From c3b42618a290302928461f7cd13d57929419d324 Mon Sep 17 00:00:00 2001 From: github-actions Date: Tue, 8 Apr 2025 16:05:30 +0000 Subject: [PATCH] chore(schema): update --- samtranslator/schema/schema.json | 38 +++--- schema_source/cloudformation-docs.json | 166 ++++++++++++++++------- schema_source/cloudformation.schema.json | 38 +++--- 3 files changed, 155 insertions(+), 87 deletions(-) diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index a0c11185e..8c165c713 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -9785,7 +9785,7 @@ "type": "string" }, "Description": { - "markdownDescription": "A description of the configuration.", + "markdownDescription": "A description of the configuration.\n\n> Due to HTTP limitations, this field only supports ASCII characters.", "title": "Description", "type": "string" }, @@ -31954,7 +31954,7 @@ "items": { "type": "string" }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.", + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", "title": "RegionList", "type": "array" }, @@ -67549,7 +67549,7 @@ "items": { "type": "string" }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "title": "NonKeyAttributes", "type": "array" }, @@ -68203,7 +68203,7 @@ "items": { "type": "string" }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "title": "NonKeyAttributes", "type": "array" }, @@ -73433,7 +73433,7 @@ "type": "string" }, "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", "title": "DeviceIndex", "type": "number" }, @@ -76608,7 +76608,7 @@ "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, - "markdownDescription": "The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", + "markdownDescription": "The outbound rules associated with the security group.", "title": "SecurityGroupEgress", "type": "array" }, @@ -76616,7 +76616,7 @@ "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" }, - "markdownDescription": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", + "markdownDescription": "The inbound rules associated with the security group.", "title": "SecurityGroupIngress", "type": "array" }, @@ -99853,7 +99853,7 @@ "type": "number" }, "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage. HDD is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", "title": "StorageType", "type": "string" }, @@ -100025,7 +100025,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100108,7 +100108,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100188,7 +100188,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100362,7 +100362,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -102917,7 +102917,7 @@ "type": "string" }, "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "title": "OperatingSystem", "type": "string" }, @@ -112509,7 +112509,7 @@ "items": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint.", + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", "title": "EndpointDetails", "type": "array" }, @@ -134188,7 +134188,7 @@ "items": { "type": "string" }, - "markdownDescription": "The security groups for the connector.", + "markdownDescription": "The security group IDs for the connector.", "title": "SecurityGroups", "type": "array" }, @@ -262848,7 +262848,7 @@ "additionalProperties": false, "properties": { "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active.", + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", "title": "ActiveDate", "type": "string" }, @@ -262868,7 +262868,7 @@ "type": "string" }, "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive.", + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", "title": "InactiveDate", "type": "string" }, @@ -263038,7 +263038,7 @@ "type": "string" }, "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", "title": "MdnResponse", "type": "string" }, @@ -263239,7 +263239,7 @@ "type": "string" }, "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", "title": "LoggingRole", "type": "string" }, diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index 41a09c269..d76f67918 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -1125,6 +1125,7 @@ "DisableExecuteApiEndpoint": "Specifies whether clients can invoke your API by using the default `execute-api` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.", "DisableSchemaValidation": "Avoid validating models when creating a deployment. Supported only for WebSocket APIs.", "FailOnWarnings": "Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.", + "IpAddressType": "The IP address types that can invoke the API. Use `ipv4` to allow only IPv4 addresses to invoke your API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your API.\n\nDon\u2019t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.", "Name": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "ProtocolType": "The API protocol. Valid values are `WEBSOCKET` or `HTTP` . Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "RouteKey": "This property is part of quick create. If you don't specify a `routeKey` , a default route of `$default` is created. The `$default` route acts as a catch-all for any request made to your API, for a particular stage. The `$default` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.", @@ -1223,6 +1224,7 @@ "CertificateArn": "An AWS -managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.", "CertificateName": "The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name.", "EndpointType": "The endpoint type.", + "IpAddressType": "The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name.", "OwnershipVerificationCertificateArn": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "SecurityPolicy": "The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are `TLS_1_0` and `TLS_1_2` ." }, @@ -1450,7 +1452,7 @@ "ConfigurationProfileId": "The configuration profile ID.", "Content": "The configuration data, as bytes.\n\n> AWS AppConfig accepts any type of data, including text formats like JSON or TOML, or binary formats like protocol buffers or compressed data.", "ContentType": "A standard MIME type describing the format of the configuration content. For more information, see [Content-Type](https://docs.aws.amazon.com/https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17) .", - "Description": "A description of the configuration.", + "Description": "A description of the configuration.\n\n> Due to HTTP limitations, this field only supports ASCII characters.", "LatestVersionNumber": "An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.", "VersionLabel": "A user-defined label for an AWS AppConfig hosted configuration version." }, @@ -3772,6 +3774,10 @@ "DurationUnit": "Specifies the calendar interval unit.", "StartTime": "The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\n\nWhen used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example: `1698778057`\n\nAs soon as one calendar interval ends, another automatically begins." }, + "AWS::ApplicationSignals::ServiceLevelObjective DependencyConfig": { + "DependencyKeyAttributes": "This is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", + "DependencyOperationName": "The name of the called operation in the dependency." + }, "AWS::ApplicationSignals::ServiceLevelObjective Dimension": { "Name": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon ( `:` ). ASCII control characters are not supported as part of dimension names.", "Value": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values." @@ -3822,6 +3828,7 @@ "RequestBasedSliMetric": "A structure that contains information about the metric that the SLO monitors." }, "AWS::ApplicationSignals::ServiceLevelObjective RequestBasedSliMetric": { + "DependencyConfig": "", "KeyAttributes": "This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.\n\n- `Type` designates the type of object that this SLO is related to.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.\n- `AwsAccountId` allows you to create an SLO for an object that exists in another account.", "MetricType": "If the SLO monitors either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, this field displays which of those metrics is used.", "MonitoredRequestCountMetric": "Use this structure to define the metric that you want to use as the \"good request\" or \"bad request\" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks.", @@ -3838,6 +3845,7 @@ "SliMetric": "Use this structure to specify the metric to be used for the SLO." }, "AWS::ApplicationSignals::ServiceLevelObjective SliMetric": { + "DependencyConfig": "", "KeyAttributes": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to.", "MetricDataQueries": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.", "MetricType": "If the SLO is to monitor either the `LATENCY` or `AVAILABILITY` metric that Application Signals collects, use this field to specify which of those metrics is used.", @@ -5941,7 +5949,9 @@ "WordPolicyConfig": "The word policy you configure for the guardrail." }, "AWS::Bedrock::Guardrail ContentFilterConfig": { + "InputModalities": "", "InputStrength": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", + "OutputModalities": "", "OutputStrength": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", "Type": "The harmful category that the content filter is applied to." }, @@ -6172,7 +6182,7 @@ "Variants": "A list of objects, each containing details about a variant of the prompt." }, "AWS::Bedrock::Prompt CachePointBlock": { - "Type": "Indicates that the CachePointBlock is of the default type" + "Type": "Specifies the type of cache point within the CachePointBlock." }, "AWS::Bedrock::Prompt ChatPromptTemplateConfiguration": { "InputVariables": "An array of the variables in the prompt template.", @@ -6181,7 +6191,7 @@ "ToolConfiguration": "Configuration information for the tools that the model can use when generating a response." }, "AWS::Bedrock::Prompt ContentBlock": { - "CachePoint": "Creates a cache checkpoint within a message.", + "CachePoint": "CachePoint to include in the message.", "Text": "Text to include in the message." }, "AWS::Bedrock::Prompt Message": { @@ -6228,7 +6238,7 @@ "Name": "The name of the tool that the model must request." }, "AWS::Bedrock::Prompt SystemContentBlock": { - "CachePoint": "Creates a cache checkpoint within a tool designation", + "CachePoint": "CachePoint to include in the system prompt.", "Text": "A system prompt for the model." }, "AWS::Bedrock::Prompt TextPromptTemplateConfiguration": { @@ -6243,7 +6253,7 @@ "Version": "The version of the Amazon S3 location to use." }, "AWS::Bedrock::Prompt Tool": { - "CachePoint": "Creates a cache checkpoint within a tool designation", + "CachePoint": "CachePoint to include in the tool configuration.", "ToolSpec": "The specfication for the tool." }, "AWS::Bedrock::Prompt ToolChoice": { @@ -6269,7 +6279,7 @@ "Tags": "A map of tags attached to the prompt version and their values." }, "AWS::Bedrock::PromptVersion CachePointBlock": { - "Type": "Indicates that the CachePointBlock is of the default type" + "Type": "Specifies the type of cache point within the CachePointBlock." }, "AWS::Bedrock::PromptVersion ChatPromptTemplateConfiguration": { "InputVariables": "An array of the variables in the prompt template.", @@ -6278,7 +6288,7 @@ "ToolConfiguration": "Configuration information for the tools that the model can use when generating a response." }, "AWS::Bedrock::PromptVersion ContentBlock": { - "CachePoint": "Creates a cache checkpoint within a message.", + "CachePoint": "CachePoint to include in the message.", "Text": "Text to include in the message." }, "AWS::Bedrock::PromptVersion Message": { @@ -6325,7 +6335,7 @@ "Name": "The name of the tool that the model must request." }, "AWS::Bedrock::PromptVersion SystemContentBlock": { - "CachePoint": "Creates a cache checkpoint within a tool designation", + "CachePoint": "CachePoint to include in the system prompt.", "Text": "A system prompt for the model." }, "AWS::Bedrock::PromptVersion TextPromptTemplateConfiguration": { @@ -6334,7 +6344,7 @@ "Text": "The message for the prompt." }, "AWS::Bedrock::PromptVersion Tool": { - "CachePoint": "Creates a cache checkpoint within a tool designation", + "CachePoint": "CachePoint to include in the tool configuration.", "ToolSpec": "The specfication for the tool." }, "AWS::Bedrock::PromptVersion ToolChoice": { @@ -6608,7 +6618,7 @@ "Tags": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." }, "AWS::Cassandra::Keyspace ReplicationSpecification": { - "RegionList": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.", + "RegionList": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", "ReplicationStrategy": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required." }, "AWS::Cassandra::Keyspace Tag": { @@ -13155,7 +13165,7 @@ "RecoveryPeriodInDays": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35." }, "AWS::DynamoDB::GlobalTable Projection": { - "NonKeyAttributes": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "NonKeyAttributes": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "ProjectionType": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default." }, "AWS::DynamoDB::GlobalTable ReadOnDemandThroughputSettings": { @@ -13299,7 +13309,7 @@ "RecoveryPeriodInDays": "The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35." }, "AWS::DynamoDB::Table Projection": { - "NonKeyAttributes": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "NonKeyAttributes": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "ProjectionType": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default." }, "AWS::DynamoDB::Table ProvisionedThroughput": { @@ -13924,7 +13934,7 @@ "DeleteOnTermination": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", "Description": "The description of the network interface. Applies only if creating a network interface when launching an instance.", "DeviceIndex": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", - "EnaSrdSpecification": "", + "EnaSrdSpecification": "Configures ENA Express for UDP network traffic.", "GroupSet": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", "Ipv6AddressCount": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", "Ipv6Addresses": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", @@ -14185,7 +14195,7 @@ "ConnectionTrackingSpecification": "A connection tracking specification for the network interface.", "DeleteOnTermination": "Indicates whether the network interface is deleted when the instance is terminated.", "Description": "A description for the network interface.", - "DeviceIndex": "The device index for the network interface attachment. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "DeviceIndex": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", "EnaSrdSpecification": "The ENA Express configuration for the network interface.", "Groups": "The IDs of one or more security groups.", "InterfaceType": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` or `efa` . For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nIf you specify `efa-only` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses.\n\nValid values: `interface` | `efa` | `efa-only`", @@ -14661,6 +14671,48 @@ "VpcEndpointId": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", "VpcPeeringConnectionId": "The ID of a VPC peering connection." }, + "AWS::EC2::RouteServer": { + "AmazonSideAsn": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "PersistRoutes": "Indicates whether routes should be persisted after all BGP sessions are terminated.", + "PersistRoutesDuration": "The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if `persistRoutesState` is 'enabled'.\n\nIf you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.", + "SnsNotificationsEnabled": "Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .", + "Tags": "Any tags assigned to the route server." + }, + "AWS::EC2::RouteServer Tag": { + "Key": "The key of the tag.\n\nConstraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with `aws:` .", + "Value": "The value of the tag.\n\nConstraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters." + }, + "AWS::EC2::RouteServerAssociation": { + "RouteServerId": "The ID of the associated route server.", + "VpcId": "The ID of the associated VPC." + }, + "AWS::EC2::RouteServerEndpoint": { + "RouteServerId": "The ID of the route server associated with this endpoint.", + "SubnetId": "The ID of the subnet to place the route server endpoint into.", + "Tags": "Any tags assigned to the route server endpoint." + }, + "AWS::EC2::RouteServerEndpoint Tag": { + "Key": "The key of the tag.\n\nConstraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with `aws:` .", + "Value": "The value of the tag.\n\nConstraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters." + }, + "AWS::EC2::RouteServerPeer": { + "BgpOptions": "The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.", + "PeerAddress": "The IPv4 address of the peer device.", + "RouteServerEndpointId": "The ID of the route server endpoint associated with this peer.", + "Tags": "Any tags assigned to the route server peer." + }, + "AWS::EC2::RouteServerPeer BgpOptions": { + "PeerAsn": "The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512\u201365534 (16-bit ASN) or 4200000000\u20134294967294 (32-bit ASN) range.", + "PeerLivenessDetection": "The liveness detection protocol used for the BGP peer.\n\nThe requested liveness detection protocol for the BGP peer.\n\n- `bgp-keepalive` : The standard BGP keep alive mechanism ( [RFC4271](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21) ) that is stable but may take longer to fail-over in cases of network impact or router failure.\n- `bfd` : An additional Bidirectional Forwarding Detection (BFD) protocol ( [RFC5880](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880) ) that enables fast failover by using more sensitive liveness detection.\n\nDefaults to `bgp-keepalive` ." + }, + "AWS::EC2::RouteServerPeer Tag": { + "Key": "The key of the tag.\n\nConstraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with `aws:` .", + "Value": "The value of the tag.\n\nConstraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters." + }, + "AWS::EC2::RouteServerPropagation": { + "RouteServerId": "The ID of the route server configured for route propagation.", + "RouteTableId": "The ID of the route table configured for route server propagation." + }, "AWS::EC2::RouteTable": { "Tags": "Any tags assigned to the route table.", "VpcId": "The ID of the VPC." @@ -14672,8 +14724,8 @@ "AWS::EC2::SecurityGroup": { "GroupDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", "GroupName": "The name of the security group. Names are case-insensitive and must be unique within the VPC.\n\nConstraints: Up to 255 characters in length. Can't start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", - "SecurityGroupEgress": "The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", - "SecurityGroupIngress": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", + "SecurityGroupEgress": "The outbound rules associated with the security group.", + "SecurityGroupIngress": "The inbound rules associated with the security group.", "Tags": "Any tags assigned to the security group.", "VpcId": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails." }, @@ -16269,7 +16321,7 @@ "Logging": "The logging configuration for your cluster.", "Name": "The unique name to give to your cluster. The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphanumeric character and can't be longer than 100 characters. The name must be unique within the AWS Region and AWS account that you're creating the cluster in. Note that underscores can't be used in AWS CloudFormation .", "OutpostConfig": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", - "RemoteNetworkConfig": "The configuration in the cluster for EKS Hybrid Nodes. You can't change or update this configuration after the cluster is created.", + "RemoteNetworkConfig": "The configuration in the cluster for EKS Hybrid Nodes. You can add, change, or remove this configuration after the cluster is created.", "ResourcesVpcConfig": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", "RoleArn": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", "StorageConfig": "Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your AWS account. For more information, see EKS Auto Mode block storage capability in the *Amazon EKS User Guide* .", @@ -18563,7 +18615,7 @@ "OpenZFSConfiguration": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.", "SecurityGroupIds": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", "StorageCapacity": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", - "StorageType": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage. HDD is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "StorageType": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", "SubnetIds": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", "Tags": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", "WindowsConfiguration": "The configuration object for the Microsoft Windows file system you are creating.\n\nThis value is required if `FileSystemType` is set to `WINDOWS` ." @@ -18595,7 +18647,7 @@ "ImportedFileChunkSize": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", "MetadataConfiguration": "", "PerUnitStorageThroughput": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", - "WeeklyMaintenanceStartTime": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." + "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." }, "AWS::FSx::FileSystem MetadataConfiguration": { "Iops": "", @@ -18616,7 +18668,7 @@ "RouteTableIds": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", "ThroughputCapacity": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", "ThroughputCapacityPerHAPair": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", - "WeeklyMaintenanceStartTime": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." + "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." }, "AWS::FSx::FileSystem OpenZFSConfiguration": { "AutomaticBackupRetentionDays": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", @@ -18632,7 +18684,7 @@ "RootVolumeConfiguration": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", "RouteTableIds": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", "ThroughputCapacity": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the `DeploymentType` and `StorageType` that you choose, as follows:\n\n- For `INTELIGENT_TIERING` , valid values are 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", - "WeeklyMaintenanceStartTime": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." + "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." }, "AWS::FSx::FileSystem ReadCacheConfiguration": { "SizeGiB": "Required if `SizingMode` is set to `USER_PROVISIONED` . Specifies the size of the file system's SSD read cache, in gibibytes (GiB).", @@ -18675,7 +18727,7 @@ "PreferredSubnetId": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", "SelfManagedActiveDirectoryConfiguration": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", "ThroughputCapacity": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", - "WeeklyMaintenanceStartTime": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday." + "WeeklyMaintenanceStartTime": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday." }, "AWS::FSx::Snapshot": { "Name": "The name of the snapshot.", @@ -19038,18 +19090,24 @@ "AWS::GameLift::Alias": { "Description": "A human-readable description of the alias.", "Name": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", - "RoutingStrategy": "The routing configuration, including routing type and fleet target, for the alias." + "RoutingStrategy": "The routing configuration, including routing type and fleet target, for the alias.", + "Tags": "" }, "AWS::GameLift::Alias RoutingStrategy": { "FleetId": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", "Message": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", "Type": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property." }, + "AWS::GameLift::Alias Tag": { + "Key": "The key for a developer-defined key value pair for tagging an AWS resource.", + "Value": "The value for a developer-defined key value pair for tagging an AWS resource." + }, "AWS::GameLift::Build": { "Name": "A descriptive label that is associated with a build. Build names do not need to be unique.", "OperatingSystem": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "ServerSdkVersion": "A server SDK version you used when integrating your game server build with Amazon GameLift Servers. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift Servers sets this value to `4.0.2` .", "StorageLocation": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift Servers to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift Servers will report a `SizeOnDisk` of 0.", + "Tags": "", "Version": "Version information that is associated with this build. Version strings do not need to be unique." }, "AWS::GameLift::Build StorageLocation": { @@ -19058,6 +19116,10 @@ "ObjectVersion": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift Servers retrieves the latest version of the file.", "RoleArn": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket." }, + "AWS::GameLift::Build Tag": { + "Key": "The key for a developer-defined key value pair for tagging an AWS resource.", + "Value": "The value for a developer-defined key value pair for tagging an AWS resource." + }, "AWS::GameLift::ContainerFleet": { "BillingType": "Indicates whether the fleet uses On-Demand or Spot instances for this fleet. Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . You can't update this fleet property.\n\nBy default, this property is set to `ON_DEMAND` .", "DeploymentConfiguration": "Set of rules for processing a deployment for a container fleet update.", @@ -19135,7 +19197,7 @@ "ContainerGroupType": "The type of container group. Container group type determines how Amazon GameLift Servers deploys the container group on each fleet instance.", "GameServerContainerDefinition": "The definition for the game server container in this group. This property is used only when the container group type is `GAME_SERVER` . This container definition specifies a container image with the game server build.", "Name": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", - "OperatingSystem": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "OperatingSystem": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "SourceVersionNumber": "", "SupportContainerDefinitions": "The set of definitions for support containers in this group. A container group definition might have zero support container definitions. Support container can be used in any type of container group.", "Tags": "", @@ -20696,7 +20758,7 @@ "AWS::GroundStation::DataflowEndpointGroup": { "ContactPostPassDurationSeconds": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", "ContactPrePassDurationSeconds": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", - "EndpointDetails": "List of Endpoint Details, containing address and port for each endpoint.", + "EndpointDetails": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", "Tags": "Tags assigned to a resource." }, "AWS::GroundStation::DataflowEndpointGroup AwsGroundStationAgentEndpoint": { @@ -24293,7 +24355,7 @@ "Value": "" }, "AWS::KafkaConnect::Connector Vpc": { - "SecurityGroups": "The security groups for the connector.", + "SecurityGroups": "The security group IDs for the connector.", "Subnets": "The subnets for the connector." }, "AWS::KafkaConnect::Connector WorkerConfiguration": { @@ -24748,6 +24810,7 @@ "ResourcePolicy": "This is the description for the resource policy." }, "AWS::Kinesis::Stream": { + "DesiredShardLevelMetrics": "A list of shard-level metrics in properties to enable enhanced monitoring mode.", "Name": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "RetentionPeriodHours": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", "ShardCount": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", @@ -31366,23 +31429,23 @@ "AWS::OpenSearchService::Application": { "AppConfigs": "", "DataSources": "", - "Endpoint": "Endpoint URL of an OpenSearch Application.", - "IamIdentityCenterOptions": "Container for IAM Identity Center Options settings.", - "Name": "Name of an OpenSearch Application.", + "Endpoint": "The endpoint URL of an OpenSearch application.", + "IamIdentityCenterOptions": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", + "Name": "The name of an OpenSearch application.", "Tags": "" }, "AWS::OpenSearchService::Application AppConfig": { - "Key": "Specify the item to configure, such as admin role for the OpenSearch Application.", - "Value": "Specifies the value to configure for the key, such as an IAM user ARN." + "Key": "The configuration item to set, such as the admin role for the OpenSearch application.", + "Value": "The value assigned to the configuration key, such as an IAM user ARN." }, "AWS::OpenSearchService::Application DataSource": { "DataSourceArn": "", "DataSourceDescription": "Detailed description of a data source." }, "AWS::OpenSearchService::Application IamIdentityCenterOptions": { - "Enabled": "IAM Identity Center is enabled for the OpenSearch Application.", + "Enabled": "Indicates whether IAM Identity Center is enabled for the OpenSearch application.", "IamIdentityCenterInstanceArn": "", - "IamRoleForIdentityCenterApplicationArn": "Amazon Resource Name of the IAM Identity Center's Application created for the OpenSearch Application after enabling IAM Identity Center." + "IamRoleForIdentityCenterApplicationArn": "The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application." }, "AWS::OpenSearchService::Application Tag": { "Key": "The tag key. Tag keys must be unique for the domain to which they are attached.", @@ -31400,7 +31463,7 @@ "EncryptionAtRestOptions": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", "EngineVersion": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "IPAddressType": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", - "IdentityCenterOptions": "Container for IAM Identity Center Option control for the domain.", + "IdentityCenterOptions": "Configuration options for controlling IAM Identity Center integration within a domain.", "LogPublishingOptions": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", "NodeToNodeEncryptionOptions": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", "OffPeakWindowOptions": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", @@ -31462,12 +31525,12 @@ "KmsKeyId": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property." }, "AWS::OpenSearchService::Domain IdentityCenterOptions": { - "EnabledAPIAccess": "True to enable IAM Identity Center for API access in Amazon OpenSearch Service.", - "IdentityCenterApplicationARN": "The ARN for IAM Identity Center Application which will integrate with Amazon OpenSearch Service.", - "IdentityCenterInstanceARN": "The ARN for IAM Identity Center Instance.", - "IdentityStoreId": "The ID of IAM Identity Store.", - "RolesKey": "Specify the attribute that contains the backend role (groupName, groupID) of IAM Identity Center", - "SubjectKey": "Specify the attribute that contains the subject (username, userID, email) of IAM Identity Center." + "EnabledAPIAccess": "Indicates whether IAM Identity Center is enabled for the application.", + "IdentityCenterApplicationARN": "The ARN of the IAM Identity Center application that integrates with Amazon OpenSearch Service.", + "IdentityCenterInstanceARN": "The Amazon Resource Name (ARN) of the IAM Identity Center instance.", + "IdentityStoreId": "The identifier of the IAM Identity Store.", + "RolesKey": "Specifies the attribute that contains the backend role identifier (such as group name or group ID) in IAM Identity Center.", + "SubjectKey": "Specifies the attribute that contains the subject identifier (such as username, user ID, or email) in IAM Identity Center." }, "AWS::OpenSearchService::Domain Idp": { "EntityId": "The unique entity ID of the application in the SAML identity provider.", @@ -31489,13 +31552,13 @@ "MasterUserPassword": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead." }, "AWS::OpenSearchService::Domain NodeConfig": { - "Count": "The number of nodes of a particular node type in the cluster.", - "Enabled": "A boolean that indicates whether a particular node type is enabled or not.", - "Type": "The instance type of a particular node type in the cluster." + "Count": "The number of nodes of a specific type within the cluster.", + "Enabled": "A boolean value indicating whether a specific node type is active or inactive.", + "Type": "The instance type of a particular node within the cluster." }, "AWS::OpenSearchService::Domain NodeOption": { - "NodeConfig": "Container for specifying configuration of any node type.", - "NodeType": "Container for node type like coordinating." + "NodeConfig": "Configuration options for defining the setup of any node type.", + "NodeType": "Defines the type of node, such as coordinating nodes." }, "AWS::OpenSearchService::Domain NodeToNodeEncryptionOptions": { "Enabled": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) ." @@ -43838,7 +43901,11 @@ "Port": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", "PricePerformanceTarget": "An object that represents the price performance target settings for the workgroup.", "PubliclyAccessible": "A value that specifies whether the workgroup can be accessible from a public network.", + "RecoveryPointId": "", "SecurityGroupIds": "A list of security group IDs to associate with the workgroup.", + "SnapshotArn": "", + "SnapshotName": "", + "SnapshotOwnerAccount": "The owner AWS ; account of the snapshot.", "SubnetIds": "A list of subnet IDs the workgroup is associated with.", "Tags": "The map of the key-value pairs used to tag the workgroup.", "TrackName": "An optional parameter for the name of the track for the workgroup. If you don't provide a track name, the workgroup is assigned to the current track.", @@ -48021,6 +48088,7 @@ "AuthType": "", "EnableIamSessionBasedIdentity": "", "ExecutionRoleArn": "", + "KmsKeyId": "", "MaintenanceConfig": "", "Name": "The name of the SageMaker Partner AI App.", "Tags": "", @@ -49597,11 +49665,11 @@ "Value": "Contains one or more values that you assigned to the key name you create." }, "AWS::Transfer::Certificate": { - "ActiveDate": "An optional date that specifies when the certificate becomes active.", + "ActiveDate": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", "Certificate": "The file name for the certificate.", "CertificateChain": "The list of certificates that make up the chain for the certificate.", "Description": "The name or description that's used to identity the certificate.", - "InactiveDate": "An optional date that specifies when the certificate becomes inactive.", + "InactiveDate": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", "PrivateKey": "The file that contains the private key for the certificate that's being imported.", "Tags": "Key-value pairs that can be used to group and search for certificates.", "Usage": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS" @@ -49624,7 +49692,7 @@ "Compression": "Specifies whether the AS2 file is compressed.", "EncryptionAlgorithm": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", "LocalProfileId": "A unique identifier for the AS2 local profile.", - "MdnResponse": "Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "MdnResponse": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", "MdnSigningAlgorithm": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", "MessageSubject": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", "PartnerProfileId": "A unique identifier for the partner profile for the connector.", @@ -49656,7 +49724,7 @@ "EndpointType": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", "IdentityProviderDetails": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when `IdentityProviderType` is set to `SERVICE_MANAGED` .", "IdentityProviderType": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", - "LoggingRole": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.", + "LoggingRole": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", "PostAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", "PreAuthenticationLoginBanner": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", "ProtocolDetails": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index daa71469a..94758736a 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -9771,7 +9771,7 @@ "type": "string" }, "Description": { - "markdownDescription": "A description of the configuration.", + "markdownDescription": "A description of the configuration.\n\n> Due to HTTP limitations, this field only supports ASCII characters.", "title": "Description", "type": "string" }, @@ -31926,7 +31926,7 @@ "items": { "type": "string" }, - "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.", + "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in.\n\nTo specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* .", "title": "RegionList", "type": "array" }, @@ -67521,7 +67521,7 @@ "items": { "type": "string" }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "title": "NonKeyAttributes", "type": "array" }, @@ -68168,7 +68168,7 @@ "items": { "type": "string" }, - "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", + "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes.", "title": "NonKeyAttributes", "type": "array" }, @@ -73398,7 +73398,7 @@ "type": "string" }, "DeviceIndex": { - "markdownDescription": "The device index for the network interface attachment. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", + "markdownDescription": "The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type `interface` , you must specify a device index.\n\nIf you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the `LaunchTemplate` property of `AWS::EC2::Instance` , then you must include a primary network interface using the `NetworkInterfaces` property of `AWS::EC2::Instance` .", "title": "DeviceIndex", "type": "number" }, @@ -76573,7 +76573,7 @@ "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, - "markdownDescription": "The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", + "markdownDescription": "The outbound rules associated with the security group.", "title": "SecurityGroupEgress", "type": "array" }, @@ -76581,7 +76581,7 @@ "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" }, - "markdownDescription": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", + "markdownDescription": "The inbound rules associated with the security group.", "title": "SecurityGroupIngress", "type": "array" }, @@ -99811,7 +99811,7 @@ "type": "number" }, "StorageType": { - "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage. HDD is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", + "markdownDescription": "Sets the storage class for the file system that you're creating. Valid values are `SSD` , `HDD` , and `INTELLIGENT_TIERING` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage, which is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n- Set to `INTELLIGENT_TIERING` to use fully elastic, intelligently-tiered storage. Intelligent-Tiering is only available for OpenZFS file systems with the Multi-AZ deployment type.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* , [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* , and [Working with Intelligent-Tiering](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance-intelligent-tiering) in the *Amazon FSx for OpenZFS User Guide* .", "title": "StorageType", "type": "string" }, @@ -99983,7 +99983,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100066,7 +100066,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100146,7 +100146,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -100320,7 +100320,7 @@ "type": "number" }, "WeeklyMaintenanceStartTime": { - "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", + "markdownDescription": "The preferred start time to perform weekly maintenance, formatted d:HH:MM in the UTC time zone, where d is the weekday number, from 1 through 7, beginning with Monday and ending with Sunday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } @@ -102875,7 +102875,7 @@ "type": "string" }, "OperatingSystem": { - "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", + "markdownDescription": "The platform that all containers in the container group definition run on.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use server SDK version 4.x for Amazon GameLift Servers, first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "title": "OperatingSystem", "type": "string" }, @@ -112467,7 +112467,7 @@ "items": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" }, - "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint.", + "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint. All dataflow endpoints within a single dataflow endpoint group must be of the same type. You cannot mix AWS Ground Station Agent endpoints with Dataflow endpoints in the same group. If your use case requires both types of endpoints, you must create separate dataflow endpoint groups for each type.", "title": "EndpointDetails", "type": "array" }, @@ -134146,7 +134146,7 @@ "items": { "type": "string" }, - "markdownDescription": "The security groups for the connector.", + "markdownDescription": "The security group IDs for the connector.", "title": "SecurityGroups", "type": "array" }, @@ -262771,7 +262771,7 @@ "additionalProperties": false, "properties": { "ActiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes active.", + "markdownDescription": "An optional date that specifies when the certificate becomes active. If you do not specify a value, `ActiveDate` takes the same value as `NotBeforeDate` , which is specified by the CA.", "title": "ActiveDate", "type": "string" }, @@ -262791,7 +262791,7 @@ "type": "string" }, "InactiveDate": { - "markdownDescription": "An optional date that specifies when the certificate becomes inactive.", + "markdownDescription": "An optional date that specifies when the certificate becomes inactive. If you do not specify a value, `InactiveDate` takes the same value as `NotAfterDate` , which is specified by the CA.", "title": "InactiveDate", "type": "string" }, @@ -262961,7 +262961,7 @@ "type": "string" }, "MdnResponse": { - "markdownDescription": "Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", + "markdownDescription": "Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", "title": "MdnResponse", "type": "string" }, @@ -263162,7 +263162,7 @@ "type": "string" }, "LoggingRole": { - "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.", + "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.", "title": "LoggingRole", "type": "string" },