws#28928)

This PR adds support to configure IPv6 connectivity for lambda function by adding a single field to the VPC configuration in CDK’s Lambda Console to enable IPv6 dual stack support.

The `Ipv6AllowedForDualStack` field is a new property that allows Lambda functions to specify whether the IPv6 traffic should be allowed when using dual-stack VPCs.

- Support IPv6 connectivity for Lambda function by setting "ipv6AllowedForDualStack : true". This value will be converted to VpcConfig: {Ipv6AllowedForDualStack: true,} in template.


*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-amazonmq
│ └ resources
│    └[~] resource AWS::AmazonMQ::Broker
│      └ attributes
│         ├ AmqpEndpoints: (documentation changed)
│         ├ IpAddresses: (documentation changed)
│         ├ MqttEndpoints: (documentation changed)
│         ├ OpenWireEndpoints: (documentation changed)
│         ├ StompEndpoints: (documentation changed)
│         └ WssEndpoints: (documentation changed)
├[~] service aws-amplify
│ └ resources
│    └[~] resource AWS::Amplify::Domain
│      └ attributes
│         └ AutoSubDomainCreationPatterns: (documentation changed)
├[~] service aws-appconfig
│ └ resources
│    ├[~] resource AWS::AppConfig::Environment
│    │ └ attributes
│    │    └[-] Id: string
│    └[~] resource AWS::AppConfig::HostedConfigurationVersion
│      └ attributes
│         └[-] Id: string
├[~] service aws-appstream
│ └ resources
│    ├[~] resource AWS::AppStream::Fleet
│    │ ├ properties
│    │ │  ├ IdleDisconnectTimeoutInSeconds: (documentation changed)
│    │ │  └ MaxSessionsPerInstance: (documentation changed)
│    │ └ types
│    │    └[~] type ComputeCapacity
│    │      └ properties
│    │         └ DesiredSessions: (documentation changed)
│    └[~] resource AWS::AppStream::Stack
│      └ types
│         └[~] type UserSetting
│           └ properties
│              └ MaximumLength: (documentation changed)
├[~] service aws-appsync
│ └ resources
│    ├[~] resource AWS::AppSync::ApiCache
│    │ └ properties
│    │    └[+] HealthMetricsConfig: string
│    ├[~] resource AWS::AppSync::DataSource
│    │ └ properties
│    │    └[+] MetricsConfig: string
│    ├[~] resource AWS::AppSync::GraphQLApi
│    │ ├ properties
│    │ │  ├[+] EnhancedMetricsConfig: EnhancedMetricsConfig
│    │ │  └ EnvironmentVariables: (documentation changed)
│    │ └ types
│    │    └[+] type EnhancedMetricsConfig
│    │      ├  documentation: Describes an enhanced metrics configuration.
│    │      │  name: EnhancedMetricsConfig
│    │      └ properties
│    │         ├OperationLevelMetricsConfig: string (required)
│    │         ├ResolverLevelMetricsBehavior: string (required)
│    │         └DataSourceLevelMetricsBehavior: string (required)
│    └[~] resource AWS::AppSync::Resolver
│      └ properties
│         └[+] MetricsConfig: string
├[~] service aws-autoscaling
│ └ resources
│    ├[~] resource AWS::AutoScaling::AutoScalingGroup
│    │ ├  - documentation: The `AWS::AutoScaling::AutoScalingGroup` resource defines an Amazon EC2 Auto Scaling group, which is a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management.
│    │ │  For more information about Amazon EC2 Auto Scaling, see the [Amazon EC2 Auto Scaling User Guide](https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html) .
│    │ │  > Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a [launch template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) or a launch configuration. We strongly recommend that you do not use launch configurations. They do not provide full functionality for Amazon EC2 Auto Scaling or Amazon EC2. For more information, see [Launch configurations](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html) and [Migrate AWS CloudFormation stacks from launch configurations to launch templates](https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │ │  + documentation: The `AWS::AutoScaling::AutoScalingGroup` resource defines an Amazon EC2 Auto Scaling group, which is a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management.
│    │ │  For more information about Amazon EC2 Auto Scaling, see the [Amazon EC2 Auto Scaling User Guide](https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html) .
│    │ │  > Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a [launch template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) or a launch configuration. We strongly recommend that you do not use launch configurations. For more information, see [Launch configurations](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │ │  > 
│    │ │  > For help migrating from launch configurations to launch templates, see [Migrate AWS CloudFormation stacks from launch configurations to launch templates](https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │ └ types
│    │    ├[~] type InstanceRequirements
│    │    │ └  - documentation: The attributes for the instance types for a mixed instances policy. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types.
│    │    │    When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.
│    │    │    To limit the list of instance types from which Amazon EC2 Auto Scaling can identify matching instance types, you can use one of the following parameters, but not both in the same request:
│    │    │    - `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.
│    │    │    - `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.
│    │    │    > You must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default. 
│    │    │    For an example template, see [Auto scaling template snippets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html) .
│    │    │    For more information, see [Creating an Auto Scaling group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-instance-type-requirements.html) in the *Amazon EC2 Auto Scaling User Guide* . For help determining which instance types match your attributes before you apply them to your Auto Scaling group, see [Preview instance types with specified attributes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-get-instance-types-from-instance-requirements) in the *Amazon EC2 User Guide for Linux Instances* .
│    │    │    `InstanceRequirements` is a property of the `LaunchTemplateOverrides` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) property type.
│    │    │    + documentation: The attributes for the instance types for a mixed instances policy. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types.
│    │    │    When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.
│    │    │    To limit the list of instance types from which Amazon EC2 Auto Scaling can identify matching instance types, you can use one of the following parameters, but not both in the same request:
│    │    │    - `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.
│    │    │    - `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.
│    │    │    > You must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default. 
│    │    │    For an example template, see [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html) .
│    │    │    For more information, see [Creating an Auto Scaling group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-instance-type-requirements.html) in the *Amazon EC2 Auto Scaling User Guide* . For help determining which instance types match your attributes before you apply them to your Auto Scaling group, see [Preview instance types with specified attributes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-get-instance-types-from-instance-requirements) in the *Amazon EC2 User Guide for Linux Instances* .
│    │    │    `InstanceRequirements` is a property of the `LaunchTemplateOverrides` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) property type.
│    │    ├[~] type LaunchTemplateSpecification
│    │    │ └  - documentation: Specifies a launch template to use when provisioning EC2 instances for an Auto Scaling group.
│    │    │    You must specify the following:
│    │    │    - The ID or the name of the launch template, but not both.
│    │    │    - The version of the launch template.
│    │    │    `LaunchTemplateSpecification` is property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. It is also a property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) and [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property types.
│    │    │    For information about creating a launch template, see [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) and [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │    │    For examples of launch templates, see [Auto scaling template snippets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html) and the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate--examples) section in the `AWS::EC2::LaunchTemplate` resource.
│    │    │    + documentation: Specifies a launch template to use when provisioning EC2 instances for an Auto Scaling group.
│    │    │    You must specify the following:
│    │    │    - The ID or the name of the launch template, but not both.
│    │    │    - The version of the launch template.
│    │    │    `LaunchTemplateSpecification` is property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. It is also a property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) and [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property types.
│    │    │    For information about creating a launch template, see [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) and [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │    │    For examples of launch templates, see [Create launch templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-launch-templates.html) .
│    │    └[~] type NotificationConfiguration
│    │      └  - documentation: A structure that specifies an Amazon SNS notification configuration for the `NotificationConfigurations` property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource.
│    │         For an example template snippet, see [Auto scaling template snippets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html) .
│    │         For more information, see [Get Amazon SNS notifications when your Auto Scaling group scales](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │         + documentation: A structure that specifies an Amazon SNS notification configuration for the `NotificationConfigurations` property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource.
│    │         For an example template snippet, see [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html) .
│    │         For more information, see [Get Amazon SNS notifications when your Auto Scaling group scales](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    ├[~] resource AWS::AutoScaling::LaunchConfiguration
│    │ └  - documentation: The `AWS::AutoScaling::LaunchConfiguration` resource specifies the launch configuration that can be used by an Auto Scaling group to configure Amazon EC2 instances.
│    │    When you update the launch configuration for an Auto Scaling group, CloudFormation deletes that resource and creates a new launch configuration with the updated properties and a new name. Existing instances are not affected. To update existing instances when you update the `AWS::AutoScaling::LaunchConfiguration` resource, you can specify an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) for the group. You can find sample update policies for rolling updates in [Auto scaling template snippets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html) .
│    │    > Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a [launch template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) or a launch configuration. We strongly recommend that you do not use launch configurations. They do not provide full functionality for Amazon EC2 Auto Scaling or Amazon EC2. For more information, see [Launch configurations](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html) and [Migrate AWS CloudFormation stacks from launch configurations to launch templates](https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │    + documentation: The `AWS::AutoScaling::LaunchConfiguration` resource specifies the launch configuration that can be used by an Auto Scaling group to configure Amazon EC2 instances.
│    │    When you update the launch configuration for an Auto Scaling group, CloudFormation deletes that resource and creates a new launch configuration with the updated properties and a new name. Existing instances are not affected. To update existing instances when you update the `AWS::AutoScaling::LaunchConfiguration` resource, you can specify an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) for the group. You can find sample update policies for rolling updates in [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html) .
│    │    > Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a [launch template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) or a launch configuration. We strongly recommend that you do not use launch configurations. For more information, see [Launch configurations](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    │    > 
│    │    > For help migrating from launch configurations to launch templates, see [Migrate AWS CloudFormation stacks from launch configurations to launch templates](https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html) in the *Amazon EC2 Auto Scaling User Guide* .
│    └[~] resource AWS::AutoScaling::ScheduledAction
│      └  - documentation: The `AWS::AutoScaling::ScheduledAction` resource specifies an Amazon EC2 Auto Scaling scheduled action so that the Auto Scaling group can change the number of instances available for your application in response to predictable load changes.
│         When you update a stack with an Auto Scaling group and scheduled action, CloudFormation always sets the min size, max size, and desired capacity properties of your group to the values that are defined in the `AWS::AutoScaling::AutoScalingGroup` section of your template. However, you might not want CloudFormation to do that when you have a scheduled action in effect. You can use an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) to prevent CloudFormation from changing the min size, max size, or desired capacity property values during a stack update unless you modified the individual values in your template. If you have rolling updates enabled, before you can update the Auto Scaling group, you must suspend scheduled actions by specifying an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) for the Auto Scaling group. You can find a sample update policy for rolling updates in [Auto scaling template snippets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html) .
│         For more information, see [Scheduled scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html) and [Suspending and resuming scaling processes](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) in the *Amazon EC2 Auto Scaling User Guide* .
│         + documentation: The `AWS::AutoScaling::ScheduledAction` resource specifies an Amazon EC2 Auto Scaling scheduled action so that the Auto Scaling group can change the number of instances available for your application in response to predictable load changes.
│         When you update a stack with an Auto Scaling group and scheduled action, CloudFormation always sets the min size, max size, and desired capacity properties of your group to the values that are defined in the `AWS::AutoScaling::AutoScalingGroup` section of your template. However, you might not want CloudFormation to do that when you have a scheduled action in effect. You can use an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) to prevent CloudFormation from changing the min size, max size, or desired capacity property values during a stack update unless you modified the individual values in your template. If you have rolling updates enabled, before you can update the Auto Scaling group, you must suspend scheduled actions by specifying an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) for the Auto Scaling group. You can find a sample update policy for rolling updates in [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html) .
│         For more information, see [Scheduled scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html) and [Suspending and resuming scaling processes](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) in the *Amazon EC2 Auto Scaling User Guide* .
├[~] service aws-batch
│ └ resources
│    └[~] resource AWS::Batch::JobDefinition
│      └ types
│         ├[~] type ContainerProperties
│         │ └ properties
│         │    └[+] RepositoryCredentials: RepositoryCredentials
│         ├[~] type Metadata
│         │ ├  - documentation: undefined
│         │ │  + documentation: Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .
│         │ └ properties
│         │    └ Labels: (documentation changed)
│         ├[~] type PodProperties
│         │ ├  - documentation: undefined
│         │ │  + documentation: The properties for the pod.
│         │ └ properties
│         │    ├ Containers: (documentation changed)
│         │    ├ DnsPolicy: (documentation changed)
│         │    ├ HostNetwork: (documentation changed)
│         │    ├ Metadata: (documentation changed)
│         │    ├ ServiceAccountName: (documentation changed)
│         │    └ Volumes: (documentation changed)
│         └[+] type RepositoryCredentials
│           ├  documentation: The repository credentials for private registry authentication.
│           │  name: RepositoryCredentials
│           └ properties
│              └CredentialsParameter: string (required)
├[~] service aws-cleanrooms
│ └ resources
│    └[~] resource AWS::CleanRooms::AnalysisTemplate
│      └ attributes
│         └ Schema: (documentation changed)
├[~] service aws-cloudformation
│ └ resources
│    ├[~] resource AWS::CloudFormation::Stack
│    │ └ attributes
│    │    └ Outputs: (documentation changed)
│    └[~] resource AWS::CloudFormation::WaitCondition
│      └ attributes
│         └ Data: (documentation changed)
├[~] service aws-cloudfront
│ └ resources
│    ├[~] resource AWS::CloudFront::Distribution
│    │ └ types
│    │    ├[~] type DistributionConfig
│    │    │ └ properties
│    │    │    ├ CNAMEs: (documentation changed)
│    │    │    ├ CustomOrigin: (documentation changed)
│    │    │    ├ S3Origin: (documentation changed)
│    │    │    └ WebACLId: (documentation changed)
│    │    ├[~] type LegacyCustomOrigin
│    │    │ └ properties
│    │    │    ├ DNSName: (documentation changed)
│    │    │    ├ HTTPPort: (documentation changed)
│    │    │    ├ HTTPSPort: (documentation changed)
│    │    │    ├ OriginProtocolPolicy: (documentation changed)
│    │    │    └ OriginSSLProtocols: (documentation changed)
│    │    ├[~] type LegacyS3Origin
│    │    │ └ properties
│    │    │    ├ DNSName: (documentation changed)
│    │    │    └ OriginAccessIdentity: (documentation changed)
│    │    └[~] type S3OriginConfig
│    │      └ properties
│    │         └ OriginAccessIdentity: (documentation changed)
│    └[~] resource AWS::CloudFront::Function
│      └ attributes
│         └ FunctionMetadata.FunctionARN: (documentation changed)
├[~] service aws-cloudtrail
│ └ resources
│    ├[~] resource AWS::CloudTrail::EventDataStore
│    │ └ types
│    │    └[~] type AdvancedFieldSelector
│    │      └ properties
│    │         └ Field: (documentation changed)
│    └[~] resource AWS::CloudTrail::Trail
│      └ types
│         └[~] type AdvancedFieldSelector
│           └ properties
│              └ Field: (documentation changed)
├[~] service aws-cloudwatch
│ └ resources
│    └[~] resource AWS::CloudWatch::AnomalyDetector
│      ├  - documentation: The `AWS::CloudWatch::AnomalyDetector` type specifies an anomaly detection band for a certain metric and statistic. The band represents the expected "normal" range for the metric values. Anomaly detection bands can be used for visualization of a metric's expected values, and for alarms.
│      │  + documentation: The `AWS::CloudWatch::AnomalyDetector` type specifies an anomaly detection band for a certain metric and statistic. The band represents the expected "normal" range for the metric values. Anomaly detection bands can be used for visualization of a metric's expected values, and for alarms.
│      │  For more information see [Using CloudWatch anomaly detection.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Anomaly_Detection.html) .
│      └ types
│         └[~] type SingleMetricAnomalyDetector
│           └  - documentation: Designates the CloudWatch metric and statistic that provides the time series the anomaly detector uses as input.
│              + documentation: Designates the CloudWatch metric and statistic that provides the time series the anomaly detector uses as input. If you have enabled unified cross-account observability, and this account is a monitoring account, the metric can be in the same account or a source account.
├[~] service aws-codepipeline
│ └ resources
│    └[~] resource AWS::CodePipeline::Pipeline
│      ├  - documentation: The `AWS::CodePipeline::Pipeline` resource creates a CodePipeline pipeline that describes how software changes go through a release process. For more information, see [What Is CodePipeline?](https://docs.aws.amazon.com/codepipeline/latest/userguide/welcome.html) in the *AWS CodePipeline User Guide* .
│      │  + documentation: The `AWS::CodePipeline::Pipeline` resource creates a CodePipeline pipeline that describes how software changes go through a release process. For more information, see [What Is CodePipeline?](https://docs.aws.amazon.com/codepipeline/latest/userguide/welcome.html) in the *CodePipeline User Guide* .
│      │  For an example in YAML and JSON that contains the parameters in this reference, see [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html#aws-resource-codepipeline-pipeline--examples) .
│      ├ properties
│      │  ├[+] ExecutionMode: string
│      │  └ PipelineType: (documentation changed)
│      └ types
│         ├[~] type ActionDeclaration
│         │ └  - documentation: Represents information about an action declaration.
│         │    + documentation: Represents information about an action declaration.
│         │    > Documentation for the `timeoutInMinutes` parameter in the `ActionDeclaration` is not yet available for CloudFormation and CDK resources in CodePipeline. For more information about the configurable timeout for manual approval actions, see the [ActionDeclaration](https://docs.aws.amazon.com/codepipeline/latest/APIReference/API_ActionDeclaration.html) in the CodePipeline API Reference.
│         ├[+] type GitBranchFilterCriteria
│         │ ├  documentation: The Git repository branches specified as filter criteria to start the pipeline.
│         │ │  name: GitBranchFilterCriteria
│         │ └ properties
│         │    ├Includes: Array<string>
│         │    └Excludes: Array<string>
│         ├[~] type GitConfiguration
│         │ └ properties
│         │    ├[+] PullRequest: Array<GitPullRequestFilter>
│         │    └ Push: (documentation changed)
│         ├[+] type GitFilePathFilterCriteria
│         │ ├  documentation: The Git repository file paths specified as filter criteria to start the pipeline.
│         │ │  name: GitFilePathFilterCriteria
│         │ └ properties
│         │    ├Includes: Array<string>
│         │    └Excludes: Array<string>
│         ├[+] type GitPullRequestFilter
│         │ ├  documentation: The event criteria for the pull request trigger configuration, such as the lists of branches or file paths to include and exclude.
│         │ │  name: GitPullRequestFilter
│         │ └ properties
│         │    ├FilePaths: GitFilePathFilterCriteria
│         │    ├Events: Array<string>
│         │    └Branches: GitBranchFilterCriteria
│         └[~] type GitPushFilter
│           └ properties
│              ├[+] Branches: GitBranchFilterCriteria
│              └[+] FilePaths: GitFilePathFilterCriteria
├[~] service aws-cognito
│ └ resources
│    └[~] resource AWS::Cognito::UserPoolRiskConfigurationAttachment
│      └ attributes
│         └[-] Id: string
├[~] service aws-config
│ └ resources
│    └[~] resource AWS::Config::ConformancePack
│      └ types
│         └[~] type TemplateSSMDocumentDetails
│           └ properties
│              └ DocumentName: (documentation changed)
├[~] service aws-connect
│ └ resources
│    └[~] resource AWS::Connect::User
│      └ types
│         ├[~] type UserIdentityInfo
│         │ └  - documentation: Contains information about the identity of a user.
│         │    + documentation: Contains information about the identity of a user.
│         │    > For Amazon Connect instances that are created with the `EXISTING_DIRECTORY` identity management type, `FirstName` , `LastName` , and `Email` cannot be updated from within Amazon Connect because they are managed by the directory.
│         └[~] type UserPhoneConfig
│           └ properties
│              └ AfterContactWorkTimeLimit: (documentation changed)
├[~] service aws-controltower
│ └ resources
│    ├[+] resource AWS::ControlTower::EnabledBaseline
│    │ ├  name: EnabledBaseline
│    │ │  cloudFormationType: AWS::ControlTower::EnabledBaseline
│    │ │  documentation: This resource represents a `Baseline` that has been applied to a target.
│    │ │  tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│    │ ├ properties
│    │ │  ├BaselineIdentifier: string (required, immutable)
│    │ │  ├BaselineVersion: string (required)
│    │ │  ├TargetIdentifier: string (required, immutable)
│    │ │  ├Parameters: Array<Parameter>
│    │ │  └Tags: Array<tag>
│    │ ├ attributes
│    │ │  └EnabledBaselineIdentifier: string
│    │ └ types
│    │    └type Parameter
│    │     ├  documentation: A key-value parameter to an `EnabledBaseline` resource.
│    │     │  name: Parameter
│    │     └ properties
│    │        ├Key: string
│    │        └Value: string | json | number | Array<boolean | number | json | string> | boolean
│    ├[~] resource AWS::ControlTower::EnabledControl
│    │ ├  - tagInformation: undefined
│    │ │  + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│    │ └ properties
│    │    ├ ControlIdentifier: (documentation changed)
│    │    └[+] Tags: Array<tag>
│    └[~] resource AWS::ControlTower::LandingZone
│      ├ properties
│      │  └ Manifest: (documentation changed)
│      └ attributes
│         └ Status: (documentation changed)
├[~] service aws-datasync
│ └ resources
│    └[~] resource AWS::DataSync::Task
│      └ attributes
│         ├ DestinationNetworkInterfaceArns: (documentation changed)
│         └ SourceNetworkInterfaceArns: (documentation changed)
├[~] service aws-directoryservice
│ └ resources
│    ├[~] resource AWS::DirectoryService::MicrosoftAD
│    │ └ attributes
│    │    └ DnsIpAddresses: (documentation changed)
│    └[~] resource AWS::DirectoryService::SimpleAD
│      └ attributes
│         └ DnsIpAddresses: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    ├[~] resource AWS::EC2::ClientVpnEndpoint
│    │ ├ properties
│    │ │  └[-] ClientRouteMonitoringOptions: ClientRouteMonitoringOptions
│    │ └ types
│    │    └[-] type ClientRouteMonitoringOptions
│    │      ├  name: ClientRouteMonitoringOptions
│    │      └ properties
│    │         └Enabled: boolean
│    ├[~] resource AWS::EC2::EC2Fleet
│    │ └ types
│    │    └[~] type InstanceRequirementsRequest
│    │      └ properties
│    │         └[+] MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: integer
│    ├[~] resource AWS::EC2::LaunchTemplate
│    │ └ types
│    │    └[~] type MaintenanceOptions
│    │      └ properties
│    │         └ RebootMigration: (documentation changed)
│    ├[~] resource AWS::EC2::NetworkInsightsAnalysis
│    │ └ attributes
│    │    ├ AlternatePathHints: (documentation changed)
│    │    ├ Explanations: (documentation changed)
│    │    ├ ForwardPathComponents: (documentation changed)
│    │    ├ ReturnPathComponents: (documentation changed)
│    │    └ SuggestedAccounts: (documentation changed)
│    ├[~] resource AWS::EC2::NetworkInterface
│    │ └ attributes
│    │    └ SecondaryPrivateIpAddresses: (documentation changed)
│    ├[~] resource AWS::EC2::PrefixList
│    │ └ properties
│    │    └ MaxEntries: - integer (required)
│    │                  + integer
│    ├[~] resource AWS::EC2::SecurityGroupEgress
│    │ └ attributes
│    │    └ Id: (documentation changed)
│    ├[~] resource AWS::EC2::SpotFleet
│    │ └ types
│    │    └[~] type InstanceRequirementsRequest
│    │      └ properties
│    │         └[+] MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: integer
│    ├[~] resource AWS::EC2::TransitGatewayPeeringAttachment
│    │ └ attributes
│    │    └ Status: (documentation changed)
│    ├[~] resource AWS::EC2::VPC
│    │ └ attributes
│    │    ├ CidrBlockAssociations: (documentation changed)
│    │    └ Ipv6CidrBlocks: (documentation changed)
│    └[~] resource AWS::EC2::VPCEndpoint
│      └ attributes
│         ├ DnsEntries: (documentation changed)
│         └ NetworkInterfaceIds: (documentation changed)
├[~] service aws-ecs
│ └ resources
│    └[~] resource AWS::ECS::TaskDefinition
│      └ types
│         └[~] type KernelCapabilities
│           └  - documentation: The `KernelCapabilities` property specifies the Linux capabilities for the container that are added to or dropped from the default configuration that is provided by Docker. For more information on the default capabilities and the non-default available capabilities, see [Runtime privilege and Linux capabilities](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) in the *Docker run reference* . For more detailed information on these Linux capabilities, see the [capabilities(7)](https://docs.aws.amazon.com/http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page.
│              + documentation: The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition. For more information about the default capabilities and the non-default available capabilities, see [Runtime privilege and Linux capabilities](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) in the *Docker run reference* . For more detailed information about these Linux capabilities, see the [capabilities(7)](https://docs.aws.amazon.com/http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page.
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Cluster
│      └ attributes
│         └ KubernetesNetworkConfig.ServiceIpv6Cidr: (documentation changed)
├[~] service aws-elasticache
│ └ resources
│    ├[~] resource AWS::ElastiCache::CacheCluster
│    │ └ properties
│    │    └ PreferredMaintenanceWindow: (documentation changed)
│    ├[~] resource AWS::ElastiCache::ParameterGroup
│    │ └ attributes
│    │    └[+] CacheParameterGroupName: string
│    ├[~] resource AWS::ElastiCache::ReplicationGroup
│    │ └ attributes
│    │    ├ ReadEndPoint.Addresses.List: (documentation changed)
│    │    └ ReadEndPoint.Ports.List: (documentation changed)
│    ├[~] resource AWS::ElastiCache::ServerlessCache
│    │ ├ properties
│    │ │  ├ Endpoint: (documentation changed)
│    │ │  └ ReaderEndpoint: (documentation changed)
│    │ └ types
│    │    └[~] type Endpoint
│    │      └  - documentation: Represents the information required for client programs to connect to a cache node.
│    │         + documentation: Represents the information required for client programs to connect to a cache node. This value is read-only.
│    └[~] resource AWS::ElastiCache::User
│      └ properties
│         └ AuthenticationMode: (documentation changed)
├[~] service aws-elasticloadbalancingv2
│ └ resources
│    ├[~] resource AWS::ElasticLoadBalancingV2::LoadBalancer
│    │ └ attributes
│    │    └ SecurityGroups: (documentation changed)
│    ├[~] resource AWS::ElasticLoadBalancingV2::TargetGroup
│    │ └ attributes
│    │    └ LoadBalancerArns: (documentation changed)
│    └[~] resource AWS::ElasticLoadBalancingV2::TrustStoreRevocation
│      └ attributes
│         └ TrustStoreRevocations: (documentation changed)
├[~] service aws-emr
│ └ resources
│    └[~] resource AWS::EMR::Cluster
│      └ types
│         └[~] type JobFlowInstancesConfig
│           └ properties
│              └[+] UnhealthyNodeReplacement: boolean
├[~] service aws-fis
│ └ resources
│    └[~] resource AWS::FIS::ExperimentTemplate
│      └ types
│         └[~] type ExperimentTemplateAction
│           └ properties
│              ├ Parameters: (documentation changed)
│              └ Targets: (documentation changed)
├[~] service aws-frauddetector
│ └ resources
│    └[~] resource AWS::FraudDetector::Detector
│      └ attributes
│         ├ EventType.Arn: (documentation changed)
│         ├ EventType.CreatedTime: (documentation changed)
│         └ EventType.LastUpdatedTime: (documentation changed)
├[~] service aws-globalaccelerator
│ └ resources
│    └[~] resource AWS::GlobalAccelerator::Accelerator
│      └ attributes
│         ├ Ipv4Addresses: (documentation changed)
│         └ Ipv6Addresses: (documentation changed)
├[~] service aws-glue
│ └ resources
│    ├[~] resource AWS::Glue::Classifier
│    │ └ types
│    │    └[~] type CsvClassifier
│    │      └ properties
│    │         ├ ContainsCustomDatatype: (documentation changed)
│    │         └ CustomDatatypeConfigured: (documentation changed)
│    ├[~] resource AWS::Glue::Crawler
│    │ └ types
│    │    ├[~] type IcebergTarget
│    │    │ ├  - documentation: Specifies an Apache Iceberg data source where Iceberg tables are stored in Amazon S3.
│    │    │ │  + documentation: Specifies Apache Iceberg data store targets.
│    │    │ └ properties
│    │    │    ├ Exclusions: (documentation changed)
│    │    │    └ Paths: (documentation changed)
│    │    └[~] type Targets
│    │      └ properties
│    │         └ IcebergTargets: (documentation changed)
│    ├[~] resource AWS::Glue::CustomEntityType
│    │ └ properties
│    │    └ Tags: (documentation changed)
│    ├[~] resource AWS::Glue::Database
│    │ └ types
│    │    └[~] type DatabaseIdentifier
│    │      └ properties
│    │         └ Region: (documentation changed)
│    ├[~] resource AWS::Glue::DataCatalogEncryptionSettings
│    │ └ types
│    │    └[~] type EncryptionAtRest
│    │      └ properties
│    │         └[+] CatalogEncryptionServiceRole: string
│    ├[~] resource AWS::Glue::Table
│    │ ├ properties
│    │ │  └ OpenTableFormatInput: (documentation changed)
│    │ └ types
│    │    ├[~] type IcebergInput
│    │    │ ├  - documentation: A structure that defines an Apache Iceberg metadata table to create in the catalog.
│    │    │ │  + documentation: Specifies an input structure that defines an Apache Iceberg metadata table.
│    │    │ └ properties
│    │    │    └ MetadataOperation: (documentation changed)
│    │    ├[~] type OpenTableFormatInput
│    │    │ └  - documentation: A structure representing an open format table.
│    │    │    + documentation: Specifies an `OpenTableFormatInput` structure when creating an open format table.
│    │    └[~] type TableIdentifier
│    │      └ properties
│    │         └ Region: (documentation changed)
│    └[~] resource AWS::Glue::TableOptimizer
│      ├  - documentation: Resource Type definition for AWS::Glue::TableOptimizer
│      │  + documentation: A resource that describes the AWS Glue resource for enabling compaction to improve read performance for open table formats.
│      ├ properties
│      │  ├ CatalogId: (documentation changed)
│      │  └ Type: (documentation changed)
│      └ types
│         └[~] type TableOptimizerConfiguration
│           ├  - documentation: undefined
│           │  + documentation: Specifies configuration details of a table optimizer.
│           └ properties
│              ├ Enabled: - boolean
│              │          + boolean (required)
│              │          (documentation changed)
│              └ RoleArn: - string
│                         + string (required)
│                         (documentation changed)
├[~] service aws-groundstation
│ └ resources
│    └[~] resource AWS::GroundStation::MissionProfile
│      └ properties
│         ├ ContactPostPassDurationSeconds: (documentation changed)
│         └ ContactPrePassDurationSeconds: (documentation changed)
├[~] service aws-guardduty
│ └ resources
│    ├[~] resource AWS::GuardDuty::Master
│    │ └ properties
│    │    └ MasterId: (documentation changed)
│    └[~] resource AWS::GuardDuty::Member
│      └ properties
│         ├ DetectorId: - string (required, immutable)
│         │             + string (immutable)
│         └ MemberId: - string (required, immutable)
│                     + string (immutable)
│                     (documentation changed)
├[~] service aws-imagebuilder
│ └ resources
│    ├[~] resource AWS::ImageBuilder::Image
│    │ ├  - documentation: An image build version. An image is a customized, secure, and up-to-date “golden” server image that is pre-installed and pre-configured with software and settings to meet specific IT standards.
│    │ │  + documentation: Creates a new image. This request will create a new image along with all of the configured output resources defined in the distribution configuration. You must specify exactly one recipe for your image, using either a ContainerRecipeArn or an ImageRecipeArn.
│    │ ├ properties
│    │ │  ├ ContainerRecipeArn: (documentation changed)
│    │ │  ├ DistributionConfigurationArn: (documentation changed)
│    │ │  ├ EnhancedImageMetadataEnabled: (documentation changed)
│    │ │  ├ ImageRecipeArn: (documentation changed)
│    │ │  ├ ImageTestsConfiguration: (documentation changed)
│    │ │  ├ InfrastructureConfigurationArn: (documentation changed)
│    │ │  └ Workflows: (documentation changed)
│    │ └ attributes
│    │    └ ImageUri: (documentation changed)
│    ├[~] resource AWS::ImageBuilder::LifecyclePolicy
│    │ ├  - documentation: The configuration details for a lifecycle policy resource.
│    │ │  + documentation: Create a lifecycle policy resource.
│    │ ├ properties
│    │ │  ├ ExecutionRole: (documentation changed)
│    │ │  ├ Name: (documentation changed)
│    │ │  ├ PolicyDetails: (documentation changed)
│    │ │  ├ ResourceSelection: (documentation changed)
│    │ │  ├ ResourceType: (documentation changed)
│    │ │  └ Tags: (documentation changed)
│    │ └ types
│    │    ├[~] type Action
│    │    │ ├  - documentation: The action of the policy detail.
│    │    │ │  + documentation: Contains selection criteria for the lifecycle policy.
│    │    │ └ properties
│    │    │    ├ IncludeResources: (documentation changed)
│    │    │    └ Type: (documentation changed)
│    │    ├[~] type AmiExclusionRules
│    │    │ ├  - documentation: The AMI exclusion rules for the policy detail.
│    │    │ │  + documentation: Defines criteria for AMIs that are excluded from lifecycle actions.
│    │    │ └ properties
│    │    │    ├ IsPublic: (documentation changed)
│    │    │    ├ LastLaunched: (documentation changed)
│    │    │    ├ Regions: (documentation changed)
│    │    │    ├ SharedAccounts: (documentation changed)
│    │    │    └ TagMap: (documentation changed)
│    │    ├[~] type ExclusionRules
│    │    │ ├  - documentation: The exclusion rules to apply of the policy detail.
│    │    │ │  + documentation: Specifies resources that lifecycle policy actions should not apply to.
│    │    │ └ properties
│    │    │    ├ Amis: (documentation changed)
│    │    │    └ TagMap: (documentation changed)
│    │    ├[~] type Filter
│    │    │ ├  - documentation: A filter name and value pair that is used to return a more specific list of results from a list operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
│    │    │ │  + documentation: Defines filters that the lifecycle policy uses to determine impacted resource.
│    │    │ └ properties
│    │    │    ├ RetainAtLeast: (documentation changed)
│    │    │    ├ Type: (documentation changed)
│    │    │    ├ Unit: (documentation changed)
│    │    │    └ Value: (documentation changed)
│    │    ├[~] type IncludeResources
│    │    │ ├  - documentation: The included resources of the policy detail.
│    │    │ │  + documentation: Specifies how the lifecycle policy should apply actions to selected resources.
│    │    │ └ properties
│    │    │    ├ Amis: (documentation changed)
│    │    │    ├ Containers: (documentation changed)
│    │    │    └ Snapshots: (documentation changed)
│    │    ├[~] type LastLaunched
│    │    │ ├  - documentation: The last launched time of a resource.
│    │    │ │  + documentation: Defines criteria to exclude AMIs from lifecycle actions based on the last time they were used to launch an instance.
│    │    │ └ properties
│    │    │    ├ Unit: (documentation changed)
│    │    │    └ Value: (documentation changed)
│    │    ├[~] type PolicyDetail
│    │    │ ├  - documentation: The policy detail of the lifecycle policy.
│    │    │ │  + documentation: The configuration details for a lifecycle policy resource.
│    │    │ └ properties
│    │    │    ├ Action: (documentation changed)
│    │    │    ├ ExclusionRules: (documentation changed)
│    │    │    └ Filter: (documentation changed)
│    │    ├[~] type RecipeSelection
│    │    │ ├  - documentation: The recipe to apply the lifecycle policy for.
│    │    │ │  + documentation: Specifies an Image Builder recipe that the lifecycle policy uses for resource selection.
│    │    │ └ properties
│    │    │    ├ Name: (documentation changed)
│    │    │    └ SemanticVersion: (documentation changed)
│    │    └[~] type ResourceSelection
│    │      ├  - documentation: The resource selection for the lifecycle policy.
│    │      │  + documentation: Resource selection criteria for the lifecycle policy.
│    │      └ properties
│    │         ├ Recipes: (documentation changed)
│    │         └ TagMap: (documentation changed)
│    └[~] resource AWS::ImageBuilder::Workflow
│      └ properties
│         ├ Data: (documentation changed)
│         ├ Description: (documentation changed)
│         ├ KmsKeyId: (documentation changed)
│         ├ Name: (documentation changed)
│         ├ Tags: (documentation changed)
│         ├ Type: (documentation changed)
│         ├ Uri: (documentation changed)
│         └ Version: (documentation changed)
├[~] service aws-internetmonitor
│ └ resources
│    └[~] resource AWS::InternetMonitor::Monitor
│      └ types
│         ├[~] type InternetMeasurementsLogDelivery
│         │ └ properties
│         │    └ S3Config: (documentation changed)
│         └[~] type S3Config
│           ├  - documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs.
│           │  + documentation: The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) bucket prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` if you choose to deliver internet measurements to S3 logs, and `DISABLED` otherwise.
│           │  The measurements are also published to Amazon CloudWatch Logs.
│           └ properties
│              ├ BucketName: (documentation changed)
│              ├ BucketPrefix: (documentation changed)
│              └ LogDeliveryStatus: (documentation changed)
├[~] service aws-iot
│ └ resources
│    └[~] resource AWS::IoT::DomainConfiguration
│      ├ properties
│      │  └ ServerCertificateConfig: (documentation changed)
│      ├ attributes
│      │  └ ServerCertificates: (documentation changed)
│      └ types
│         └[~] type ServerCertificateConfig
│           ├  - documentation: undefined
│           │  + documentation: The server certificate configuration.
│           │  For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.
│           └ properties
│              └ EnableOCSPCheck: (documentation changed)
├[~] service aws-iotevents
│ └ resources
│    ├[~] resource AWS::IoTEvents::AlarmModel
│    │ └ types
│    │    └[~] type Firehose
│    │      └ properties
│    │         └ Payload: (documentation changed)
│    └[~] resource AWS::IoTEvents::DetectorModel
│      └ types
│         └[~] type Firehose
│           └ properties
│              └ Payload: (documentation changed)
├[~] service aws-iotfleetwise
│ └ resources
│    └[~] resource AWS::IoTFleetWise::SignalCatalog
│      └ attributes
│         ├ NodeCounts.TotalActuators: (documentation changed)
│         ├ NodeCounts.TotalAttributes: (documentation changed)
│         ├ NodeCounts.TotalBranches: (documentation changed)
│         ├ NodeCounts.TotalNodes: (documentation changed)
│         └ NodeCounts.TotalSensors: (documentation changed)
├[~] service aws-iottwinmaker
│ └ resources
│    ├[~] resource AWS::IoTTwinMaker::ComponentType
│    │ └ attributes
│    │    └ Status: (documentation changed)
│    ├[~] resource AWS::IoTTwinMaker::Entity
│    │ └ attributes
│    │    └ Status: (documentation changed)
│    └[~] resource AWS::IoTTwinMaker::Scene
│      └ attributes
│         └ GeneratedSceneMetadata: (documentation changed)
├[~] service aws-iotwireless
│ └ resources
│    ├[~] resource AWS::IoTWireless::FuotaTask
│    │ └ attributes
│    │    └ LoRaWAN.StartTime: (documentation changed)
│    ├[~] resource AWS::IoTWireless::MulticastGroup
│    │ └ attributes
│    │    ├ LoRaWAN.NumberOfDevicesInGroup: (documentation changed)
│    │    └ LoRaWAN.NumberOfDevicesRequested: (documentation changed)
│    └[~] resource AWS::IoTWireless::ServiceProfile
│      └ attributes
│         ├ LoRaWAN.ChannelMask: (documentation changed)
│         ├ LoRaWAN.DevStatusReqFreq: (documentation changed)
│         ├ LoRaWAN.DlBucketSize: (documentation changed)
│         ├ LoRaWAN.DlRate: (documentation changed)
│         ├ LoRaWAN.DlRatePolicy: (documentation changed)
│         ├ LoRaWAN.DrMax: (documentation changed)
│         ├ LoRaWAN.DrMin: (documentation changed)
│         ├ LoRaWAN.HrAllowed: (documentation changed)
│         ├ LoRaWAN.MinGwDiversity: (documentation changed)
│         ├ LoRaWAN.NwkGeoLoc: (documentation changed)
│         ├ LoRaWAN.ReportDevStatusBattery: (documentation changed)
│         ├ LoRaWAN.ReportDevStatusMargin: (documentation changed)
│         ├ LoRaWAN.TargetPer: (documentation changed)
│         ├ LoRaWAN.UlBucketSize: (documentation changed)
│         ├ LoRaWAN.UlRate: (documentation changed)
│         └ LoRaWAN.UlRatePolicy: (documentation changed)
├[~] service aws-kendra
│ └ resources
│    └[~] resource AWS::Kendra::DataSource
│      └ types
│         ├[~] type DataSourceConfiguration
│         │ └ properties
│         │    └ S3Configuration: (documentation changed)
│         └[~] type S3DataSourceConfiguration
│           ├  - documentation: Provides the configuration information to connect to an Amazon S3 bucket.
│           │  > `S3DataSourceConfiguration` is deprecated. Amazon VPC is not supported if you configure your Amazon S3 connector with this method. Use [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) to configure your Amazon S3 connector instead. See [Amazon S3 template schema](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html#ds-s3-schema) for more details.
│           │  + documentation: Provides the configuration information to connect to an Amazon S3 bucket.
│           │  > Amazon Kendra now supports an upgraded Amazon S3 connector.
│           │  > 
│           │  > You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.
│           │  > 
│           │  > Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.
│           │  > 
│           │  > We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.
│           └ properties
│              ├ ExclusionPatterns: (documentation changed)
│              └ InclusionPatterns: (documentation changed)
├[~] service aws-kinesisfirehose
│ └ resources
│    └[~] resource AWS::KinesisFirehose::DeliveryStream
│      ├ properties
│      │  └ SnowflakeDestinationConfiguration: (documentation changed)
│      └ types
│         ├[~] type AmazonOpenSearchServerlessDestinationConfiguration
│         │ └ properties
│         │    ├ RetryOptions: (documentation changed)
│         │    ├ RoleARN: (documentation changed)
│         │    └ S3BackupMode: (documentation changed)
│         ├[~] type AmazonOpenSearchServerlessRetryOptions
│         │ ├  - documentation: Configures retry behavior in case Kinesis Data Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service.
│         │ │  + documentation: Configures retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service.
│         │ └ properties
│         │    └ DurationInSeconds: (documentation changed)
│         ├[~] type AmazonopensearchserviceDestinationConfiguration
│         │ └ properties
│         │    └ DocumentIdOptions: (documentation changed)
│         ├[~] type DataFormatConversionConfiguration
│         │ └ properties
│         │    ├ InputFormatConfiguration: (documentation changed)
│         │    └ OutputFormatConfiguration: (documentation changed)
│         ├[~] type DeliveryStreamEncryptionConfigurationInput
│         │ └ properties
│         │    └ KeyARN: (documentation changed)
│         ├[~] type Deserializer
│         │ └ properties
│         │    ├ HiveJsonSerDe: (documentation changed)
│         │    └ OpenXJsonSerDe: (documentation changed)
│         ├[~] type DocumentIdOptions
│         │ ├  - documentation: Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
│         │ │  + documentation: Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.
│         │ └ properties
│         │    └ DefaultDocumentIdFormat: (documentation changed)
│         ├[~] type ElasticsearchDestinationConfiguration
│         │ └ properties
│         │    └ DocumentIdOptions: (documentation changed)
│         ├[~] type HiveJsonSerDe
│         │ ├  - documentation: The native Hive / HCatalog JsonSerDe. Used by Kinesis Data Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.
│         │ │  + documentation: The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.
│         │ └ properties
│         │    └ TimestampFormats: (documentation changed)
│         ├[~] type OpenXJsonSerDe
│         │ ├  - documentation: The OpenX SerDe. Used by Kinesis Data Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.
│         │ │  + documentation: The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.
│         │ └ properties
│         │    ├ CaseInsensitive: (documentation changed)
│         │    └ ConvertDotsInJsonKeysToUnderscores: (documentation changed)
│         ├[~] type OrcSerDe
│         │ └ properties
│         │    ├ BlockSizeBytes: (documentation changed)
│         │    └ BloomFilterColumns: (documentation changed)
│         ├[~] type OutputFormatConfiguration
│         │ └  - documentation: Specifies the serializer that you want Kinesis Data Firehose to use to convert the format of your data before it writes it to Amazon S3. This parameter is required if `Enabled` is set to true.
│         │    + documentation: Specifies the serializer that you want Firehose to use to convert the format of your data before it writes it to Amazon S3. This parameter is required if `Enabled` is set to true.
│         ├[~] type ParquetSerDe
│         │ └ properties
│         │    └ BlockSizeBytes: (documentation changed)
│         ├[~] type RedshiftDestinationConfiguration
│         │ └ properties
│         │    └ RetryOptions: (documentation changed)
│         ├[~] type RedshiftRetryOptions
│         │ ├  - documentation: Configures retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon Redshift.
│         │ │  + documentation: Configures retry behavior in case Firehose is unable to deliver documents to Amazon Redshift.
│         │ └ properties
│         │    └ DurationInSeconds: (documentation changed)
│         ├[~] type SchemaConfiguration
│         │ ├  - documentation: Specifies the schema to which you want Kinesis Data Firehose to configure your data before it writes it to Amazon S3. This parameter is required if `Enabled` is set to true.
│         │ │  + documentation: Specifies the schema to which you want Firehose to configure your data before it writes it to Amazon S3. This parameter is required if `Enabled` is set to true.
│         │ └ properties
│         │    ├ RoleARN: (documentation changed)
│         │    └ VersionId: (documentation changed)
│         ├[~] type Serializer
│         │ └  - documentation: The serializer that you want Kinesis Data Firehose to use to convert data to the target format before writing it to Amazon S3. Kinesis Data Firehose supports two types of serializers: the [ORC SerDe](https://docs.aws.amazon.com/https://hive.apache.org/javadocs/r1.2.2/api/org/apache/hadoop/hive/ql/io/orc/OrcSerde.html) and the [Parquet SerDe](https://docs.aws.amazon.com/https://hive.apache.org/javadocs/r1.2.2/api/org/apache/hadoop/hive/ql/io/parquet/serde/ParquetHiveSerDe.html) .
│         │    + documentation: The serializer that you want Firehose to use to convert data to the target format before writing it to Amazon S3. Firehose supports two types of serializers: the [ORC SerDe](https://docs.aws.amazon.com/https://hive.apache.org/javadocs/r1.2.2/api/org/apache/hadoop/hive/ql/io/orc/OrcSerde.html) and the [Parquet SerDe](https://docs.aws.amazon.com/https://hive.apache.org/javadocs/r1.2.2/api/org/apache/hadoop/hive/ql/io/parquet/serde/ParquetHiveSerDe.html) .
│         ├[~] type SnowflakeDestinationConfiguration
│         │ ├  - documentation: undefined
│         │ │  + documentation: Configure Snowflake destination
│         │ └ properties
│         │    ├ AccountUrl: (documentation changed)
│         │    ├ ContentColumnName: (documentation changed)
│         │    ├ Database: (documentation changed)
│         │    ├ DataLoadingOption: (documentation changed)
│         │    ├ KeyPassphrase: (documentation changed)
│         │    ├ MetaDataColumnName: (documentation changed)
│         │    ├ PrivateKey: (documentation changed)
│         │    ├ RetryOptions: (documentation changed)
│         │    ├ RoleARN: (documentation changed)
│         │    ├ S3BackupMode: (documentation changed)
│         │    ├ Schema: (documentation changed)
│         │    ├ SnowflakeRoleConfiguration: (documentation changed)
│         │    ├ SnowflakeVpcConfiguration: (documentation changed)
│         │    ├ Table: (documentation changed)
│         │    └ User: (documentation changed)
│         ├[~] type SnowflakeRetryOptions
│         │ ├  - documentation: undefined
│         │ │  + documentation: Specify how long Firehose retries sending data to the New Relic HTTP endpoint. After sending data, Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket. Every time that Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint. Even if the retry duration expires, Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired. If you don't want Firehose to retry sending data, set this value to 0.
│         │ └ properties
│         │    └ DurationInSeconds: (documentation changed)
│         ├[~] type SnowflakeRoleConfiguration
│         │ ├  - documentation: undefined
│         │ │  + documentation: Optionally configure a Snowflake role. Otherwise the default user role will be used.
│         │ └ properties
│         │    ├ Enabled: (documentation changed)
│         │    └ SnowflakeRole: (documentation changed)
│         ├[~] type SnowflakeVpcConfiguration
│         │ ├  - documentation: undefined
│         │ │  + documentation: Configure a Snowflake VPC
│         │ └ properties
│         │    └ PrivateLinkVpceId: (documentation changed)
│         ├[~] type SplunkDestinationConfiguration
│         │ └ properties
│         │    ├ HECAcknowledgmentTimeoutInSeconds: (documentation changed)
│         │    ├ HECEndpoint: (documentation changed)
│         │    ├ RetryOptions: (documentation changed)
│         │    └ S3BackupMode: (documentation changed)
│         └[~] type SplunkRetryOptions
│           └ properties
│              └ DurationInSeconds: (documentation changed)
├[~] service aws-lambda
│ └ resources
│    └[~] resource AWS::Lambda::Permission
│      └ attributes
│         └ Id: (documentation changed)
├[~] service aws-lightsail
│ └ resources
│    ├[~] resource AWS::Lightsail::Container
│    │ ├ properties
│    │ │  └ PrivateRegistryAccess: (documentation changed)
│    │ ├ attributes
│    │ │  └ PrivateRegistryAccess.EcrImagePullerRole.PrincipalArn: (documentation changed)
│    │ └ types
│    │    └[~] type PrivateRegistryAccess
│    │      └  - documentation: Describes the configuration for an Amazon Lightsail container service to access private container image repositories, such a…
Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date.
@jonife jonife closed this Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

aws_lambda_nodejs: Using Lambda Provided SDK by default in NodejsFunction leads to higher cold starts