Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sources): update documentation #1312

Merged
merged 1 commit into from
Sep 20, 2024
Merged

feat(sources): update documentation #1312

merged 1 commit into from
Sep 20, 2024

Conversation

aws-cdk-automation
Copy link
Contributor

⚠️ This Pull Request updates daily and will overwrite all manual changes pushed to the branch

Updates the documentation source from upstream. See details in workflow run.

Automatically created by projen via the "update-source-documentation" workflow

feat(sources): update documentation
0d62226 
> ⚠️ This Pull Request updates daily and will overwrite **all** manual changes pushed to the branch

Updates the documentation source from upstream. See details in [workflow run].

[Workflow Run]: https://github.com/cdklabs/awscdk-service-spec/actions/runs/10952585954

------

*Automatically created by projen via the "update-source-documentation" workflow*

Signed-off-by: github-actions <[email protected]>
@github-actions GitHub Actions
Copy link

To work on this Pull Request, please create a new branch and PR. This prevents your work from being deleted by the automation.

Run the following commands inside the repo:

gh co 1312
git switch -c fix-pr-1312 && git push -u origin HEAD
gh pr create -t "fix: PR #1312" --body "Fixes https://github.com/cdklabs/awscdk-service-spec/pull/1312"

@github-actions GitHub Actions
Copy link

@aws-cdk/aws-service-spec: Model database diff detected

├[~] service aws-autoscaling
│ └ resources
│    └[~] resource AWS::AutoScaling::ScalingPolicy
│      └ types
│         ├[~] type TargetTrackingMetricDataQuery
│         │ └  - documentation: The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp.
│         │    You can use `TargetTrackingMetricDataQuery` structures with a `PutScalingPolicy` operation when you specify a `TargetTrackingConfiguration` in the request.
│         │    You can call for a single metric or perform math expressions on multiple metrics. Any expressions used in a metric specification must eventually return a single time series.
│         │    For more information, see the [Create a target tracking scaling policy for Amazon EC2 Auto Scaling using metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) in the *Amazon EC2 Auto Scaling User Guide* .
│         │    + documentation: The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp.
│         │    You can use `TargetTrackingMetricDataQuery` structures with a [PutScalingPolicy](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_PutScalingPolicy.html) operation when you specify a [TargetTrackingConfiguration](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_TargetTrackingConfiguration.html) in the request.
│         │    You can call for a single metric or perform math expressions on multiple metrics. Any expressions used in a metric specification must eventually return a single time series.
│         │    For more information, see the [Create a target tracking scaling policy for Amazon EC2 Auto Scaling using metric math](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-target-tracking-metric-math.html) in the *Amazon EC2 Auto Scaling User Guide* .
│         └[~] type TargetTrackingMetricStat
│           └  - documentation: This structure defines the CloudWatch metric to return, along with the statistic and unit.
│              `TargetTrackingMetricStat` is a property of the `TargetTrackingMetricDataQuery` object.
│              For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* .
│              + documentation: This structure defines the CloudWatch metric to return, along with the statistic and unit.
│              `TargetTrackingMetricStat` is a property of the [TargetTrackingMetricDataQuery](https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_TargetTrackingMetricDataQuery.html) object.
│              For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide* .
├[~] service aws-batch
│ └ resources
│    └[~] resource AWS::Batch::JobDefinition
│      └ types
│         └[~] type PodProperties
│           └ properties
│              ├ Containers: (documentation changed)
│              └ InitContainers: (documentation changed)
├[~] service aws-glue
│ └ resources
│    └[~] resource AWS::Glue::Job
│      └ properties
│         └ JobMode: (documentation changed)
├[~] service aws-lambda
│ └ resources
│    └[~] resource AWS::Lambda::Permission
│      ├  - documentation: The `AWS::Lambda::Permission` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
│      │  To grant permission to another account, specify the account ID as the `Principal` . To grant permission to an organization defined in AWS Organizations , specify the organization ID as the `PrincipalOrgID` . For AWS services, the principal is a domain-style identifier defined by the service, like `s3.amazonaws.com` or `sns.amazonaws.com` . For AWS services, you can also specify the ARN of the associated resource as the `SourceArn` . If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
│      │  If your function has a function URL, you can specify the `FunctionUrlAuthType` parameter. This adds a condition to your permission that only applies when your function URL's `AuthType` matches the specified `FunctionUrlAuthType` . For more information about the `AuthType` parameter, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .
│      │  This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html) .
│      │  + documentation: The `AWS::Lambda::Permission` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
│      │  To grant permission to another account, specify the account ID as the `Principal` . To grant permission to an organization defined in AWS Organizations , specify the organization ID as the `PrincipalOrgID` . For AWS services, the principal is a domain-style identifier defined by the service, like `s3.amazonaws.com` or `sns.amazonaws.com` . For AWS services, you can also specify the ARN of the associated resource as the `SourceArn` . If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
│      │  If your function has a function URL, you can specify the `FunctionUrlAuthType` parameter. This adds a condition to your permission that only applies when your function URL's `AuthType` matches the specified `FunctionUrlAuthType` . For more information about the `AuthType` parameter, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .
│      │  This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html) .
│      │  > To grant permissions to access your function, you can also use the `AWS::Lambda::ResourcePolicy` resource. This resource adds a complete JSON resource-based policy to a function.
│      │  > 
│      │  > Using both the `AWS::Lambda::Permission` and `AWS::Lambda::ResourcePolicy` resources to set permissions on a function, either in a single AWS CloudFormation stack or across multiple stacks, can result in errors, and permissions defined in the `AWS::Lambda::Permission` resource can be unintentionally overwritten. Don't use both resource types to set permissions on a function.
│      │  > 
│      │  > We recommend using the `AWS::Lambda::ResourcePolicy` resource to set access permissions. This resource gives you more flexibility and fine-grained control than `AWS::Lambda::Permission` . To migrate existing permissions for a function from `AWS::Lambda::Permission` to `AWS::Lambda::ResourcePolicy` , do the following:
│      │  > 
│      │  > - Set a `Retain` [deletion policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) on the `AWS::Lambda::Permission` resources you want to migrate. This is necessary so that when you delete these resources, statements with the same statement ID that you add in the new `AWS::Lambda::ResourcePolicy` resource aren’t deleted as well.
│      │  > - Use the [GetResourcePolicy](https://docs.aws.amazon.com/ambda/latest/api/API_GetResourcePolicy.html) Lambda API to retrieve the resource-based policy currently attached to the function.
│      │  > - Use this policy to create a new `AWS::Lambda::ResourcePolicy` resource.
│      │  > - Delete all the existing `AWS::Lambda::Permission` resources for the function.
│      └ properties
│         └ Principal: (documentation changed)
├[~] service aws-s3express
│ └ resources
│    └[~] resource AWS::S3Express::DirectoryBucket
│      ├  - documentation: The `AWS::S3Express::DirectoryBucket` resource creates an Amazon S3 directory bucket in the same AWS Region where you create the AWS CloudFormation stack.
│      │  To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to *retain* the bucket or to *delete* the bucket. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) .
│      │  > You can only delete empty buckets. Deletion fails for buckets that have contents. 
│      │  - **Permissions** - The required permissions for CloudFormation to use are based on the operations that are performed on the stack.
│      │  - Create
│      │  - s3express:CreateBucket
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - Read
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - Delete
│      │  - s3express:DeleteBucket
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - List
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  The following operations are related to `AWS::S3Express::DirectoryBucket` :
│      │  - [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
│      │  - [ListDirectoryBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListDirectoryBuckets.html)
│      │  - [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
│      │  + documentation: The `AWS::S3Express::DirectoryBucket` resource creates an Amazon S3 directory bucket in the same AWS Region where you create the AWS CloudFormation stack.
│      │  To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to *retain* the bucket or to *delete* the bucket. For more information, see [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) .
│      │  > You can only delete empty buckets. Deletion fails for buckets that have contents. 
│      │  - **Permissions** - The required permissions for CloudFormation to use are based on the operations that are performed on the stack.
│      │  - Create
│      │  - s3express:CreateBucket
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - Read
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - ec2:DescribeAvailabilityZones
│      │  - Delete
│      │  - s3express:DeleteBucket
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - List
│      │  - s3express:ListAllMyDirectoryBuckets
│      │  - PutBucketEncryption
│      │  - s3express:PutEncryptionConfiguration
│      │  - To set a directory bucket default encryption with SSE-KMS, you must also have the kms:GenerateDataKey and kms:Decrypt permissions in IAM identity-based policies and AWS KMS key policies for the target AWS KMS key.
│      │  - GetBucketEncryption
│      │  - s3express:GetBucketEncryption
│      │  - DeleteBucketEncryption
│      │  - s3express:PutEncryptionConfiguration
│      │  The following operations are related to `AWS::S3Express::DirectoryBucket` :
│      │  - [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
│      │  - [ListDirectoryBuckets](https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListDirectoryBuckets.html)
│      │  - [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
│      ├ properties
│      │  ├ BucketEncryption: (documentation changed)
│      │  └ BucketName: (documentation changed)
│      └ attributes
│         ├ Arn: (documentation changed)
│         └ AvailabilityZoneName: (documentation changed)
└[~] service aws-sqs
  └ resources
     └[~] resource AWS::SQS::Queue
       ├  - documentation: The `AWS::SQS::Queue` resource creates an Amazon SQS standard or FIFO queue.
       │  Keep the following caveats in mind:
       │  - If you don't specify the `FifoQueue` property, Amazon SQS creates a standard queue.
       │  > You can't change the queue type after you create it and you can't convert an existing standard queue into a FIFO queue. You must either create a new FIFO queue for your application or delete your existing standard queue and recreate it as a FIFO queue. For more information, see [Moving from a standard queue to a FIFO queue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues-moving.html) in the *Amazon SQS Developer Guide* .
       │  - If you don't provide a value for a property, the queue is created with the default value for the property.
       │  - If you delete a queue, you must wait at least 60 seconds before creating a queue with the same name.
       │  - To successfully create a new queue, you must provide a queue name that adheres to the [limits related to queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/limits-queues.html) and is unique within the scope of your queues.
       │  For more information about creating FIFO (first-in-first-out) queues, see [Creating an Amazon SQS queue ( AWS CloudFormation )](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/screate-queue-cloudformation.html) in the *Amazon SQS Developer Guide* .
       │  + documentation: The `AWS::SQS::Queue` resource creates an Amazon SQS standard or FIFO queue.
       │  Keep the following caveats in mind:
       │  - If you don't specify the `FifoQueue` property, Amazon SQS creates a standard queue.
       │  > You can't change the queue type after you create it and you can't convert an existing standard queue into a FIFO queue. You must either create a new FIFO queue for your application or delete your existing standard queue and recreate it as a FIFO queue. For more information, see [Moving from a standard queue to a FIFO queue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues-moving.html) in the *Amazon SQS Developer Guide* .
       │  - If you don't provide a value for a property, the queue is created with the default value for the property.
       │  - If you delete a queue, you must wait at least 60 seconds before creating a queue with the same name.
       │  - To successfully create a new queue, you must provide a queue name that adheres to the [limits related to queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/limits-queues.html) and is unique within the scope of your queues.
       │  For more information about creating FIFO (first-in-first-out) queues, see [Creating an Amazon SQS queue ( AWS CloudFormation )](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/create-queue-cloudformation.html) in the *Amazon SQS Developer Guide* .
       └ properties
          ├ FifoQueue: (documentation changed)
          ├ KmsMasterKeyId: (documentation changed)
          └ QueueName: (documentation changed)

@aws-cdk-automation aws-cdk-automation added this pull request to the merge queue Sep 20, 2024
Merged via the queue into main with commit b9b3330 Sep 20, 2024
11 checks passed
@aws-cdk-automation aws-cdk-automation deleted the update-source/documentation branch September 20, 2024 03:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
auto-approve
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aws-cdk-automation