Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sources): update documentation #1305

Merged
merged 1 commit into from
Sep 18, 2024
Merged

feat(sources): update documentation #1305

merged 1 commit into from
Sep 18, 2024

Conversation

aws-cdk-automation
Copy link
Contributor

⚠️ This Pull Request updates daily and will overwrite all manual changes pushed to the branch

Updates the documentation source from upstream. See details in workflow run.

Automatically created by projen via the "update-source-documentation" workflow

feat(sources): update documentation
d6f0f3b 
> ⚠️ This Pull Request updates daily and will overwrite **all** manual changes pushed to the branch

Updates the documentation source from upstream. See details in [workflow run].

[Workflow Run]: https://github.com/cdklabs/awscdk-service-spec/actions/runs/10914962174

------

*Automatically created by projen via the "update-source-documentation" workflow*

Signed-off-by: github-actions <[email protected]>
@github-actions GitHub Actions
Copy link

To work on this Pull Request, please create a new branch and PR. This prevents your work from being deleted by the automation.

Run the following commands inside the repo:

gh co 1305
git switch -c fix-pr-1305 && git push -u origin HEAD
gh pr create -t "fix: PR #1305" --body "Fixes https://github.com/cdklabs/awscdk-service-spec/pull/1305"

@github-actions GitHub Actions
Copy link

@aws-cdk/aws-service-spec: Model database diff detected

├[~] service aws-appconfig
│ └ resources
│    └[~] resource AWS::AppConfig::ConfigurationProfile
│      └ properties
│         └ LocationUri: (documentation changed)
├[~] service aws-auditmanager
│ └ resources
│    └[~] resource AWS::AuditManager::Assessment
│      └ types
│         ├[~] type AWSService
│         │ ├  - documentation: The `AWSService` property type specifies an  such as Amazon S3 , AWS CloudTrail , and so on.
│         │ │  + documentation: The `AWSService` property type specifies an AWS service such as Amazon S3 , AWS CloudTrail , and so on.
│         │ └ properties
│         │    └ ServiceName: (documentation changed)
│         └[~] type Scope
│           └ properties
│              └ AwsServices: (documentation changed)
├[~] service aws-codeconnections
│ └ resources
│    └[~] resource AWS::CodeConnections::Connection
│      └ attributes
│         └ ConnectionArn: (documentation changed)
├[~] service aws-cognito
│ └ resources
│    └[~] resource AWS::Cognito::LogDeliveryConfiguration
│      └ types
│         └[~] type LogConfiguration
│           └  - documentation: The configuration of user event logs to an external AWS-service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs.
│              This data type is a request parameter of [SetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetLogDeliveryConfiguration.html) and a response parameter of [GetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetLogDeliveryConfiguration.html) .
│              + documentation: The configuration of user event logs to an external AWS service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs.
│              This data type is a request parameter of [SetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetLogDeliveryConfiguration.html) and a response parameter of [GetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetLogDeliveryConfiguration.html) .
├[~] service aws-datazone
│ └ resources
│    └[~] resource AWS::DataZone::EnvironmentActions
│      ├  - documentation: Definition of AWS::DataZone::EnvironmentActions Resource Type
│      │  + documentation: The details about the specified action configured for an environment. For example, the details of the specified console links for an analytics tool that is available in this environment.
│      ├ properties
│      │  ├ DomainIdentifier: (documentation changed)
│      │  ├ EnvironmentIdentifier: (documentation changed)
│      │  └ Identifier: (documentation changed)
│      ├ attributes
│      │  ├ DomainId: (documentation changed)
│      │  ├ EnvironmentId: (documentation changed)
│      │  └ Id: (documentation changed)
│      └ types
│         └[~] type AwsConsoleLinkParameters
│           └  - documentation: The parameters of the console link specified as part of the environment action
│              + documentation: The parameters of the console link specified as part of the environment action.
├[~] service aws-ec2
│ └ resources
│    └[~] resource AWS::EC2::VPCEndpoint
│      └  - documentation: Specifies a VPC endpoint. A VPC endpoint provides a private connection between your VPC and an endpoint service. You can use an endpoint service provided by AWS , an AWS Marketplace Partner, or another AWS accounts in your organization. For more information, see the [AWS PrivateLink User Guide](https://docs.aws.amazon.com/vpc/latest/privatelink/) .
│         An endpoint of type `Interface` establishes connections between the subnets in your VPC and an  , your own service, or a service hosted by another AWS account . With an interface VPC endpoint, you specify the subnets in which to create the endpoint and the security groups to associate with the endpoint network interfaces.
│         An endpoint of type `gateway` serves as a target for a route in your route table for traffic destined for Amazon S3 or DynamoDB . You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to Amazon S3 , see [Why can't I connect to an S3 bucket using a gateway VPC endpoint?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/connect-s3-vpc-endpoint)
│         An endpoint of type `GatewayLoadBalancer` provides private connectivity between your VPC and virtual appliances from a service provider.
│         + documentation: Specifies a VPC endpoint. A VPC endpoint provides a private connection between your VPC and an endpoint service. You can use an endpoint service provided by AWS , an AWS Marketplace Partner, or another AWS accounts in your organization. For more information, see the [AWS PrivateLink User Guide](https://docs.aws.amazon.com/vpc/latest/privatelink/) .
│         An endpoint of type `Interface` establishes connections between the subnets in your VPC and an AWS service , your own service, or a service hosted by another AWS account . With an interface VPC endpoint, you specify the subnets in which to create the endpoint and the security groups to associate with the endpoint network interfaces.
│         An endpoint of type `gateway` serves as a target for a route in your route table for traffic destined for Amazon S3 or DynamoDB . You can specify an endpoint policy for the endpoint, which controls access to the service from your VPC. You can also specify the VPC route tables that use the endpoint. For more information about connectivity to Amazon S3 , see [Why can't I connect to an S3 bucket using a gateway VPC endpoint?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/connect-s3-vpc-endpoint)
│         An endpoint of type `GatewayLoadBalancer` provides private connectivity between your VPC and virtual appliances from a service provider.
├[~] service aws-fsx
│ └ resources
│    └[~] resource AWS::FSx::DataRepositoryAssociation
│      └ properties
│         └ DataRepositoryPath: (documentation changed)
├[~] service aws-iotsitewise
│ └ resources
│    └[~] resource AWS::IoTSiteWise::Gateway
│      └ types
│         ├[~] type GatewayPlatform
│         │ └ properties
│         │    └ SiemensIE: (documentation changed)
│         └[~] type SiemensIE
│           ├  - documentation: Contains the IotCoreThingName of AWS IoT Thing that the gateway runs on.
│           │  + documentation: Contains details for a AWS IoT SiteWise Edge gateway that runs on a Siemens Industrial Edge Device.
│           └ properties
│              └ IotCoreThingName: (documentation changed)
├[~] service aws-lambda
│ └ resources
│    └[~] resource AWS::Lambda::Permission
│      └ properties
│         ├ Principal: (documentation changed)
│         ├ SourceAccount: (documentation changed)
│         └ SourceArn: (documentation changed)
├[~] service aws-pcaconnectorscep
│ └ resources
│    ├[~] resource AWS::PCAConnectorSCEP::Challenge
│    │ ├  - documentation: Represents a SCEP Challenge that is used for certificate enrollment
│    │ │  + documentation: For general-purpose connectors. Creates a *challenge password* for the specified connector. The SCEP protocol uses a challenge password to authenticate a request before issuing a certificate from a certificate authority (CA). Your SCEP clients include the challenge password as part of their certificate request to Connector for SCEP. To retrieve the connector Amazon Resource Names (ARNs) for the connectors in your account, call [ListConnectors](https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_ListConnectors.html) .
│    │ │  To create additional challenge passwords for the connector, call `CreateChallenge` again. We recommend frequently rotating your challenge passwords.
│    │ ├ properties
│    │ │  └ ConnectorArn: (documentation changed)
│    │ └ attributes
│    │    └ ChallengeArn: (documentation changed)
│    └[~] resource AWS::PCAConnectorSCEP::Connector
│      ├  - documentation: Represents a Connector that allows certificate issuance through Simple Certificate Enrollment Protocol (SCEP)
│      │  + documentation: Connector for SCEP is a service that links AWS Private Certificate Authority to your SCEP-enabled devices. The connector brokers the exchange of certificates from AWS Private CA to your SCEP-enabled devices and mobile device management systems. The connector is a complex type that contains the connector's configuration settings.
│      ├ properties
│      │  ├ CertificateAuthorityArn: (documentation changed)
│      │  └ MobileDeviceManagement: (documentation changed)
│      ├ attributes
│      │  ├ ConnectorArn: (documentation changed)
│      │  ├ Endpoint: (documentation changed)
│      │  └ Type: (documentation changed)
│      └ types
│         ├[~] type IntuneConfiguration
│         │ ├  - documentation: undefined
│         │ │  + documentation: Contains configuration details for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .
│         │ │  When you use Connector for SCEP for Microsoft Intune, certain functionalities are enabled by accessing Microsoft Intune through the Microsoft API. Your use of the Connector for SCEP and accompanying AWS services doesn't remove your need to have a valid license for your use of the Microsoft Intune service. You should also review the [Microsoft Intune® App Protection Policies](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy) .
│         │ └ properties
│         │    ├ AzureApplicationId: (documentation changed)
│         │    └ Domain: (documentation changed)
│         ├[~] type MobileDeviceManagement
│         │ ├  - documentation: undefined
│         │ │  + documentation: If you don't supply a value, by default Connector for SCEP creates a connector for general-purpose use. A general-purpose connector is designed to work with clients or endpoints that support the SCEP protocol, except Connector for SCEP for Microsoft Intune. For information about considerations and limitations with using Connector for SCEP, see [Considerations and Limitations](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlc4scep-considerations-limitations.html) .
│         │ │  If you provide an `IntuneConfiguration` , Connector for SCEP creates a connector for use with Microsoft Intune, and you manage the challenge passwords using Microsoft Intune. For more information, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .
│         │ └ properties
│         │    └ Intune: (documentation changed)
│         └[~] type OpenIdConfiguration
│           ├  - documentation: undefined
│           │  + documentation: Contains OpenID Connect (OIDC) parameters for use with Microsoft Intune. For more information about using Connector for SCEP for Microsoft Intune, see [Using Connector for SCEP for Microsoft Intune](https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html) .
│           └ properties
│              ├ Audience: (documentation changed)
│              ├ Issuer: (documentation changed)
│              └ Subject: (documentation changed)
├[~] service aws-s3
│ └ resources
│    ├[~] resource AWS::S3::AccessPoint
│    │ └ types
│    │    └[~] type PublicAccessBlockConfiguration
│    │      └ properties
│    │         └ RestrictPublicBuckets: (documentation changed)
│    ├[~] resource AWS::S3::Bucket
│    │ └ types
│    │    └[~] type PublicAccessBlockConfiguration
│    │      └ properties
│    │         └ RestrictPublicBuckets: (documentation changed)
│    └[~] resource AWS::S3::MultiRegionAccessPoint
│      └ types
│         └[~] type PublicAccessBlockConfiguration
│           └ properties
│              └ RestrictPublicBuckets: (documentation changed)
├[~] service aws-s3objectlambda
│ └ resources
│    └[~] resource AWS::S3ObjectLambda::AccessPoint
│      └ types
│         └[~] type PublicAccessBlockConfiguration
│           └ properties
│              └ RestrictPublicBuckets: (documentation changed)
├[~] service aws-secretsmanager
│ └ resources
│    ├[~] resource AWS::SecretsManager::RotationSchedule
│    │ ├  - documentation: Sets the rotation schedule and Lambda rotation function for a secret. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .
│    │ │  For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │ │  For the rotation function, you have two options:
│    │ │  - You can create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) by using `HostedRotationLambda` .
│    │ │  - You can choose an existing rotation function by using `RotationLambdaARN` .
│    │ │  For database secrets, if you define both the secret and the database or service in the AWS CloudFormation template, then you need to define the [AWS::SecretsManager::SecretTargetAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secrettargetattachment.html) resource to populate the secret with the connection details of the database or service before you attempt to configure rotation.
│    │ │  + documentation: Sets the rotation schedule and Lambda rotation function for a secret. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .
│    │ │  For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │ │  For Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .
│    │ │  For the rotation function, you have two options:
│    │ │  - You can create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) by using `HostedRotationLambda` .
│    │ │  - You can choose an existing rotation function by using `RotationLambdaARN` .
│    │ │  For database secrets, if you define both the secret and the database or service in the AWS CloudFormation template, then you need to define the [AWS::SecretsManager::SecretTargetAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secrettargetattachment.html) resource to populate the secret with the connection details of the database or service before you attempt to configure rotation.
│    │ ├ properties
│    │ │  ├ HostedRotationLambda: (documentation changed)
│    │ │  └ RotationLambdaARN: (documentation changed)
│    │ └ types
│    │    └[~] type HostedRotationLambda
│    │      └  - documentation: Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) .
│    │         You must specify `Transform: AWS::SecretsManager-2020-07-23` at the beginning of the CloudFormation template.
│    │         For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │         + documentation: Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) .
│    │         You must specify `Transform: AWS::SecretsManager-2020-07-23` at the beginning of the CloudFormation template.
│    │         For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │         For Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .
│    ├[~] resource AWS::SecretsManager::Secret
│    │ └  - documentation: Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.
│    │    For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │    To retrieve a secret in a CloudFormation template, use a *dynamic reference* . For more information, see [Retrieve a secret in an AWS CloudFormation resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html) .
│    │    A common scenario is to first create a secret with `GenerateSecretString` , which generates a password, and then use a dynamic reference to retrieve the username and password from the secret to use as credentials for a new database. See the example *Creating a Redshift cluster and a secret for the admin credentials* .
│    │    For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) . For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html) .
│    │    For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html) .
│    │    + documentation: Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.
│    │    For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│    │    For Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .
│    │    To retrieve a secret in a CloudFormation template, use a *dynamic reference* . For more information, see [Retrieve a secret in an AWS CloudFormation resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html) .
│    │    For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html) . For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html) .
│    │    For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html) .
│    └[~] resource AWS::SecretsManager::SecretTargetAttachment
│      ├  - documentation: The `AWS::SecretsManager::SecretTargetAttachment` resource completes the final link between a Secrets Manager secret and the associated database by adding the database connection information to the secret JSON. If you want to turn on automatic rotation for a database credential secret, the secret must contain the database connection information. For more information, see [JSON structure of Secrets Manager database credential secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .
│      │  For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│      │  + documentation: The `AWS::SecretsManager::SecretTargetAttachment` resource completes the final link between a Secrets Manager secret and the associated database by adding the database connection information to the secret JSON. If you want to turn on automatic rotation for a database credential secret, the secret must contain the database connection information. For more information, see [JSON structure of Secrets Manager database credential secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .
│      │  When you remove a `SecretTargetAttachment` from a stack, Secrets Manager removes the database connection information from the secret with a `PutSecretValue` call.
│      │  For Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .
│      │  For Amazon Redshift admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html) .
│      └ properties
│         └ TargetType: (documentation changed)
├[~] service aws-securityhub
│ └ resources
│    ├[~] resource AWS::SecurityHub::AutomationRule
│    │ └ types
│    │    ├[~] type AutomationRulesAction
│    │    │ ├  - documentation: One or more actions to update finding fields if a finding matches the defined criteria of the rule.
│    │    │ │  + documentation: One or more actions that AWS Security Hub takes when a finding matches the defined criteria of a rule.
│    │    │ └ properties
│    │    │    └ Type: (documentation changed)
│    │    └[~] type AutomationRulesFindingFilters
│    │      └ properties
│    │         └ ResourceId: (documentation changed)
│    ├[~] resource AWS::SecurityHub::ConfigurationPolicy
│    │ └ types
│    │    └[~] type Policy
│    │      └ properties
│    │         └ SecurityHub: (documentation changed)
│    ├[~] resource AWS::SecurityHub::Insight
│    │ └ types
│    │    └[~] type AwsSecurityFindingFilters
│    │      └ properties
│    │         └ ComplianceSecurityControlId: (documentation changed)
│    └[~] resource AWS::SecurityHub::SecurityControl
│      └ properties
│         └ SecurityControlId: (documentation changed)
└[~] service aws-securitylake
  └ resources
     └[~] resource AWS::SecurityLake::Subscriber
       └ properties
          └ Sources: (documentation changed)

@aws-cdk-automation aws-cdk-automation added this pull request to the merge queue Sep 18, 2024
Merged via the queue into main with commit 7267b1b Sep 18, 2024
11 checks passed
@aws-cdk-automation aws-cdk-automation deleted the update-source/documentation branch September 18, 2024 03:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
auto-approve
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aws-cdk-automation