diff --git a/examples/go.mod b/examples/go.mod index 33a09e0f992..814a3161413 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -5,12 +5,12 @@ go 1.24.10 require ( github.com/aws/aws-sdk-go v1.55.7 github.com/aws/aws-sdk-go-v2 v1.39.6 - github.com/aws/aws-sdk-go-v2/config v1.31.20 - github.com/aws/aws-sdk-go-v2/credentials v1.18.24 + github.com/aws/aws-sdk-go-v2/config v1.31.21 + github.com/aws/aws-sdk-go-v2/credentials v1.18.25 github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3 - github.com/aws/aws-sdk-go-v2/service/iam v1.50.2 - github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13 - github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 + github.com/aws/aws-sdk-go-v2/service/iam v1.52.0 + github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0 + github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0 github.com/pulumi/providertest v0.3.0 github.com/pulumi/pulumi-aws/provider/v7 v7.0.0-00010101000000-000000000000 github.com/pulumi/pulumi-terraform-bridge/v3 v3.117.0 @@ -65,7 +65,7 @@ require ( github.com/atotto/clipboard v0.1.4 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 // indirect - github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7 // indirect + github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect @@ -76,8 +76,8 @@ require ( github.com/aws/aws-sdk-go-v2/service/acmpca v1.46.2 // indirect github.com/aws/aws-sdk-go-v2/service/amp v1.42.0 // indirect github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5 // indirect - github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3 // indirect - github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13 // indirect + github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0 // indirect + github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0 // indirect github.com/aws/aws-sdk-go-v2/service/appfabric v1.16.12 // indirect github.com/aws/aws-sdk-go-v2/service/appflow v1.51.3 // indirect github.com/aws/aws-sdk-go-v2/service/appintegrations v1.36.12 // indirect @@ -86,20 +86,20 @@ require ( github.com/aws/aws-sdk-go-v2/service/applicationsignals v1.17.4 // indirect github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3 // indirect github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5 // indirect - github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2 // indirect + github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1 // indirect github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3 // indirect github.com/aws/aws-sdk-go-v2/service/arcregionswitch v1.2.14 // indirect github.com/aws/aws-sdk-go-v2/service/athena v1.55.12 // indirect github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3 // indirect - github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5 // indirect + github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0 // indirect github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5 // indirect - github.com/aws/aws-sdk-go-v2/service/backup v1.51.2 // indirect + github.com/aws/aws-sdk-go-v2/service/backup v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/batch v1.58.6 // indirect github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5 // indirect - github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6 // indirect + github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1 // indirect github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3 // indirect github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3 // indirect - github.com/aws/aws-sdk-go-v2/service/billing v1.8.6 // indirect + github.com/aws/aws-sdk-go-v2/service/billing v1.9.0 // indirect github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3 // indirect github.com/aws/aws-sdk-go-v2/service/chatbot v1.14.12 // indirect github.com/aws/aws-sdk-go-v2/service/chime v1.41.3 // indirect @@ -108,14 +108,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/cleanrooms v1.37.3 // indirect github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11 // indirect github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0 // indirect github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2 // indirect github.com/aws/aws-sdk-go-v2/service/cloudfrontkeyvaluestore v1.12.14 // indirect github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11 // indirect github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12 // indirect github.com/aws/aws-sdk-go-v2/service/codebuild v1.68.4 // indirect github.com/aws/aws-sdk-go-v2/service/codecatalyst v1.21.3 // indirect @@ -132,22 +132,22 @@ require ( github.com/aws/aws-sdk-go-v2/service/comprehend v1.40.12 // indirect github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3 // indirect github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4 // indirect - github.com/aws/aws-sdk-go-v2/service/connect v1.145.0 // indirect + github.com/aws/aws-sdk-go-v2/service/connect v1.146.0 // indirect github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3 // indirect github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2 // indirect github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4 // indirect - github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4 // indirect - github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12 // indirect + github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0 // indirect + github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0 // indirect github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5 // indirect - github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0 // indirect + github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5 // indirect github.com/aws/aws-sdk-go-v2/service/dataexchange v1.40.5 // indirect github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11 // indirect github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6 // indirect - github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2 // indirect + github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0 // indirect github.com/aws/aws-sdk-go-v2/service/dax v1.29.7 // indirect github.com/aws/aws-sdk-go-v2/service/detective v1.38.4 // indirect - github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5 // indirect + github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0 // indirect github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3 // indirect github.com/aws/aws-sdk-go-v2/service/directconnect v1.38.5 // indirect github.com/aws/aws-sdk-go-v2/service/directoryservice v1.38.6 // indirect @@ -156,20 +156,20 @@ require ( github.com/aws/aws-sdk-go-v2/service/docdbelastic v1.20.4 // indirect github.com/aws/aws-sdk-go-v2/service/drs v1.36.4 // indirect github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2 // indirect - github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6 // indirect - github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0 // indirect - github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4 // indirect + github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0 // indirect github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4 // indirect - github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4 // indirect + github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0 // indirect github.com/aws/aws-sdk-go-v2/service/efs v1.41.4 // indirect github.com/aws/aws-sdk-go-v2/service/eks v1.74.9 // indirect github.com/aws/aws-sdk-go-v2/service/elasticache v1.51.3 // indirect github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.33.13 // indirect github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13 // indirect - github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0 // indirect + github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0 // indirect github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13 // indirect github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12 // indirect - github.com/aws/aws-sdk-go-v2/service/emr v1.55.6 // indirect + github.com/aws/aws-sdk-go-v2/service/emr v1.56.0 // indirect github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8 // indirect github.com/aws/aws-sdk-go-v2/service/emrserverless v1.37.3 // indirect github.com/aws/aws-sdk-go-v2/service/eventbridge v1.45.12 // indirect @@ -179,31 +179,31 @@ require ( github.com/aws/aws-sdk-go-v2/service/firehose v1.42.3 // indirect github.com/aws/aws-sdk-go-v2/service/fis v1.37.11 // indirect github.com/aws/aws-sdk-go-v2/service/fms v1.44.12 // indirect - github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2 // indirect + github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0 // indirect github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2 // indirect github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12 // indirect github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5 // indirect - github.com/aws/aws-sdk-go-v2/service/glue v1.132.3 // indirect + github.com/aws/aws-sdk-go-v2/service/glue v1.133.0 // indirect github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5 // indirect github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12 // indirect github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2 // indirect - github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2 // indirect + github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0 // indirect github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4 // indirect github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2 // indirect - github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6 // indirect + github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0 // indirect github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11 // indirect - github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12 // indirect + github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 // indirect github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.4 // indirect github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.11.13 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 // indirect github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13 // indirect github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4 // indirect - github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2 // indirect + github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0 // indirect github.com/aws/aws-sdk-go-v2/service/iot v1.69.11 // indirect github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5 // indirect github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11 // indirect - github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2 // indirect + github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0 // indirect github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12 // indirect github.com/aws/aws-sdk-go-v2/service/kendra v1.60.12 // indirect github.com/aws/aws-sdk-go-v2/service/keyspaces v1.24.5 // indirect @@ -213,21 +213,21 @@ require ( github.com/aws/aws-sdk-go-v2/service/kinesisvideo v1.32.11 // indirect github.com/aws/aws-sdk-go-v2/service/kms v1.48.2 // indirect github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11 // indirect - github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3 // indirect + github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0 // indirect github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12 // indirect github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5 // indirect - github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12 // indirect + github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0 // indirect github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12 // indirect github.com/aws/aws-sdk-go-v2/service/lightsail v1.50.6 // indirect github.com/aws/aws-sdk-go-v2/service/location v1.50.4 // indirect github.com/aws/aws-sdk-go-v2/service/lookoutmetrics v1.37.2 // indirect github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5 // indirect github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4 // indirect - github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6 // indirect - github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3 // indirect - github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5 // indirect + github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0 // indirect + github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0 // indirect + github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0 // indirect github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12 // indirect - github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5 // indirect + github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0 // indirect github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/mediastore v1.29.12 // indirect github.com/aws/aws-sdk-go-v2/service/memorydb v1.33.5 // indirect @@ -236,8 +236,8 @@ require ( github.com/aws/aws-sdk-go-v2/service/mwaa v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3 // indirect github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11 // indirect - github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7 // indirect - github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5 // indirect + github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0 // indirect + github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0 // indirect github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5 // indirect github.com/aws/aws-sdk-go-v2/service/networkmonitor v1.13.4 // indirect github.com/aws/aws-sdk-go-v2/service/notifications v1.7.10 // indirect @@ -245,14 +245,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/oam v1.23.5 // indirect github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6 // indirect github.com/aws/aws-sdk-go-v2/service/odb v1.5.6 // indirect - github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2 // indirect + github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4 // indirect github.com/aws/aws-sdk-go-v2/service/organizations v1.46.4 // indirect github.com/aws/aws-sdk-go-v2/service/osis v1.21.5 // indirect github.com/aws/aws-sdk-go-v2/service/outposts v1.57.6 // indirect github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3 // indirect github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12 // indirect - github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6 // indirect + github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0 // indirect github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/pinpointsmsvoicev2 v1.26.2 // indirect github.com/aws/aws-sdk-go-v2/service/pipes v1.23.11 // indirect @@ -263,7 +263,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/quicksight v1.96.2 // indirect github.com/aws/aws-sdk-go-v2/service/ram v1.34.13 // indirect github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13 // indirect - github.com/aws/aws-sdk-go-v2/service/rds v1.108.9 // indirect + github.com/aws/aws-sdk-go-v2/service/rds v1.109.0 // indirect github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/redshiftdata v1.37.12 // indirect github.com/aws/aws-sdk-go-v2/service/redshiftserverless v1.31.15 // indirect @@ -272,21 +272,21 @@ require ( github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6 // indirect github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14 // indirect github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12 // indirect - github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5 // indirect + github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10 // indirect github.com/aws/aws-sdk-go-v2/service/route53profiles v1.9.12 // indirect github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5 // indirect github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12 // indirect - github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12 // indirect - github.com/aws/aws-sdk-go-v2/service/rum v1.29.4 // indirect + github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0 // indirect + github.com/aws/aws-sdk-go-v2/service/rum v1.30.0 // indirect github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9 // indirect github.com/aws/aws-sdk-go-v2/service/s3outposts v1.34.3 // indirect github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0 // indirect github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2 // indirect - github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0 // indirect + github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0 // indirect github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12 // indirect github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3 // indirect - github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13 // indirect + github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0 // indirect github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4 // indirect github.com/aws/aws-sdk-go-v2/service/securitylake v1.25.4 // indirect github.com/aws/aws-sdk-go-v2/service/serverlessapplicationrepository v1.30.3 // indirect @@ -296,7 +296,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/servicequotas v1.33.7 // indirect github.com/aws/aws-sdk-go-v2/service/ses v1.34.11 // indirect github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4 // indirect - github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13 // indirect + github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0 // indirect github.com/aws/aws-sdk-go-v2/service/shield v1.34.12 // indirect github.com/aws/aws-sdk-go-v2/service/signer v1.31.12 // indirect github.com/aws/aws-sdk-go-v2/service/sns v1.39.5 // indirect @@ -310,7 +310,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ssoadmin v1.36.8 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 // indirect github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.41.0 // indirect github.com/aws/aws-sdk-go-v2/service/swf v1.33.6 // indirect github.com/aws/aws-sdk-go-v2/service/synthetics v1.42.4 // indirect github.com/aws/aws-sdk-go-v2/service/taxsettings v1.16.12 // indirect @@ -323,11 +323,11 @@ require ( github.com/aws/aws-sdk-go-v2/service/vpclattice v1.20.2 // indirect github.com/aws/aws-sdk-go-v2/service/waf v1.30.11 // indirect github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12 // indirect - github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2 // indirect + github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0 // indirect github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10 // indirect github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4 // indirect - github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5 // indirect + github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0 // indirect github.com/aws/aws-sdk-go-v2/service/xray v1.36.11 // indirect github.com/aws/smithy-go v1.23.2 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect @@ -514,7 +514,7 @@ require ( go.uber.org/atomic v1.9.0 // indirect gocloud.dev v0.37.0 // indirect gocloud.dev/secrets/hashivault v0.37.0 // indirect - golang.org/x/crypto v0.44.0 // indirect + golang.org/x/crypto v0.45.0 // indirect golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect golang.org/x/mod v0.30.0 // indirect golang.org/x/net v0.47.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index c8b89744105..122a6ff3a02 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -1483,14 +1483,14 @@ github.com/aws/aws-sdk-go-v2 v1.39.6 h1:2JrPCVgWJm7bm83BDwY5z8ietmeJUbh3O2ACnn+X github.com/aws/aws-sdk-go-v2 v1.39.6/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 h1:DHctwEM8P8iTXFxC/QK0MRjwEpWQeM9yzidCRjldUz0= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3/go.mod h1:xdCzcZEtnSTKVDOmUZs4l/j3pSV6rpo1WXl5ugNsL8Y= -github.com/aws/aws-sdk-go-v2/config v1.31.20 h1:/jWF4Wu90EhKCgjTdy1DGxcbcbNrjfBHvksEL79tfQc= -github.com/aws/aws-sdk-go-v2/config v1.31.20/go.mod h1:95Hh1Tc5VYKL9NJ7tAkDcqeKt+MCXQB1hQZaRdJIZE0= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24 h1:iJ2FmPT35EaIB0+kMa6TnQ+PwG5A1prEdAw+PsMzfHg= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24/go.mod h1:U91+DrfjAiXPDEGYhh/x29o4p0qHX5HDqG7y5VViv64= +github.com/aws/aws-sdk-go-v2/config v1.31.21 h1:gH/y+NphLGIVuNHXNkTQir3PmL44Efe8OpPAsbDms0o= +github.com/aws/aws-sdk-go-v2/config v1.31.21/go.mod h1:P6I8guuLej6F2++fKUlo9OIhI59LuEsyEZZMMmgqh/4= +github.com/aws/aws-sdk-go-v2/credentials v1.18.25 h1:MvtSN3ECsQbgEHcux1pZQhuMjZnShlsqcS0Pqlan4Vw= +github.com/aws/aws-sdk-go-v2/credentials v1.18.25/go.mod h1:YATyDPzlHucr1cxEE9rsZl7ZG3gQsxpjD6o5of/8qXE= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 h1:T1brd5dR3/fzNFAQch/iBKeX07/ffu/cLu+q+RuzEWk= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13/go.mod h1:Peg/GBAQ6JDt+RoBf4meB1wylmAipb7Kg2ZFakZTlwk= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7 h1:u8danF+A2Zv//pFZvj5V23v/6XG4AxuSVup5s6nxSnI= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7/go.mod h1:uvLIvU8iJPEU5so7b6lLDNArWpOX6sRBfL5wBABmlfc= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8 h1:R1Ws+p6Gyk0mdVvMI8zruUFnqaFouKKKDOdadtKbHbI= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8/go.mod h1:VPrEBa+zT9J2x+HHdeq5SwTMd7tbhcBQH3sYPiKORfY= github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 h1:a+8/MLcWlIxo1lF9xaGt3J/u3yOZx+CdSveSNwjhD40= github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13/go.mod h1:oGnKwIYZ4XttyU2JWxFrwvhF6YKiK/9/wmE3v3Iu9K8= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 h1:HBSI2kDkMdWz4ZM7FjwE7e/pWDEZ+nR95x8Ztet1ooY= @@ -1511,10 +1511,10 @@ github.com/aws/aws-sdk-go-v2/service/amp v1.42.0 h1:eBxruXVqrfytiVJIqxGVW4kGlbxl github.com/aws/aws-sdk-go-v2/service/amp v1.42.0/go.mod h1:uwNPmGivmh+4kJecS8OuYtMQTeZCGoBxdLLAGv+13r0= github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5 h1:uqG80MBs+aYwh6V2bpD3p4EAN3+23H9zDF+kyQNmbgo= github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5/go.mod h1:ieZIB8x+q5G3azy9SUtyGzGxXGHCVsTK4YvnADiCBZQ= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3 h1:EfTwIZPF4Q5lXgBkqbiVXpDZkc66fhqowdpy4UIEaA0= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3/go.mod h1:9tT261wkl3uME2BWp/a3nzGNe9BM7jLWZdrXW1eX3BA= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13 h1:X0cUJQKKQ69LtstWj3jjXRBaaCARs5FnS+xb2EedJEQ= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13/go.mod h1:vr6hE/YGoQQa8PPwsB1uKt9wHjNZZcbXN+ww6lBXVhY= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0 h1:yGW8ujCEpbex84kfx9KL6HkzfSC3pTiUOwNgrCB/Tek= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0/go.mod h1:9tT261wkl3uME2BWp/a3nzGNe9BM7jLWZdrXW1eX3BA= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0 h1:jFWRglDVLlQcANMwsdFp/lJ6RAsc/mFLopFlTw9IeXs= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0/go.mod h1:vr6hE/YGoQQa8PPwsB1uKt9wHjNZZcbXN+ww6lBXVhY= github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3 h1:CiSitRcp8P68+JoA9cNuBL6H2cdDtNr1w1pkHyRXFKE= github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3/go.mod h1:rvGHrN6a1lCypZrV0gDsJNPP5w51XIzr6manLptGnZg= github.com/aws/aws-sdk-go-v2/service/appfabric v1.16.12 h1:CKuViUgkrDY63niR+Jg2UBylJOSOrMx83NbOFKT0I7o= @@ -1533,8 +1533,8 @@ github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3 h1:IsdFy0YkFhSo1nPjw9WcPpm3 github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3/go.mod h1:xcEbbUjLqajeslIydrSJhESXNlGMtfXmu7MLY6ONlzY= github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5 h1:+fyOW8hT7uLzKQgkmKeqyq6Z8Y4+qiGsAOvbXYXmpdQ= github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5/go.mod h1:rI1byQGgb9tUXBvo3uLFrRXRzaCJayw+CiqAnDgYSKw= -github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2 h1:UwlSspIx0BSkiZfN4pX0EK2NlNTPXXu6jT3ljIf0/us= -github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2/go.mod h1:flCm0TnAjuMbHs8YaGjVjQjUUsa5EP5O6nC4Zpt080E= +github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1 h1:wP/OGyNS8YMeNf1nqNMl3zPkyl3Vp2UJ171ykt2Vkvc= +github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1/go.mod h1:flCm0TnAjuMbHs8YaGjVjQjUUsa5EP5O6nC4Zpt080E= github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3 h1:ANP9cl/DMLE1BewJU7eg25Ipq2gdrBtzd3k7nIcfq3A= github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3/go.mod h1:uCcHMGXa27Gp8b/hlAI0JbqmXeZp16E2FDWNz5nX0cQ= github.com/aws/aws-sdk-go-v2/service/arcregionswitch v1.2.14 h1:wRm3ZJkjRHNiTRFGPLR9xTzXpAG8l1h5ywGY9b5tN5I= @@ -1543,24 +1543,24 @@ github.com/aws/aws-sdk-go-v2/service/athena v1.55.12 h1:upjiOGrCbvVk/kgSvE8oRE5S github.com/aws/aws-sdk-go-v2/service/athena v1.55.12/go.mod h1:1bY3ff3w7nTDnyGgOAOEZpO7e7bUiG2iDM2tXbCzxjg= github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3 h1:gus+gJbIngKvaL6Q3PH7e2tjO1Isx+kp+ldWIvysiY0= github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3/go.mod h1:6U6XFWocDXxVtEZsjDajhNtAxNJzZRs9k7CJHuTMJCY= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5 h1:smgtD5JUyZERxHgs0j5entQFfdmKtKzt4UlIyaf2WUc= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5/go.mod h1:6E1AiecbY52kVBl8lKkdaO759rbGK3TBBBNnfxJezTM= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0 h1:L4+Ts9JbR5Bb92eyQunFFAB6TfTobcfFne8+fNPGFX0= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0/go.mod h1:6E1AiecbY52kVBl8lKkdaO759rbGK3TBBBNnfxJezTM= github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5 h1:/Gf9lbM1ce3h5SswLp0dCzWz3Lb8wHdlQvD9okQFnKs= github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5/go.mod h1:NkStIqURmzgUVyoB3YkmU1HUtIPECrExIastd5QbXIk= -github.com/aws/aws-sdk-go-v2/service/backup v1.51.2 h1:8fMelnQAIyKuEX8dQ3S36C+GNYe5Q0tpzdPb4j8CfDE= -github.com/aws/aws-sdk-go-v2/service/backup v1.51.2/go.mod h1:Sqiqu5Ws64P9IYY+0mQ4OafDKK1LK6sRWQqw89dZZYA= +github.com/aws/aws-sdk-go-v2/service/backup v1.54.0 h1:irUsF+2pK8u1YfiH1SC265XCRR81txSLGOca1s8Dh88= +github.com/aws/aws-sdk-go-v2/service/backup v1.54.0/go.mod h1:Sqiqu5Ws64P9IYY+0mQ4OafDKK1LK6sRWQqw89dZZYA= github.com/aws/aws-sdk-go-v2/service/batch v1.58.6 h1:/SWr0iPuPFm90sbJwTowOCD63ZtbdFYmp67XlXygwxo= github.com/aws/aws-sdk-go-v2/service/batch v1.58.6/go.mod h1:zaUBHLEVy5UjLlFt996XZMXLza3teA7f0IhAoV7+3mg= github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5 h1:otJvRakif5zPNVJ2sRcayQFqYh8QMj3ukVNred28uTw= github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5/go.mod h1:PJ5iWye10CA9cYAeVL4RUSkZvAwVK/WrOnTSHLztNAI= -github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6 h1:DnJwjQxyl4TnpkmTufPeIheReWrgiV9oOwu9vLA3878= -github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6/go.mod h1:xJ84P+JCcEkzkMjqBKmImWl/zlwEwBmbjc9QR+tcACQ= +github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1 h1:Da6sk9ZLlC2PXBWRPENz9msEkn5fYE6MOSWKPTjoMRg= +github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1/go.mod h1:xJ84P+JCcEkzkMjqBKmImWl/zlwEwBmbjc9QR+tcACQ= github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3 h1:UArcFWYHtdk5QWOTteqRZwF/tAoaYx+ArreUakHx8K0= github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3/go.mod h1:R5jkUdemrZt6+90gq4JFyxHKldEMH88F6wdxquDLa4Q= github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3 h1:lskoaAo1V+KpDYgS6lWMGvnxGhA0eX/bUQ6Xm7TEJM8= github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3/go.mod h1:MvhjtEWL5RO1w6AMrt4d9k//kZxZUsLrTSipRM9Q0/8= -github.com/aws/aws-sdk-go-v2/service/billing v1.8.6 h1:oMhm/snkg54HV1a//J0aBn7riYXDp2QH08oW9IK12j4= -github.com/aws/aws-sdk-go-v2/service/billing v1.8.6/go.mod h1:7WI9oHeKA76HgGtTaUeKToGO/rRH9/fx7WLCw1QLJt4= +github.com/aws/aws-sdk-go-v2/service/billing v1.9.0 h1:xbdlsW9TVa7AVpqB8CzaX6cM4qQQ/9RLrx6GGuBoSHE= +github.com/aws/aws-sdk-go-v2/service/billing v1.9.0/go.mod h1:7WI9oHeKA76HgGtTaUeKToGO/rRH9/fx7WLCw1QLJt4= github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3 h1:9cQXqYwHzp4fcKCHOAlHeMm/m/K+dcZS2D5SB+4ZA9s= github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3/go.mod h1:wjQL1whunmAT3ZhqQGZq0lPGNmU27Uu8RjGmT12wLNg= github.com/aws/aws-sdk-go-v2/service/chatbot v1.14.12 h1:WAVCaNagdhnjzFUUsrYADbR6NF1RVG9LAZj2+oY8gAg= @@ -1577,8 +1577,8 @@ github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11 h1:iR8n4gvDdN2hrUjXgETp76p/ github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11/go.mod h1:kyuiuFhvDWwqLGNWmwbIr/amPIFQWrA7KkbxRQvP0JU= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3 h1:6ZTiyJCqVLE5CjuCZ6h9kKEbWOTbFxlBFXZ0fvTZK+s= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3/go.mod h1:6kx+wmHMUP1fQBUpXN2N9xRt2sQUlloxwyF5cMIvDOc= -github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5 h1:YzV4YtVLxSUE1SvyMZui4s8oAc3cz/qg3B05UqLmrNw= -github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5/go.mod h1:llucikq1Q6I1Ps8rNV3St0bOY5RQMxYh1lpCaskyhPw= +github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0 h1:w9Yx0QWNhU2615kugQRIYSSR27GpZHkyRVdEHGi5PIY= +github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0/go.mod h1:llucikq1Q6I1Ps8rNV3St0bOY5RQMxYh1lpCaskyhPw= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2 h1:1Ipv5nooFuWg3iPGQPeh1WkUSJ96QFTqZQKMHPw9WHc= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2/go.mod h1:UtP1sSXq2FHHO7Lvn4mNplFS4x7oP4+uMIJIQ8+3JyY= github.com/aws/aws-sdk-go-v2/service/cloudfrontkeyvaluestore v1.12.14 h1:AfC0uaSoMsz32lAOMkTjyfSX1PZRYniqzyt6pJmf+00= @@ -1587,12 +1587,12 @@ github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11 h1:w+afQ/tvYUVdTiX1LhIm github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11/go.mod h1:w13K+4E6mjE6m5w3tDBZCs+S0zUiAse7M3qZg5ugecw= github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3 h1:AUYRw6eRXp6MjvKpTGRbNBmlfVRY7kEuClnMGv/zQQI= github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3/go.mod h1:6hxErkN8bbEtojNMVdGQPpL7j9+A/QKL+eDljfRIKMM= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13 h1:iGAveDY6U2fz2HhcrTqpPrQeo0yCKHWYnSjHcYsvCOQ= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13/go.mod h1:yPef5Em35Sb/89IIHAOarpsld8EuxyxuDVDlHj32LVA= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0 h1:dbSrsAKSNOOwNd1rtaZwiRSzjc6U9yIRMfymrEeCM9g= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0/go.mod h1:yPef5Em35Sb/89IIHAOarpsld8EuxyxuDVDlHj32LVA= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3 h1:fD9/X9n4O6fauKLp9BE848I3JcXVEliwlgliernxUhs= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3/go.mod h1:KSWhI1V5x80r8NUqs8QDkOazDolFqFUAjsyE5nYjKro= -github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9 h1:+NSIzl59vBK3g3nLUuLSb/I2F2OIucW6hX/B+NAPWDg= -github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9/go.mod h1:9/Q0/HtqBTLMksFse42wZjUq0jJrUuo4XlnXy/uSoeg= +github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0 h1:jqF36cdImXcEo63d52Wpdi2qTXOLTZSJF/71h9MP5jo= +github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0/go.mod h1:9/Q0/HtqBTLMksFse42wZjUq0jJrUuo4XlnXy/uSoeg= github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12 h1:j75xPdSialz4ipsvOpCtKl2VFb/ugc2PMgOfVvWjt6o= github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12/go.mod h1:9R9pEHnoKOjLs5dDREGyV1Ui2kWZgPPKz0VZd3juZhY= github.com/aws/aws-sdk-go-v2/service/codebuild v1.68.4 h1:rp7p7dTLS1qix2pVRT168GfZevumq0HoiytyrRG5e9o= @@ -1625,22 +1625,22 @@ github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3 h1:0oum8CeAFRcovMs github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3/go.mod h1:PzK50LObvBt9Mb2YxwsocMuck07wSMSR+eVU9CiV05M= github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4 h1:dY6ktQ8OfUkI6fTs0R9/3mAbYC6N1wEbjsGq2PLFms4= github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4/go.mod h1:8pBCQK4k6Qpff8QKM6gcCt2ZsluQFsNtNaa8ouEZLFc= -github.com/aws/aws-sdk-go-v2/service/connect v1.145.0 h1:6/a2kK8p4mwkgOBI/pynm9JOAcErojPUeK66X8YDhDo= -github.com/aws/aws-sdk-go-v2/service/connect v1.145.0/go.mod h1:4S/3f30iB9LArrLNHVRw/IWyGEGturV5Z5DF1rp3NsE= +github.com/aws/aws-sdk-go-v2/service/connect v1.146.0 h1:fL4XXNHdfBmVWSGgsBzoezErUf7knnLK5cCUe1F3eoQ= +github.com/aws/aws-sdk-go-v2/service/connect v1.146.0/go.mod h1:4S/3f30iB9LArrLNHVRw/IWyGEGturV5Z5DF1rp3NsE= github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3 h1:ZcrD31NLG/brevUHw8XSn74VHShleHUm5xy8uJC/1ek= github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3/go.mod h1:g0V7qnDiTliogqzfAiJrhrOAEKnY+XY3u7/FJ8sZEYU= github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2 h1:D5zM7WP5IWp4DMbtY8NdTemanN/MxGyp2vm8Eis0gQE= github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2/go.mod h1:ZQuFo9/qnryEiHaDdXGo0pgsC+uHYHheHzGq+Vem8xM= github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4 h1:aCPRvahOg+fH79Sk9wOZslIrQVAAPgC1JpGzj1s5ZBo= github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4/go.mod h1:z4Y8J/t7ktcqMxLtf4korP74Tg42Ov97FjuTDyFfJKw= -github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4 h1:4+ndtUixNsgYuPo2gdscLuHD4+fjXD2+qkUDNbXZKJw= -github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4/go.mod h1:sP89eC3imDzTgMk/N+gDwDqjeQgLLEt0PuU5NMBHBCo= -github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12 h1:l6SiywJK8lU2c8+gggG/SYRT3rKkZwD6acvn1j7DtiM= -github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12/go.mod h1:Ouo0lXAlK9jTlJeMt6LTL+G6kKOfoK7xks0TT5AwdlQ= +github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0 h1:nZrsl4tViAlW9+xkUpc4GXa9t0p3RIzGz9csmRrXR/s= +github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0/go.mod h1:sP89eC3imDzTgMk/N+gDwDqjeQgLLEt0PuU5NMBHBCo= +github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0 h1:8oTOAr895uaekGOozHzfH1zHGfBhSHZwpardvitnaCI= +github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0/go.mod h1:Ouo0lXAlK9jTlJeMt6LTL+G6kKOfoK7xks0TT5AwdlQ= github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5 h1:XJUCroqsUAG80W0jVK/Rb4QPF/YbZu/oVtmiGvF8gjI= github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5/go.mod h1:86sgcd46latOOSvQKbctenNsiEHnow3vip0OnwSqC54= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0 h1:adVVHirGpPxDlxeQDsxbz34EcYl1QrBJ0PDXsz0jdEU= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0/go.mod h1:Sc22CT1GPF61n0yJdqquFNvqoyfnQCZ+WS7Uz8daW8c= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0 h1:cJZPHHPjft5N0BNv9X0bsUdDNGGbTQiT2b7jiN+NYv4= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0/go.mod h1:Sc22CT1GPF61n0yJdqquFNvqoyfnQCZ+WS7Uz8daW8c= github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5 h1:gQDXbDgv5AW3treUAsfQGEeU3+ZmSEfb1TTpiDD7Gc8= github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5/go.mod h1:hu5s2BoJ9fqmyMoVVvYbAtTFOFg8lsr4TzgJnK58n2Q= github.com/aws/aws-sdk-go-v2/service/dataexchange v1.40.5 h1:P9xrOXwbBxBzq30eiCFUlVE8lUUe6YnHs8j9dQx4YEM= @@ -1649,14 +1649,14 @@ github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11 h1:ZmEqPDpJsiqkVqsRD7 github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11/go.mod h1:WZjvFO/jWbSRaxdkTmbL5GZu1HmPV2+DrDFmUCH0BKk= github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6 h1:pxK2rp4xZ073UMj7KUIX3Bwao02V6P+GXwvhOJW2Qkg= github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6/go.mod h1:35IO7OkYfIGQJeJ8IOFN7dPrregYgMMxBlSGpR0dEj8= -github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2 h1:z7XP0lFXJ88sFK13Erqt/9KoRGOyY9R9vpP278aNNvs= -github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2/go.mod h1:ELpY+QIvAO5sH048NMmxDNMDuAKWbRmHCl0rrNR4V5s= +github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0 h1:ON4CIIi/LgvXPKl+9FcuHI6evqfbFWbKvpngpS2IqvY= +github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0/go.mod h1:ELpY+QIvAO5sH048NMmxDNMDuAKWbRmHCl0rrNR4V5s= github.com/aws/aws-sdk-go-v2/service/dax v1.29.7 h1:d+Iq53DFhoJ4m+PKRCCosIodRTuWvlsh+LAWuOe7zWE= github.com/aws/aws-sdk-go-v2/service/dax v1.29.7/go.mod h1:LqCHisA88LmdWAT7R/FsvLksZZs7ghdIUwZsZSu0xKs= github.com/aws/aws-sdk-go-v2/service/detective v1.38.4 h1:iR9Cjiohq4R9veZr6DadbXEbKj1FADofRNJZ3hEjuwY= github.com/aws/aws-sdk-go-v2/service/detective v1.38.4/go.mod h1:cOhEIcmxoL4V4Uavp0LRUV30gYNTGiTd2G0/ECJlIls= -github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5 h1:SdjTtglkwBokc8S4ASXl4RHM9klZr0TS+Xm+ZGwvmyk= -github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5/go.mod h1:DOlSchQTITKhdLgShZBymT+x+kX6jSJx8ArGf2jvFVs= +github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0 h1:VdU+oiTksNqUwRw5xv6AkoVKq6RecX6HrZmWGm/7lpY= +github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0/go.mod h1:DOlSchQTITKhdLgShZBymT+x+kX6jSJx8ArGf2jvFVs= github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3 h1:pyh8Q7gwaW9mKsPG52ql7tarNkBn7jiYKmhXwzOAEO0= github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3/go.mod h1:pOx5GDFaf6hXYuvqq18r+Op5BCfuMuZKX2ZJgacqWNk= github.com/aws/aws-sdk-go-v2/service/directconnect v1.38.5 h1:XLpifFvzfFmQ0i4EX/xosiSt/yYEN7Wtw1LqffT3o0c= @@ -1673,16 +1673,16 @@ github.com/aws/aws-sdk-go-v2/service/drs v1.36.4 h1:HH+yOVt1hVdw3q5OyG6dYjMi5mg+ github.com/aws/aws-sdk-go-v2/service/drs v1.36.4/go.mod h1:qO9+wcb7meZj7R8VQd8QnHb+ZPRWdODsexKGr3ru7cA= github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2 h1:+dLCcQdBv+JiLDp25/cDm5GiK2vKg5+y1n+Lm+ve3zY= github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2/go.mod h1:qAIMlh9aATA3n6dbs3aHQD7MOCAN8km548KABpaxqUs= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6 h1:jlPkBSbMSpqVk47u9kqblihtXlmzYv3ZFXtuNKUNwDc= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6/go.mod h1:6eUUnWOJ8sucL5Uk8rPkFo8FYioM0CTNGHga8hwzXVc= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0 h1:WDY9IcD4z/ZCQP6YkZoTX/ck7mDGly88EmQV4VKidK4= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0/go.mod h1:NDdDLLW5PtLLXN661gKcvJvqAH5OBXsfhMlmKVu1/pY= -github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4 h1:Tlrn39J499be8wCeAzNTV3P8jdNSgZArLqJpRHRLd/k= -github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4/go.mod h1:1NVD1KuMjH2GqnPwMotPndQaT/MreKkWpjkF12d6oKU= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0 h1:oyaZ6mvMgqy3Vm2RMD6ni2sQi4G9T6ntOXP5/PFtnVs= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0/go.mod h1:6eUUnWOJ8sucL5Uk8rPkFo8FYioM0CTNGHga8hwzXVc= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0 h1:zWYlsIUX88ZSDiKQR4603gVjPLR7Wn1+/hv76lsrMvA= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0/go.mod h1:NDdDLLW5PtLLXN661gKcvJvqAH5OBXsfhMlmKVu1/pY= +github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0 h1:ReOAhAmW/8c2yLfr7fuLeD6WgXrp12yL27CCQMP6eQM= +github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0/go.mod h1:1NVD1KuMjH2GqnPwMotPndQaT/MreKkWpjkF12d6oKU= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4 h1:0rqbFeBlrTHNEIdrcH9g1yW0QjBOaCrGcTQ6sLcsH9w= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4/go.mod h1:x7gU4CAyAz4BsM9hlRkhHiYw2GIr1QCmN45uwQw9l/E= -github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4 h1:5tbrRKMqXCiMg0+7E21TiAvVJEt8uB+7d5FQ8+Fusqo= -github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4/go.mod h1:rrhqfkXfa2DSNq0RyFhnnFEAyI+yJB4+2QlZKeJvMjs= +github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0 h1:eKgxT+0Aj9zkdw2qcfCP9FyfrQlQwsfH7lQyeqwODmY= +github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0/go.mod h1:rrhqfkXfa2DSNq0RyFhnnFEAyI+yJB4+2QlZKeJvMjs= github.com/aws/aws-sdk-go-v2/service/efs v1.41.4 h1:Uk/tvWjdaeVQxmKTjleCJ05SPoXL5Upgq+rffBcolZI= github.com/aws/aws-sdk-go-v2/service/efs v1.41.4/go.mod h1:ddWcpZJhvKugMHfwzBsq3dtaBLH7PsTgtAyiL3BEdxo= github.com/aws/aws-sdk-go-v2/service/eks v1.74.9 h1:ugqH9Vu52QlUhpTbW75rsv0WA9k704DEwOCoxWsLy+4= @@ -1693,14 +1693,14 @@ github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.33.13 h1:l4FFXPDGzjr3bX github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.33.13/go.mod h1:V3Yl2vXro/+nzAmexAXOc1GdkTmEE+UHp0YMuTn5G5k= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13 h1:VygvbUZq3ancO3iutKRr5zsdVR3X5wQPFoYMD1P8hhg= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13/go.mod h1:ImGbJ8W4fb8KZekLSWCnuuabYN5WusCD7cnW4Nz7i14= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0 h1:ZEXlVNHNM5R4BCrK79Y/cXEEmkGFDhBBKz4YlEfgNRk= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0/go.mod h1:Uyo8wjqYyZaHVqoe+APHe4+THRGv4pctJzItYYnRe5Q= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0 h1:FW40Wq7eYkzoBc/7X4Ds7OLKXv+CM5w7n1mMN+qxSRI= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0/go.mod h1:Uyo8wjqYyZaHVqoe+APHe4+THRGv4pctJzItYYnRe5Q= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13 h1:hqyzd5cRYxvjVLa9FmmR39IM76hSNf+ROudLUpZviSE= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13/go.mod h1:GXyWYhCWYQQhGzxzNDU6CRL++zIsBgguWJFTa/iTOqI= github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12 h1:Aqvjf0SzPHFEq7stD7515Osa/l8dXxnkdZiwjTrGE6c= github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12/go.mod h1:hV8KFAz+flqQ0eHBEJYGU4NWzTqQBtrRyqVwfm3Gi2Q= -github.com/aws/aws-sdk-go-v2/service/emr v1.55.6 h1:OVHBFoQjAtZRkqZAHE0Jzj/0MQETOD74fx4+I85q8J8= -github.com/aws/aws-sdk-go-v2/service/emr v1.55.6/go.mod h1:NZatCe1XK65DogTuEG2emmEN3NIZtwLsXtJzWpkqSx0= +github.com/aws/aws-sdk-go-v2/service/emr v1.56.0 h1:g185SYMRcklpYhul88jlO00EMsuOpfAwcXoys9KaeNk= +github.com/aws/aws-sdk-go-v2/service/emr v1.56.0/go.mod h1:NZatCe1XK65DogTuEG2emmEN3NIZtwLsXtJzWpkqSx0= github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8 h1:h4R+o2xRhtn4SPIao+6aU1TVTYBk0CfoLd9bhXZ3OTw= github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8/go.mod h1:ncWhqV69Tim5BrNp98qdJfLvlD/WwCs5X3lBPgV62rs= github.com/aws/aws-sdk-go-v2/service/emrserverless v1.37.3 h1:axxXrvkaQcqcmEfNoIhU5oRLX7ufI2sAX+2a1j8xN1k= @@ -1719,36 +1719,36 @@ github.com/aws/aws-sdk-go-v2/service/fis v1.37.11 h1:Z0sI7NcI76E0ok3s29O5TVM0ye2 github.com/aws/aws-sdk-go-v2/service/fis v1.37.11/go.mod h1:Ja2eowkEbK8dfjWqxg96k4lkVjnf7YTUpEtQKHflynQ= github.com/aws/aws-sdk-go-v2/service/fms v1.44.12 h1:wqtKrEUifaZHVItsMfgAcHzHce8UUQfOvP6vDb2XqpY= github.com/aws/aws-sdk-go-v2/service/fms v1.44.12/go.mod h1:qKGD0P+Hxcbq4w6Q6PUrDDLd0C2PcgwLtIS2BT6+2yo= -github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2 h1:D8kSlmz5DdbmT34u5KLClYNBxYFqPP78zFOSNQGugqw= -github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2/go.mod h1:MCyHv+eBeciHOldY/pOKwp7j02Jo2HS1cpvThq2hSqs= +github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0 h1:pIzBzYXgK8naqPgQ0H7VDd6hEi05rZG6DCrAxsn9f2Q= +github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0/go.mod h1:MCyHv+eBeciHOldY/pOKwp7j02Jo2HS1cpvThq2hSqs= github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2 h1:cdqUPiNlaSdNumcrBGIag7Qpi6rHwLZHxBvjP08LDBs= github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2/go.mod h1:dcVPaAeS/WE1PQeOldz0EuPud1gttdoQXajAKhNf0rE= github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12 h1:8Az5fIk1L9pRU81KubxXn8QzUZJbticx8KBbTrc+s5c= github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12/go.mod h1:qkG1pn5qsa79Ovau5ZJ3DpYa9Ar534RyQU8PjjMalCM= github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5 h1:h80nAJssBG0S3yD8ZHoigFjmVFJIiL6jfx5FTUihdwo= github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5/go.mod h1:La9wJnRUasTkBLOLqH2JVrApk1WG0vui4MVyr+rGS8Y= -github.com/aws/aws-sdk-go-v2/service/glue v1.132.3 h1:0fKX7z08n3i9jI3m862Ktr4WJ+Re4a3XNv/wi/hHiis= -github.com/aws/aws-sdk-go-v2/service/glue v1.132.3/go.mod h1:KBo/tKQu4KUTMQ88jWZR79PNgEeDCD8QrO8oMmAq8ng= +github.com/aws/aws-sdk-go-v2/service/glue v1.133.0 h1:bIzOBSUg62ENeRK0t7p8TjdXDhGgVZppSVrSNYSzSgQ= +github.com/aws/aws-sdk-go-v2/service/glue v1.133.0/go.mod h1:KBo/tKQu4KUTMQ88jWZR79PNgEeDCD8QrO8oMmAq8ng= github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5 h1:eTAfP6KrOmbUK4at7wlX8vG7qc8Ao110th4/Lw7xxI4= github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5/go.mod h1:6tjVI48fzvjSAKY486cvKQPNeuIcV5YULNlFyAPZ+UU= github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12 h1:0OhsswAs8h4vSCyGYx283pH+3Ks4Qngui0/g/KOhUYc= github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12/go.mod h1:wXnnE8KHU07d8VHPGTibk+Kx2TXFaCsL92wJoPPvCvM= github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2 h1:BsyqAKq5RduYyz1muDRvvsKwXHd6yG/C+9TpdD+8O/o= github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2/go.mod h1:mg5Mut9Q671xNH+VvfaPBVvS4U9vLw1R5wz4bJvPjd4= -github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2 h1:jsD/jF8iLwdg6aVfQ9DwW7UUxr/sd4Mci0lG4y6Dv5w= -github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2/go.mod h1:U8kxZNr/dDtSqvr9L8e+fyqVmU/BNyI9fKWAatpu1CE= +github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0 h1:CMWFVQQDypdxhS1d4V19fP/Y3XNB72WLyteyafQMCsI= +github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0/go.mod h1:U8kxZNr/dDtSqvr9L8e+fyqVmU/BNyI9fKWAatpu1CE= github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4 h1:Dt34+Yu6fRgiZgSMoO6J65IMKawDGjJn7BkPvjrI0ns= github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4/go.mod h1:1GUJHZK3s9RIYhn/cLwh5/08/EfcnpCllSHWeJ23nVg= -github.com/aws/aws-sdk-go-v2/service/iam v1.50.2 h1:A03KM3Mo3IitRdM6dg1x5P+/POvDwAYD02YfoYkDgok= -github.com/aws/aws-sdk-go-v2/service/iam v1.50.2/go.mod h1:cuEMbL1mNtO1sUyT+DYDNIA8Y7aJG1oIdgHqUk29Uzk= +github.com/aws/aws-sdk-go-v2/service/iam v1.52.0 h1:tXH4OrcRq053tqoWcmk9V3yfeedhgoa8o1J04S5JeYc= +github.com/aws/aws-sdk-go-v2/service/iam v1.52.0/go.mod h1:cuEMbL1mNtO1sUyT+DYDNIA8Y7aJG1oIdgHqUk29Uzk= github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2 h1:Ch+EIqM8RIEtVQqQl14XazfYBCzzxiZ1f7jbrOJ5D+8= github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2/go.mod h1:uuQmaV23i5w+5Jy2XFnquY0Z41iR6oDDdu+Sqz6bsNg= -github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6 h1:FkOAC3Cf4lTzY/ucQxI8f3G1fZOfbj82JM6O+EmqT84= -github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6/go.mod h1:VD7bLCk88KQgyRB+yIQH9BNmtmSpwgRQ0Q7Wp1bsCuk= +github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0 h1:VTKPR2R1q0o7N7T0ilqSajWWTlKNjsSzxvu319pLitc= +github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0/go.mod h1:VD7bLCk88KQgyRB+yIQH9BNmtmSpwgRQ0Q7Wp1bsCuk= github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11 h1:I2WBSlw0rFVTTMDdg+7a77/kQFNKxJh1lJDZyI77ZTc= github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11/go.mod h1:Ce8Iac726mzXgIOgFkMllAZsgb5XTOjzC5og1vPkHu0= -github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12 h1:KC35deDW2vbbXPW14nUGgpf1lv3Qdg1wHhD9a1c2WDY= -github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12/go.mod h1:btzexzBLvYxamIptsxWMmHhXXx/FFmdKGgH96IM6HE8= +github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0 h1:gQW64ZGON3XG+UX2hDSHEXyRGd0YRxEqnyAYQRBK8tQ= +github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0/go.mod h1:btzexzBLvYxamIptsxWMmHhXXx/FFmdKGgH96IM6HE8= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 h1:x2Ibm/Af8Fi+BH+Hsn9TXGdT+hKbDd5XOTZxTMxDk7o= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3/go.mod h1:IW1jwyrQgMdhisceG8fQLmQIydcT/jWY21rFhzgaKwo= github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.4 h1:NvMjwvv8hpGUILarKw7Z4Q0w1H9anXKsesMxtw++MA4= @@ -1761,16 +1761,16 @@ github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13 h1:zhBJXdhWIFZ1a github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13/go.mod h1:JaaOeCE368qn2Hzi3sEzY6FgAZVCIYcC2nwbro2QCh8= github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4 h1:i0+jLDeUbGVMnbM062bNuqXSRGvxChArs5Z/HcetByo= github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4/go.mod h1:1J+jvIbqr9u7BwNyDWrriI1BsFBVMBEi6XP2T8QSAXw= -github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2 h1:hTmBpa2Wd6rg24XaW9Uw2d+gD/sTKuEBiYs60Y4XnBo= -github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2/go.mod h1:077SFzwNIDjtHm35vjTtBHkweLVXtd3ahiPqfxo9Jms= +github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0 h1:GmwiBzG6DhuL9w4MgrbUUHE+GFCJ9diSxbTAX27zTdo= +github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0/go.mod h1:077SFzwNIDjtHm35vjTtBHkweLVXtd3ahiPqfxo9Jms= github.com/aws/aws-sdk-go-v2/service/iot v1.69.11 h1:E1iadLmKaX8iqk4lIOenXnd52iORtxQItB5kOID2J48= github.com/aws/aws-sdk-go-v2/service/iot v1.69.11/go.mod h1:Qsm1SgHzgKxy9TPqGfVBL+ULu/LW1iIOTn7kbsFhWE8= github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5 h1:S7hZ3yWMpTG7jDJIQhWoob0vjAbS7g8VMmqDs+Rr0v8= github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5/go.mod h1:LWpDgCXaAZgKF5EH2xincNziWa0GkknDhx+ig0pAWzo= github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11 h1:3O57ECBVWgTITHZTmIsDdpaUUxGN2YULXDhBtea4A+Q= github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11/go.mod h1:gHijQmBJujk/KV3Y+trzDPVZ16MS5JkITQX5MqO3wiA= -github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2 h1:+h9k2C0aNDHttULtVkFlWyuQxE8ILi23gLDUDApJDGU= -github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2/go.mod h1:Duj0BV8XyPzvoVF2LYtLDTCoQkIJ+NU1ui7QyMyCM/Y= +github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0 h1:hOOY9fQ95Rfv/L6XRFiJTZlcf52dFQ5txxw49VbFT5k= +github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0/go.mod h1:Duj0BV8XyPzvoVF2LYtLDTCoQkIJ+NU1ui7QyMyCM/Y= github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12 h1:7ZayGxzuj2qFwCTUUVGHYS6hxHb5Uly1W4Lbau4BTXs= github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12/go.mod h1:wnbOw77+1dcXjlDl1JhSQmsO0+r3np9nFxvaX4HgUQ0= github.com/aws/aws-sdk-go-v2/service/kendra v1.60.12 h1:MSoRxnPxbIaotIGof/+4CCw1ftfVnvTfB0h+0xDuAJA= @@ -1789,14 +1789,14 @@ github.com/aws/aws-sdk-go-v2/service/kms v1.48.2 h1:aL8Y/AbB6I+uw0MjLbdo68NQ8t5l github.com/aws/aws-sdk-go-v2/service/kms v1.48.2/go.mod h1:VJcNH6BLr+3VJwinRKdotLOMglHO8mIKlD3ea5c7hbw= github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11 h1:hF1Qozl8Fh6C1bUeNaL0xLbTlsHaKmxHKFfA08q5mU8= github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11/go.mod h1:1oR3VqBIi345fZEqaBh7HbB/GKLZU5F1+nbXQV5csnY= -github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3 h1:s07xiAG7SmiCWPG7OyPMsZ2OR9J4NvHsoI+1l2fjCZE= -github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3/go.mod h1:X9xD+03BeNMi9vA0zcJ0rL4jaGRaBpB/54ukKjhz6ik= +github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0 h1:MrStO25Ef1TbXFzZr2pZPdwcFHyUgPxCX7MXz09Qk7k= +github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0/go.mod h1:X9xD+03BeNMi9vA0zcJ0rL4jaGRaBpB/54ukKjhz6ik= github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12 h1:dN62fbhBm0z/WOjTqQm7+vRpAPrLjFQd08TIhjvOhlA= github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12/go.mod h1://3iRAUIqql/dPeYQI4lIv4JA8FiZzgIifX0EiX+9uU= github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5 h1:C/Qq1lPIUMssyiBXzlhvOEEMPuLBuSqarHoXpRvML1M= github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5/go.mod h1:iE4e1/ovGtt3keD9WWXuHfjoascElN+sEwN0Ff5Tys4= -github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12 h1:pF5armn0G9bASuoIJWuHIXcsZGXmnBRrT5JspaIkkhY= -github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12/go.mod h1:jcWBQtwCe0xBJLEVkz4ny1N+SRNRQQdpPUT1MKRwyu0= +github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0 h1:alZjWGUSbcTTNYTrOhbFVh7B1mSgMuXEvmsxFybSKYo= +github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0/go.mod h1:jcWBQtwCe0xBJLEVkz4ny1N+SRNRQQdpPUT1MKRwyu0= github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12 h1:e6Q/2pgy/KKhpG8uBEq51rboXTepDcMKqmJTn1sv/Hg= github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12/go.mod h1:jXdt+CSYTcfzhA60pRhvdlBEGWkHdb96/4+v8hJrYxU= github.com/aws/aws-sdk-go-v2/service/lightsail v1.50.6 h1:cMYT6YsNkZjo4vguBxkgGCVffhaS0Dc2BZs/nGr4uLs= @@ -1809,16 +1809,16 @@ github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5 h1:36dEuPAWGx9dmFvxAbsaoueMqEx24 github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5/go.mod h1:TcXLSXdIt/knslZsVOxLz85TXJHYftEnZp2Pkqcmd/g= github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4 h1:9RF/3sDLXY55O2MJJl9iejd1IDuTMztpNdpYe9BigVk= github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4/go.mod h1:UqgjJRAxzo2p/JJAaa4U10r468sb5dB7XdTojQM3J6I= -github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6 h1:I/Eeyj62yurTCVSnDYOx29RamF4y905uqPHNBsd2jVc= -github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6/go.mod h1:h8kJMoJzHMU0zZWycpQpGmcxYLKhrhfC8RI1O4E4lv0= -github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3 h1:E/NpGJvshPtx3EQBdpPkKjlXNZLBuQlqmyQUY/AnTM0= -github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3/go.mod h1:69w+ev30uz0EQ+Z3brr3IecMA4D7Pkr3PtnQc0VGEZs= -github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5 h1:iJH598Dnl07aBdbNOj1jrAgvOQ7BVBDaqNZZYZxhkH4= -github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5/go.mod h1:SRJh9enbB1Urr1hv5+LKTbRlmXlhbjzvy3AwZkB7AHY= +github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0 h1:ZISa5LjOv1UP8/i0NZiFVFn0TRcLI8iceeW4MzyWOlk= +github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0/go.mod h1:h8kJMoJzHMU0zZWycpQpGmcxYLKhrhfC8RI1O4E4lv0= +github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0 h1:IQwKEYP9sQ4USJc+xX5N/P85SyLAsWk0Kxx2Bx/xz4k= +github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0/go.mod h1:69w+ev30uz0EQ+Z3brr3IecMA4D7Pkr3PtnQc0VGEZs= +github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0 h1:nkvCXOE1zFYMaq9A7SMAeY+TWPQ/fe0BTkls8SrfyDM= +github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0/go.mod h1:SRJh9enbB1Urr1hv5+LKTbRlmXlhbjzvy3AwZkB7AHY= github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12 h1:jw/o+ERI9EecbrQLGzrzHCPlpjd52ysHRkHV2G3T0lw= github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12/go.mod h1:7As8fD4Tr7DZAKWm0YOPFaoNymtw3xsCUkjQobfsZ7E= -github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5 h1:aYwnY2h9RS2PGixXD7ujCtTzPLuYGzgnmsaQBpsuD9s= -github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5/go.mod h1:w/Cotl6ORtnl+0i3hsOfzeV3bq5msbjgTrDhN57KTQU= +github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0 h1:0kXTtfY0fCyncN3yEf6UjeVRyouqUPLzrDCF/sRJqsE= +github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0/go.mod h1:w/Cotl6ORtnl+0i3hsOfzeV3bq5msbjgTrDhN57KTQU= github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12 h1:3uZcDQNSq2K8+l26JGiI5ruvs8C4ZjG/uiUDU81LLok= github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12/go.mod h1:eiBfqNKAQK1rLuvKJOc6n5r9JZjgvdcMjxHHJlQwO3o= github.com/aws/aws-sdk-go-v2/service/mediastore v1.29.12 h1:NcvtI4JsJXem0VZSkt2u7ODCF7GZpoXr6hakfgOdbqs= @@ -1835,10 +1835,10 @@ github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3 h1:PFGZA4R64W8ZvC+MF4qE7Qka github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3/go.mod h1:zZ58Zd5x0GGqnSgDLV4R3C1Xazzg3htNhg3kUpNB94M= github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11 h1:aHQda8rOysKlF7xSoPu9Qk5t2Ph5fyvrh/HWNEuNwYA= github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11/go.mod h1:dUFhAeruwm9ZYvMRk2JU6AR+YFcQ+4h34C3yNmz4T88= -github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7 h1:onil62NaIBJfreD+WSPQGDVaa/MCmgeUqk/fa7SWyBc= -github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7/go.mod h1:wCjIj4guias8uhaV3dqeSag/7v04X3xJQa4Ur9zJttc= -github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5 h1:Lctop1deQprhkm9mt/M8/7di8Zetaa3JmYgMG7XH/tI= -github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5/go.mod h1:jIxhoFIXY3j5+i8UsPKY1jSMSGP8wKG4rHh1nF8fmzw= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0 h1:gH0mo9odFg6ZI2g6pHcvihWMfCEjyOF0U271zEprUoc= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0/go.mod h1:wCjIj4guias8uhaV3dqeSag/7v04X3xJQa4Ur9zJttc= +github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0 h1:UiALLI9ec1KVMT+AJcXXIaknC3zkC7zzYoR/9DaX5K4= +github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0/go.mod h1:jIxhoFIXY3j5+i8UsPKY1jSMSGP8wKG4rHh1nF8fmzw= github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5 h1:yVU4b7twe9pLU5dxkC0D6lUEgcZa7zWizXuRbvHp/d8= github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5/go.mod h1:nikytN6kEOGDn0q0o2NzpF93khMy4sO69ZVnh7D0owM= github.com/aws/aws-sdk-go-v2/service/networkmonitor v1.13.4 h1:PmyRpUoTfR2J1CfvGB2qz6kBiOROgDoR95N6CWG2SbA= @@ -1853,8 +1853,8 @@ github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6 h1:MsffOU8pULJVmQ github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6/go.mod h1:2GvP5es3RAok0PA4Fx95x5fJ0Xn7muSESZFHw1vp1BM= github.com/aws/aws-sdk-go-v2/service/odb v1.5.6 h1:JLUu5UEdUX210Ojg5uTjzeRw5auZe6/10dd1vuCFlso= github.com/aws/aws-sdk-go-v2/service/odb v1.5.6/go.mod h1:jhCkBILzvRrCEyX2Wl+xn2BOBmrBedW7On1p1gzf3rA= -github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2 h1:fqcuJ3Pz8M2oPxOw4obh1Ua8jOfSkH2YEtSHFk7/Alg= -github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2/go.mod h1:iVj8M5s79sFaX4eWUnBihWn+7PPHSdmCH6EqWQoySE4= +github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0 h1:hN7HAN0qO5eLnh08ezJPfqsBBdNj6AWD7w5YQSLtYiM= +github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0/go.mod h1:iVj8M5s79sFaX4eWUnBihWn+7PPHSdmCH6EqWQoySE4= github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4 h1:7ijoIap1uO5GkJR6lzllEYYJxYp31nGQbKuyCbMMCZs= github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4/go.mod h1:oLdL9Vhmp6N8H/f8Ttak+0SdUKk1E7Iwe84z9doZ87Q= github.com/aws/aws-sdk-go-v2/service/organizations v1.46.4 h1:a8FVhpNC4CSPnlXcgHzyIxm2/8LpQ9F60WPV6+tyFmU= @@ -1867,8 +1867,8 @@ github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3 h1:Cws5mb47NYtq github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3/go.mod h1:GqTw5UV5AIwHTpaKzHzt2KjETEO+hoBdIxbA/s7Fxzc= github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12 h1:VIxyAXmasuMqPn26ayhxZX6FK2yD+1iHHL0WDcGVIgk= github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12/go.mod h1:GeIQIKjm5JhrcR/BB7x5DWPo2Bfhfm+Ui4w8x5TFz0I= -github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6 h1:T82fxRex2+YuYTx/PbKNCpCfEJY9A5c3aM2A7+t+HFg= -github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6/go.mod h1:lG3E3PuHFsK508yCPxHBtDoM7S5bVuZOCaqECHkEM64= +github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0 h1:jODJJvvzp3BtBc2rREK0foH2e8vyEhaCZ2z+nnOI/oE= +github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0/go.mod h1:lG3E3PuHFsK508yCPxHBtDoM7S5bVuZOCaqECHkEM64= github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12 h1:fvCN4jZKj+gNhl/miNYBAs0OnVDKYwqrWLjpWdIV/zU= github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12/go.mod h1:TmcGUQZpICbZKTvzURsi73eQMl/psfpgY/xse7pPf/4= github.com/aws/aws-sdk-go-v2/service/pinpointsmsvoicev2 v1.26.2 h1:LUeDu/bWhIz1eO8ANBlxcxm7bjv3BY6r4fF7p2CIDQE= @@ -1889,8 +1889,8 @@ github.com/aws/aws-sdk-go-v2/service/ram v1.34.13 h1:cr/kal5RvNdcBTmjjzOaRoBALpH github.com/aws/aws-sdk-go-v2/service/ram v1.34.13/go.mod h1:XVmWvCpgKVITq+ThzyDzJkCbVycgzv8P8KzdhwijsyQ= github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13 h1:NHQqKZhCNB6K7hNanxoMKZQ9ZSY7Osg9wJ/4JFmY4lU= github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13/go.mod h1:HSYlwezMfkOFle385IG72Np892kUVbGvYsdM+BEG+9U= -github.com/aws/aws-sdk-go-v2/service/rds v1.108.9 h1:KUw21X9a29jsgnYQSl9P85ya5AbOlIM151e7/FgdPO8= -github.com/aws/aws-sdk-go-v2/service/rds v1.108.9/go.mod h1:mGQNxzRLKlj1cQU5uaMIjAhle0HkSeZDwoPfP+/nRYk= +github.com/aws/aws-sdk-go-v2/service/rds v1.109.0 h1:kAHatNQ1iaWVqVoFcZr5k0+o3dNSrnd+QZRFq4uTvZY= +github.com/aws/aws-sdk-go-v2/service/rds v1.109.0/go.mod h1:mGQNxzRLKlj1cQU5uaMIjAhle0HkSeZDwoPfP+/nRYk= github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0 h1:Kmh10uuGvak38mlg3FcveihltgP5rXbVcguCj9j3Ms8= github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0/go.mod h1:nroSRWOCQNS3b/vooHNsxwT5KRXzO+A8ouHyKsQenRc= github.com/aws/aws-sdk-go-v2/service/redshiftdata v1.37.12 h1:oGiE4s2UAJmarRMSjui8/um4sqXnk2LFwPL+A1KV3UI= @@ -1905,12 +1905,12 @@ github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6 h1:kkoaQ06wQZ5Alq github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6/go.mod h1:3A/lTLOEWLwbIFsOrriZuVdhibD0E4riboU0VaoV1mc= github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14 h1:257Y5fn4QZOqofLk8ckt9yJT8LV57lpDEHKO4lchu6U= github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14/go.mod h1:6k9FPdJPkYmyrO0PFg1R+k3Rw5RYJT4MGdNqvodIGGY= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13 h1:bgZMYv1wMOsV1ug0/Hx/rs4fxbcFVipvOAwgsbhIons= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13/go.mod h1:+nL0z6xUm9NK9bOAkam66NQDgNH8Qa6T6SS3f8dkzXU= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0 h1:W8c1GPeHBlwIeuz+DuwvYaoRBrSDy1Cp8DwXIzXTAWg= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0/go.mod h1:+nL0z6xUm9NK9bOAkam66NQDgNH8Qa6T6SS3f8dkzXU= github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12 h1:voPlA/Poy1EatBhjehk4yVWnC+os9+Wn0VwxAB6aPzs= github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12/go.mod h1:/WVeeJKvbKmaTWEtt7y2005MHRKlh+Ee5Nr3qmPMQpY= -github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5 h1:4Uy8lhrh4E9jS/MtmzjuEuvX7zOZTbNuPe+zkvtvRRU= -github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag= +github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0 h1:UlmdpHo/xdaEB/80wOqcBVkzsPdmct02FuOfg5Rrd3U= +github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag= github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10 h1:+eeUZjA6+GoTYmFjOlfx21du3eljT6fea39jI3TWjDw= github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10/go.mod h1:lxTo/orhKjYQIgzo0ED2KQyU5yC7zPw6vgImZBp5Opc= github.com/aws/aws-sdk-go-v2/service/route53profiles v1.9.12 h1:6W3ERfxp0q+oNMinc59z4Uzcd5vDC4NOsIxFl71CNmI= @@ -1919,12 +1919,12 @@ github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5 h1:hT6 github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5/go.mod h1:uuKkzsDRNyxWABenHqS3Ms7KoEUf+3EHsNCnMBVMslo= github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12 h1:Iury32NIQy7GGFzQzPAUJlydeeo6O+Gf1iheLW8Ax9Y= github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12/go.mod h1:FPoma320xUxwC7BRaqJPYjpyIgbuxrAF//JdP9ybfjQ= -github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12 h1:6wIe7NqUr7//uLEra4C3Nj+qBYDgkZGuOSkKbAHk6LU= -github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12/go.mod h1:RtTRuj33VUDMd7i7eDEuhX2x69JWtPkWODE2b2TeiS4= -github.com/aws/aws-sdk-go-v2/service/rum v1.29.4 h1:BovZ2M7ho3rbf66dp8Qw/0nGFQgeGofU30Svst1rrew= -github.com/aws/aws-sdk-go-v2/service/rum v1.29.4/go.mod h1:aoij2zkJWvNtGzPvyaOZtNazKNjMBEVOmdDystHnh8g= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 h1:DhdbtDl4FdNlj31+xiRXANxEE+eC7n8JQz+/ilwQ8Uc= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= +github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0 h1:8dRPme2++LKhXPTD3VbiCGkwZ1tfPgwjkFwhpiMF1Yk= +github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0/go.mod h1:RtTRuj33VUDMd7i7eDEuhX2x69JWtPkWODE2b2TeiS4= +github.com/aws/aws-sdk-go-v2/service/rum v1.30.0 h1:EVwrOhq7sTe0luu/k/blau3VyU4ub/Mkw8yuTbF4yuU= +github.com/aws/aws-sdk-go-v2/service/rum v1.30.0/go.mod h1:aoij2zkJWvNtGzPvyaOZtNazKNjMBEVOmdDystHnh8g= +github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0 h1:b8FQI84BFRqCHjInLKS7bo+iSH8oVJ9C2noKC2H3jwY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9 h1:1GWUaLfzsa0AzsRQW3KUNkO1ZnD7ngR1aPedX9HwqxY= github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9/go.mod h1:c+ERB7DbWT1uR6QvBn7W0gB2YczXacCEoLegFLwPAE8= github.com/aws/aws-sdk-go-v2/service/s3outposts v1.34.3 h1:iCv2rBKUo+ZbWwZW+/sEjmAX+X0HsT9bgs9DqORRaPc= @@ -1933,14 +1933,14 @@ github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0 h1:11XumI/hI9fLn3MXs0rAAzU github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0/go.mod h1:t1l6loaBQWttife9bosS3OspbGv+CP18UbGxMIQie4A= github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2 h1:QX1IetutOdnutzPJ+FD9YnkguYqnIKGv9wDcZLaphWM= github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2/go.mod h1:+sgMaDJqPLY3w2QXsvbhgSlvIaQ4+4cYk6Cdp388Swg= -github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0 h1:jssTKZCJOasRgX5tOAFAJW31FbecOfmodXXB4HxrQzk= -github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0/go.mod h1:JnrlXHI1oM/gVNI0/NH1Ru4UZr4sWx/WZclCsJtbmCM= +github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0 h1:HJdoaripEfZVveELxCCgNdMsRXc9/5zNNMpr++nB2Lk= +github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0/go.mod h1:JnrlXHI1oM/gVNI0/NH1Ru4UZr4sWx/WZclCsJtbmCM= github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12 h1:VOBt5H2SeS7yGq7YIOp38dW2cLeEMjIULi68tvP6iE0= github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12/go.mod h1:UohrBXfiKjUlaqaMzj3jtBBfrNFSCjq+LLwDbtsvAIo= github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3 h1:s+siGYfqvmOJGiQJRRz/eUzsDJDZoQ6oN3F5m+AEL0I= github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3/go.mod h1:ipui3c5k/ozPT734rqfqsFgieDEny9ABk4sp7zCWjkM= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13 h1:fObpETM4TWD58Uqp9QiMVnYP7gT/IT3r/D+5m/K5MdI= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13/go.mod h1:QgVIY03/XoQs2iFr0MbQuQ/Tf1RwlkOvuySWMh1wph4= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0 h1:Wm8i2WjGbemRw3adxuKQAbzi3Uq7DgynajCxVnKGQyQ= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0/go.mod h1:QgVIY03/XoQs2iFr0MbQuQ/Tf1RwlkOvuySWMh1wph4= github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4 h1:PkMuUN9eBC5BrK3msGCz5lajFeCjG8qBJsK3e81pUzo= github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4/go.mod h1:QaXNTOs7OkNR7y9uFWajUymXwUh28Q7cTz3tqWiE6sc= github.com/aws/aws-sdk-go-v2/service/securitylake v1.25.4 h1:8wd+JhD0YwePy+QiMLpm/jMwNKhN6SdCZTJtB/nDiWI= @@ -1959,8 +1959,8 @@ github.com/aws/aws-sdk-go-v2/service/ses v1.34.11 h1:DZpXGSoAP6ZB0//dl31ZkRCrEVw github.com/aws/aws-sdk-go-v2/service/ses v1.34.11/go.mod h1:CeGX4LAFCsrBp24qazKmO/dwxghNCGbAoTbi64dGSEM= github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4 h1:T8XudbCBzHztu2uYYUzlAQhSMxWJVk7zya/7/RLocZE= github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4/go.mod h1:uxpQTTvKs2FUajNzmQic0lqMB5X0zjX8jpalkvkhIQI= -github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13 h1:5fNvCSe8ZIRoyoYpiio2bJ+wK2yKUbABYD5du+XEGT8= -github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13/go.mod h1:fhG61r7sW7WsxXcZAips5CFQta1i2sQwRaEQeQwSrks= +github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0 h1:nbTZ7tF36OMkm6anz5M35t9iqRKYGSInHCrHRWMvQQE= +github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0/go.mod h1:fhG61r7sW7WsxXcZAips5CFQta1i2sQwRaEQeQwSrks= github.com/aws/aws-sdk-go-v2/service/shield v1.34.12 h1:+TCfMnn82wi0zO4NzoqRNHlFIwWn0nQVGYxUZggnSFM= github.com/aws/aws-sdk-go-v2/service/shield v1.34.12/go.mod h1:6B2EvRYLO2QsWbNoEsxazaKhVufZBDPApqPkpQ2arJI= github.com/aws/aws-sdk-go-v2/service/signer v1.31.12 h1:HieRc7Lr0KPod0rv7dIa3F51/cGcV5yYCaUZNocJ6SA= @@ -1987,8 +1987,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 h1:gTsnx0xXNQ6SBbymoDvcoRHL github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo= github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4 h1:bz3k661WLBZIXESAlqqumtcYSQp2m8rjT8m1/b0QLUE= github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4/go.mod h1:JKIFhh/dRv/Ft85RarJH3G3ewl419X6gmD/1fEXjDnI= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 h1:HK5ON3KmQV2HcAunnx4sKLB9aPf3gKGwVAf7xnx0QT0= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.0 h1:JoO/STlEltv5nSbzbg709MLNW0/BWgyK2t/R9OWcCyQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.0/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= github.com/aws/aws-sdk-go-v2/service/swf v1.33.6 h1:VsuWtkucF7FwWd7cBXwXPx5BOU853UEws1maHKmY0iQ= github.com/aws/aws-sdk-go-v2/service/swf v1.33.6/go.mod h1:mmUGhXHOTZ0YLexnps/Zn0u5T+p9QkpGRpXuf5L2b7A= github.com/aws/aws-sdk-go-v2/service/synthetics v1.42.4 h1:XO316jX9V7JywHSsmjhgp19K0NUzFAXbGRUSIl5zABU= @@ -2013,16 +2013,16 @@ github.com/aws/aws-sdk-go-v2/service/waf v1.30.11 h1:Lq4PpRIWw/3HSansKRRhycylCwp github.com/aws/aws-sdk-go-v2/service/waf v1.30.11/go.mod h1:/wwPzZRBcPxG/kAOAzei/UX/FKo2H+aZcx0x99xJPpA= github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12 h1:kkie0K7P3VOnwJhaaofC4lbJpc82e3rbGKmXW+PjhHE= github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12/go.mod h1:eaFrizONYIw5QJPDxoBUr8NNM21ISTZDjFhkGVt4NZY= -github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2 h1:r7VvhLQqVmdjwxOZPD9xO72kLKo/lQyQTCXHgWWNuf0= -github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2/go.mod h1:RtLkquPOQfQASVPWLuXr4hJgaZ5ChNq7eWahkj/CoCQ= +github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0 h1:mZMnchrgTVjUinijiTKDh0tvz5HhzAoMXfIjOAWpdB4= +github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0/go.mod h1:RtLkquPOQfQASVPWLuXr4hJgaZ5ChNq7eWahkj/CoCQ= github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12 h1:niwCZWFfIaglbSRA1Cbc7fMCOfsmAfeaWX8ll25sfOI= github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12/go.mod h1:t6nyl94d8gQdt34LEo0SH4uGPNruy0T3oMaxcOHdWUU= github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10 h1:lznZYmkvDu6gHqSKpornaZw2WCwYDN/NYSpfziIgsr8= github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10/go.mod h1:JW6rMNuboHOnWx7I1fZfHAG1kcUiBZfTkZuD69oNw2w= github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4 h1:yX/JSkp/zildXMrGuqm7VRUn+S8an7dZt0Jyy8L6DVg= github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4/go.mod h1:TmJI48Dm4ftRxBmMoZOeC8Et2WEStJoPpv8BoXZ/eZw= -github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5 h1:GfSUfJZ6hKliKeaAGbFDREHxb63OGFu4l4h1jDN+viA= -github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5/go.mod h1:V4nPCxgIBn6Yf5JhnI3Cs0iKVTB+wkzXG8fEGYqLYkU= +github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0 h1:gfDV7Oa2SA+xTJxWZwPiGF/aBew2/OVIGRZ1qipeZ6Q= +github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0/go.mod h1:V4nPCxgIBn6Yf5JhnI3Cs0iKVTB+wkzXG8fEGYqLYkU= github.com/aws/aws-sdk-go-v2/service/xray v1.36.11 h1:K0g9kBUVHv8da1OpfeLbvteZyTy2dUWBO2ZfwYXw1D8= github.com/aws/aws-sdk-go-v2/service/xray v1.36.11/go.mod h1:JghyUyM7u0syGGk+S5Res2mLfceuyLigCgtcrpsEESM= github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM= @@ -3309,8 +3309,8 @@ golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632 golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8= -golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= -golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= +golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= +golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= diff --git a/patches/0001-De-deprecate-bucket_object.patch b/patches/0001-De-deprecate-bucket_object.patch index a4591d687ed..90a6b86d67d 100644 --- a/patches/0001-De-deprecate-bucket_object.patch +++ b/patches/0001-De-deprecate-bucket_object.patch @@ -5,7 +5,7 @@ Subject: [PATCH] De-deprecate bucket_object diff --git a/internal/service/s3/bucket_object.go b/internal/service/s3/bucket_object.go -index 84953e82f4b..03538985788 100644 +index 18121bed696..43619799a34 100644 --- a/internal/service/s3/bucket_object.go +++ b/internal/service/s3/bucket_object.go @@ -67,7 +67,7 @@ func resourceBucketObject() *schema.Resource { diff --git a/patches/0003-Workaround-Autoscaling-launch_configuration-associat.patch b/patches/0003-Workaround-Autoscaling-launch_configuration-associat.patch index 18dbc9d51da..379d8913210 100644 --- a/patches/0003-Workaround-Autoscaling-launch_configuration-associat.patch +++ b/patches/0003-Workaround-Autoscaling-launch_configuration-associat.patch @@ -7,7 +7,7 @@ Subject: [PATCH] Workaround Autoscaling launch_configuration - Disable computation of property until fixed. diff --git a/internal/service/autoscaling/launch_configuration.go b/internal/service/autoscaling/launch_configuration.go -index 370b7b8630f..7917761fad5 100644 +index db237b0f2ad..f66659a28eb 100644 --- a/internal/service/autoscaling/launch_configuration.go +++ b/internal/service/autoscaling/launch_configuration.go @@ -52,7 +52,8 @@ func resourceLaunchConfiguration() *schema.Resource { diff --git a/patches/0009-Change-default-descriptions-to-Managed-by-Pulumi.patch b/patches/0009-Change-default-descriptions-to-Managed-by-Pulumi.patch index 1f61a4d1de7..d53cbe8fb31 100644 --- a/patches/0009-Change-default-descriptions-to-Managed-by-Pulumi.patch +++ b/patches/0009-Change-default-descriptions-to-Managed-by-Pulumi.patch @@ -44,7 +44,7 @@ index 08ea92079f6..ad0004ee9e9 100644 }, "etag": { diff --git a/internal/service/docdb/cluster_parameter_group.go b/internal/service/docdb/cluster_parameter_group.go -index d76992a040b..245a84586a2 100644 +index b34937813ae..0d639a6263c 100644 --- a/internal/service/docdb/cluster_parameter_group.go +++ b/internal/service/docdb/cluster_parameter_group.go @@ -49,7 +49,7 @@ func resourceClusterParameterGroup() *schema.Resource { diff --git a/patches/0011-Fix-elbv2-target-group-read-to-workaround-2517.patch b/patches/0011-Fix-elbv2-target-group-read-to-workaround-2517.patch index a99889bfda8..e239a74d9a3 100644 --- a/patches/0011-Fix-elbv2-target-group-read-to-workaround-2517.patch +++ b/patches/0011-Fix-elbv2-target-group-read-to-workaround-2517.patch @@ -5,7 +5,7 @@ Subject: [PATCH] Fix elbv2 target group read to workaround #2517 diff --git a/internal/service/elbv2/target_group.go b/internal/service/elbv2/target_group.go -index d5b051f0e2d..bbdc4750c42 100644 +index b5b46900e74..8a9f0cb5c9b 100644 --- a/internal/service/elbv2/target_group.go +++ b/internal/service/elbv2/target_group.go @@ -633,19 +633,19 @@ func resourceTargetGroupRead(ctx context.Context, d *schema.ResourceData, meta a diff --git a/patches/0016-update-apn-info.patch b/patches/0016-update-apn-info.patch index 688ada9880f..b2d73678698 100644 --- a/patches/0016-update-apn-info.patch +++ b/patches/0016-update-apn-info.patch @@ -5,18 +5,18 @@ Subject: [PATCH] update apn info diff --git a/internal/conns/config.go b/internal/conns/config.go -index 6c47241c115..c983abba23f 100644 +index 90f85d5a691..552107e5bb3 100644 --- a/internal/conns/config.go +++ b/internal/conns/config.go -@@ -22,7 +22,6 @@ import ( - "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" +@@ -23,7 +23,6 @@ import ( tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + "github.com/hashicorp/terraform-provider-aws/internal/tags/tagpolicy" "github.com/hashicorp/terraform-provider-aws/names" - "github.com/hashicorp/terraform-provider-aws/version" ) type Config struct { -@@ -76,10 +75,10 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS +@@ -78,10 +77,10 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS AccessKey: c.AccessKey, AllowedAccountIds: c.AllowedAccountIds, APNInfo: &awsbase.APNInfo{ diff --git a/patches/0025-Adding-APN-1.1-marketplace-identifier-to-User-Agent-.patch b/patches/0025-Adding-APN-1.1-marketplace-identifier-to-User-Agent-.patch index 1e8931fc485..fb4fb612b99 100644 --- a/patches/0025-Adding-APN-1.1-marketplace-identifier-to-User-Agent-.patch +++ b/patches/0025-Adding-APN-1.1-marketplace-identifier-to-User-Agent-.patch @@ -6,10 +6,10 @@ Subject: [PATCH] Adding APN 1.1 marketplace identifier to User Agent request diff --git a/internal/conns/config.go b/internal/conns/config.go -index c983abba23f..72a00696165 100644 +index 552107e5bb3..0c91ca7137b 100644 --- a/internal/conns/config.go +++ b/internal/conns/config.go -@@ -79,6 +79,7 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS +@@ -81,6 +81,7 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS Products: []awsbase.UserAgentProduct{ {Name: "Pulumi", Version: "1.0"}, {Name: "Pulumi-Aws", Version: c.TerraformVersion, Comment: "+https://pulumi.com"}, diff --git a/provider/cmd/pulumi-resource-aws/bridge-metadata.json b/provider/cmd/pulumi-resource-aws/bridge-metadata.json index 1db11503a4c..bc7982fc01b 100644 --- a/provider/cmd/pulumi-resource-aws/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-aws/bridge-metadata.json @@ -250,6 +250,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": true, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": true } @@ -295,6 +312,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": true, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": true } @@ -4494,7 +4528,17 @@ "elem": { "fields": { "filters_config": { - "maxItemsOne": false + "maxItemsOne": false, + "elem": { + "fields": { + "input_modalities": { + "maxItemsOne": false + }, + "output_modalities": { + "maxItemsOne": false + } + } + } }, "tier_config": { "maxItemsOne": false @@ -5543,6 +5587,26 @@ "maxItemsOne": true, "elem": { "fields": { + "code_configuration": { + "maxItemsOne": true, + "elem": { + "fields": { + "code": { + "maxItemsOne": true, + "elem": { + "fields": { + "s3": { + "maxItemsOne": true + } + } + } + }, + "entry_point": { + "maxItemsOne": false + } + } + } + }, "container_configuration": { "maxItemsOne": true } @@ -6117,6 +6181,45 @@ } } }, + "aws_billing_view": { + "current": "aws:billing/view:View", + "majorVersion": 7, + "fields": { + "data_filter_expression": { + "maxItemsOne": true, + "elem": { + "fields": { + "dimensions": { + "maxItemsOne": true, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + }, + "tags": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + }, + "time_range": { + "maxItemsOne": true + } + } + } + }, + "source_views": { + "maxItemsOne": false + } + } + }, "aws_budgets_budget": { "current": "aws:budgets/budget:Budget", "majorVersion": 7, @@ -12252,6 +12355,9 @@ } } }, + "global_table_witness": { + "maxItemsOne": true + }, "import_table": { "maxItemsOne": true, "elem": { @@ -20232,6 +20338,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": true, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": true } @@ -20277,6 +20400,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": true, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": true } @@ -159516,6 +159656,9 @@ "fields": { "apply_server_side_encryption_by_default": { "maxItemsOne": true + }, + "blocked_encryption_types": { + "maxItemsOne": false } } } @@ -160942,6 +161085,23 @@ "maxItemsOne": false, "elem": { "fields": { + "additional_model_data_source": { + "maxItemsOne": false, + "elem": { + "fields": { + "s3_data_source": { + "maxItemsOne": false, + "elem": { + "fields": { + "model_access_config": { + "maxItemsOne": true + } + } + } + } + } + } + }, "image_config": { "maxItemsOne": true, "elem": { @@ -160982,6 +161142,23 @@ "maxItemsOne": true, "elem": { "fields": { + "additional_model_data_source": { + "maxItemsOne": false, + "elem": { + "fields": { + "s3_data_source": { + "maxItemsOne": false, + "elem": { + "fields": { + "model_access_config": { + "maxItemsOne": true + } + } + } + } + } + } + }, "image_config": { "maxItemsOne": true, "elem": { @@ -165088,6 +165265,10 @@ "current": "aws:vpclattice/authPolicy:AuthPolicy", "majorVersion": 7 }, + "aws_vpclattice_domain_verification": { + "current": "aws:vpclattice/domainVerification:DomainVerification", + "majorVersion": 7 + }, "aws_vpclattice_listener": { "current": "aws:vpclattice/listener:Listener", "majorVersion": 7, @@ -229577,6 +229758,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": false } @@ -238212,6 +238410,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": false } @@ -238253,6 +238468,23 @@ } } }, + "jwt_validation": { + "maxItemsOne": false, + "elem": { + "fields": { + "additional_claim": { + "maxItemsOne": false, + "elem": { + "fields": { + "values": { + "maxItemsOne": false + } + } + } + } + } + } + }, "redirect": { "maxItemsOne": false } @@ -285178,6 +285410,7 @@ "aws:bedrock/inferenceProfile:InferenceProfile": 1, "aws:bedrock/provisionedModelThroughput:ProvisionedModelThroughput": 1, "aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration": 1, + "aws:billing/view:View": 1, "aws:budgets/budget:Budget": 0, "aws:budgets/budgetAction:BudgetAction": 0, "aws:cfg/aggregateAuthorization:AggregateAuthorization": 0, @@ -286493,6 +286726,7 @@ "aws:vpc/securityGroupVpcAssociation:SecurityGroupVpcAssociation": 1, "aws:vpclattice/accessLogSubscription:AccessLogSubscription": 0, "aws:vpclattice/authPolicy:AuthPolicy": 0, + "aws:vpclattice/domainVerification:DomainVerification": 1, "aws:vpclattice/listener:Listener": 0, "aws:vpclattice/listenerRule:ListenerRule": 0, "aws:vpclattice/resourceConfiguration:ResourceConfiguration": 1, diff --git a/provider/cmd/pulumi-resource-aws/runtime-bridge-metadata.json b/provider/cmd/pulumi-resource-aws/runtime-bridge-metadata.json index aa77f7487b6..0eb5c753477 100644 --- a/provider/cmd/pulumi-resource-aws/runtime-bridge-metadata.json +++ b/provider/cmd/pulumi-resource-aws/runtime-bridge-metadata.json @@ -1 +1 @@ -{"auto-settings":{"resources":{"aws_auditmanager_control":{"maxItemsOneOverrides":{"control_mapping_sources.$.source_keyword":true}},"aws_chime_voice_connector_origination":{"renames":["aws:chime/voiceConnectorOrganization:VoiceConnectorOrganization"]},"aws_directory_service_conditional_forwarder":{"renames":["aws:directoryservice/conditionalForwader:ConditionalForwader"]},"aws_directory_service_log_subscription":{"renames":["aws:directoryservice/logService:LogService"]},"aws_lexv2models_slot":{"maxItemsOneOverrides":{"sub_slot_setting":false}},"aws_s3_bucket":{"renames":["aws:s3/bucketV2:BucketV2"]},"aws_s3_bucket_accelerate_configuration":{"aliases":["aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2"]},"aws_s3_bucket_acl":{"aliases":["aws:s3/bucketAclV2:BucketAclV2"]},"aws_s3_bucket_cors_configuration":{"aliases":["aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2"]},"aws_s3_bucket_lifecycle_configuration":{"aliases":["aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2"]},"aws_s3_bucket_logging":{"aliases":["aws:s3/bucketLoggingV2:BucketLoggingV2"]},"aws_s3_bucket_object_lock_configuration":{"aliases":["aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2"]},"aws_s3_bucket_request_payment_configuration":{"aliases":["aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2"]},"aws_s3_bucket_server_side_encryption_configuration":{"aliases":["aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2"]},"aws_s3_bucket_versioning":{"aliases":["aws:s3/bucketVersioningV2:BucketVersioningV2"]},"aws_s3_bucket_website_configuration":{"aliases":["aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2"]},"aws_ssmquicksetup_configuration_manager":{"maxItemsOneOverrides":{"configuration_definition":true}},"aws_workspacesweb_browser_settings":{"renames":["aws:workspaces/webBrowserSettings:WebBrowserSettings"]},"aws_workspacesweb_network_settings":{"renames":["aws:workspaces/webNetworkSettings:WebNetworkSettings"]},"aws_workspacesweb_user_settings":{"renames":["aws:workspaces/webUserSettings:WebUserSettings"]}},"datasources":{"aws_auditmanager_control":{"maxItemsOneOverrides":{"control_mapping_sources.$.source_keyword":true}},"aws_opensearch_domain":{"maxItemsOneOverrides":{"off_peak_window_options":true}},"aws_vpn_connection":{"renames":["aws:vpn/getConnection:getConnection"]}}},"mux":{"resources":{"aws:accessanalyzer/analyzer:Analyzer":0,"aws:accessanalyzer/archiveRule:ArchiveRule":0,"aws:account/alternativeContact:AlternativeContact":0,"aws:account/primaryContact:PrimaryContact":0,"aws:account/region:Region":0,"aws:acm/certificate:Certificate":0,"aws:acm/certificateValidation:CertificateValidation":0,"aws:acmpca/certificate:Certificate":0,"aws:acmpca/certificateAuthority:CertificateAuthority":0,"aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate":0,"aws:acmpca/permission:Permission":0,"aws:acmpca/policy:Policy":0,"aws:alb/listener:Listener":0,"aws:alb/listenerCertificate:ListenerCertificate":0,"aws:alb/listenerRule:ListenerRule":0,"aws:alb/loadBalancer:LoadBalancer":0,"aws:alb/targetGroup:TargetGroup":0,"aws:alb/targetGroupAttachment:TargetGroupAttachment":0,"aws:amp/alertManagerDefinition:AlertManagerDefinition":0,"aws:amp/queryLoggingConfiguration:QueryLoggingConfiguration":1,"aws:amp/resourcePolicy:ResourcePolicy":1,"aws:amp/ruleGroupNamespace:RuleGroupNamespace":0,"aws:amp/scraper:Scraper":1,"aws:amp/workspace:Workspace":0,"aws:amp/workspaceConfiguration:WorkspaceConfiguration":1,"aws:amplify/app:App":0,"aws:amplify/backendEnvironment:BackendEnvironment":0,"aws:amplify/branch:Branch":0,"aws:amplify/domainAssociation:DomainAssociation":0,"aws:amplify/webhook:Webhook":0,"aws:apigateway/account:Account":1,"aws:apigateway/apiKey:ApiKey":0,"aws:apigateway/authorizer:Authorizer":0,"aws:apigateway/basePathMapping:BasePathMapping":0,"aws:apigateway/clientCertificate:ClientCertificate":0,"aws:apigateway/deployment:Deployment":0,"aws:apigateway/documentationPart:DocumentationPart":0,"aws:apigateway/documentationVersion:DocumentationVersion":0,"aws:apigateway/domainName:DomainName":0,"aws:apigateway/domainNameAccessAssociation:DomainNameAccessAssociation":1,"aws:apigateway/integration:Integration":0,"aws:apigateway/integrationResponse:IntegrationResponse":0,"aws:apigateway/method:Method":0,"aws:apigateway/methodResponse:MethodResponse":0,"aws:apigateway/methodSettings:MethodSettings":0,"aws:apigateway/model:Model":0,"aws:apigateway/requestValidator:RequestValidator":0,"aws:apigateway/resource:Resource":0,"aws:apigateway/response:Response":0,"aws:apigateway/restApi:RestApi":0,"aws:apigateway/restApiPolicy:RestApiPolicy":0,"aws:apigateway/restApiPut:RestApiPut":1,"aws:apigateway/stage:Stage":0,"aws:apigateway/usagePlan:UsagePlan":0,"aws:apigateway/usagePlanKey:UsagePlanKey":0,"aws:apigateway/vpcLink:VpcLink":0,"aws:apigatewayv2/api:Api":0,"aws:apigatewayv2/apiMapping:ApiMapping":0,"aws:apigatewayv2/authorizer:Authorizer":0,"aws:apigatewayv2/deployment:Deployment":0,"aws:apigatewayv2/domainName:DomainName":0,"aws:apigatewayv2/integration:Integration":0,"aws:apigatewayv2/integrationResponse:IntegrationResponse":0,"aws:apigatewayv2/model:Model":0,"aws:apigatewayv2/route:Route":0,"aws:apigatewayv2/routeResponse:RouteResponse":0,"aws:apigatewayv2/stage:Stage":0,"aws:apigatewayv2/vpcLink:VpcLink":0,"aws:appautoscaling/policy:Policy":0,"aws:appautoscaling/scheduledAction:ScheduledAction":0,"aws:appautoscaling/target:Target":0,"aws:appconfig/application:Application":0,"aws:appconfig/configurationProfile:ConfigurationProfile":0,"aws:appconfig/deployment:Deployment":0,"aws:appconfig/deploymentStrategy:DeploymentStrategy":0,"aws:appconfig/environment:Environment":1,"aws:appconfig/eventIntegration:EventIntegration":0,"aws:appconfig/extension:Extension":0,"aws:appconfig/extensionAssociation:ExtensionAssociation":0,"aws:appconfig/hostedConfigurationVersion:HostedConfigurationVersion":0,"aws:appfabric/appAuthorization:AppAuthorization":1,"aws:appfabric/appAuthorizationConnection:AppAuthorizationConnection":1,"aws:appfabric/appBundle:AppBundle":1,"aws:appfabric/ingestion:Ingestion":1,"aws:appfabric/ingestionDestination:IngestionDestination":1,"aws:appflow/connectorProfile:ConnectorProfile":0,"aws:appflow/flow:Flow":0,"aws:appintegrations/dataIntegration:DataIntegration":0,"aws:applicationinsights/application:Application":0,"aws:appmesh/gatewayRoute:GatewayRoute":0,"aws:appmesh/mesh:Mesh":0,"aws:appmesh/route:Route":0,"aws:appmesh/virtualGateway:VirtualGateway":0,"aws:appmesh/virtualNode:VirtualNode":0,"aws:appmesh/virtualRouter:VirtualRouter":0,"aws:appmesh/virtualService:VirtualService":0,"aws:apprunner/autoScalingConfigurationVersion:AutoScalingConfigurationVersion":0,"aws:apprunner/connection:Connection":0,"aws:apprunner/customDomainAssociation:CustomDomainAssociation":0,"aws:apprunner/defaultAutoScalingConfigurationVersion:DefaultAutoScalingConfigurationVersion":1,"aws:apprunner/deployment:Deployment":1,"aws:apprunner/observabilityConfiguration:ObservabilityConfiguration":0,"aws:apprunner/service:Service":0,"aws:apprunner/vpcConnector:VpcConnector":0,"aws:apprunner/vpcIngressConnection:VpcIngressConnection":0,"aws:appstream/directoryConfig:DirectoryConfig":0,"aws:appstream/fleet:Fleet":0,"aws:appstream/fleetStackAssociation:FleetStackAssociation":0,"aws:appstream/imageBuilder:ImageBuilder":0,"aws:appstream/stack:Stack":0,"aws:appstream/user:User":0,"aws:appstream/userStackAssociation:UserStackAssociation":0,"aws:appsync/api:Api":1,"aws:appsync/apiCache:ApiCache":0,"aws:appsync/apiKey:ApiKey":0,"aws:appsync/channelNamespace:ChannelNamespace":1,"aws:appsync/dataSource:DataSource":0,"aws:appsync/domainName:DomainName":0,"aws:appsync/domainNameApiAssociation:DomainNameApiAssociation":0,"aws:appsync/function:Function":0,"aws:appsync/graphQLApi:GraphQLApi":0,"aws:appsync/resolver:Resolver":0,"aws:appsync/sourceApiAssociation:SourceApiAssociation":1,"aws:appsync/type:Type":0,"aws:athena/capacityReservation:CapacityReservation":1,"aws:athena/dataCatalog:DataCatalog":0,"aws:athena/database:Database":0,"aws:athena/namedQuery:NamedQuery":0,"aws:athena/preparedStatement:PreparedStatement":0,"aws:athena/workgroup:Workgroup":0,"aws:auditmanager/accountRegistration:AccountRegistration":1,"aws:auditmanager/assessment:Assessment":1,"aws:auditmanager/assessmentDelegation:AssessmentDelegation":1,"aws:auditmanager/assessmentReport:AssessmentReport":1,"aws:auditmanager/control:Control":1,"aws:auditmanager/framework:Framework":1,"aws:auditmanager/frameworkShare:FrameworkShare":1,"aws:auditmanager/organizationAdminAccountRegistration:OrganizationAdminAccountRegistration":1,"aws:autoscaling/attachment:Attachment":0,"aws:autoscaling/group:Group":0,"aws:autoscaling/lifecycleHook:LifecycleHook":0,"aws:autoscaling/notification:Notification":0,"aws:autoscaling/policy:Policy":0,"aws:autoscaling/schedule:Schedule":0,"aws:autoscaling/tag:Tag":0,"aws:autoscaling/trafficSourceAttachment:TrafficSourceAttachment":0,"aws:autoscalingplans/scalingPlan:ScalingPlan":0,"aws:backup/framework:Framework":0,"aws:backup/globalSettings:GlobalSettings":0,"aws:backup/logicallyAirGappedVault:LogicallyAirGappedVault":1,"aws:backup/plan:Plan":0,"aws:backup/regionSettings:RegionSettings":0,"aws:backup/reportPlan:ReportPlan":0,"aws:backup/restoreTestingPlan:RestoreTestingPlan":1,"aws:backup/restoreTestingSelection:RestoreTestingSelection":1,"aws:backup/selection:Selection":0,"aws:backup/vault:Vault":0,"aws:backup/vaultLockConfiguration:VaultLockConfiguration":0,"aws:backup/vaultNotifications:VaultNotifications":0,"aws:backup/vaultPolicy:VaultPolicy":0,"aws:batch/computeEnvironment:ComputeEnvironment":0,"aws:batch/jobDefinition:JobDefinition":0,"aws:batch/jobQueue:JobQueue":1,"aws:batch/schedulingPolicy:SchedulingPolicy":0,"aws:bcmdata/export:Export":1,"aws:bedrock/agentAgent:AgentAgent":1,"aws:bedrock/agentAgentActionGroup:AgentAgentActionGroup":1,"aws:bedrock/agentAgentAlias:AgentAgentAlias":1,"aws:bedrock/agentAgentCollaborator:AgentAgentCollaborator":1,"aws:bedrock/agentAgentKnowledgeBaseAssociation:AgentAgentKnowledgeBaseAssociation":1,"aws:bedrock/agentDataSource:AgentDataSource":1,"aws:bedrock/agentFlow:AgentFlow":1,"aws:bedrock/agentKnowledgeBase:AgentKnowledgeBase":1,"aws:bedrock/agentPrompt:AgentPrompt":1,"aws:bedrock/agentcoreAgentRuntime:AgentcoreAgentRuntime":1,"aws:bedrock/agentcoreAgentRuntimeEndpoint:AgentcoreAgentRuntimeEndpoint":1,"aws:bedrock/agentcoreApiKeyCredentialProvider:AgentcoreApiKeyCredentialProvider":1,"aws:bedrock/agentcoreBrowser:AgentcoreBrowser":1,"aws:bedrock/agentcoreCodeInterpreter:AgentcoreCodeInterpreter":1,"aws:bedrock/agentcoreGateway:AgentcoreGateway":1,"aws:bedrock/agentcoreGatewayTarget:AgentcoreGatewayTarget":1,"aws:bedrock/agentcoreMemory:AgentcoreMemory":1,"aws:bedrock/agentcoreMemoryStrategy:AgentcoreMemoryStrategy":1,"aws:bedrock/agentcoreOauth2CredentialProvider:AgentcoreOauth2CredentialProvider":1,"aws:bedrock/agentcoreTokenVaultCmk:AgentcoreTokenVaultCmk":1,"aws:bedrock/agentcoreWorkloadIdentity:AgentcoreWorkloadIdentity":1,"aws:bedrock/customModel:CustomModel":1,"aws:bedrock/guardrail:Guardrail":1,"aws:bedrock/guardrailVersion:GuardrailVersion":1,"aws:bedrock/inferenceProfile:InferenceProfile":1,"aws:bedrock/provisionedModelThroughput:ProvisionedModelThroughput":1,"aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration":1,"aws:budgets/budget:Budget":0,"aws:budgets/budgetAction:BudgetAction":0,"aws:cfg/aggregateAuthorization:AggregateAuthorization":0,"aws:cfg/configurationAggregator:ConfigurationAggregator":0,"aws:cfg/conformancePack:ConformancePack":0,"aws:cfg/deliveryChannel:DeliveryChannel":0,"aws:cfg/organizationConformancePack:OrganizationConformancePack":0,"aws:cfg/organizationCustomPolicyRule:OrganizationCustomPolicyRule":0,"aws:cfg/organizationCustomRule:OrganizationCustomRule":0,"aws:cfg/organizationManagedRule:OrganizationManagedRule":0,"aws:cfg/recorder:Recorder":0,"aws:cfg/recorderStatus:RecorderStatus":0,"aws:cfg/remediationConfiguration:RemediationConfiguration":0,"aws:cfg/retentionConfiguration:RetentionConfiguration":1,"aws:cfg/rule:Rule":0,"aws:chatbot/slackChannelConfiguration:SlackChannelConfiguration":1,"aws:chatbot/teamsChannelConfiguration:TeamsChannelConfiguration":1,"aws:chime/sdkvoiceGlobalSettings:SdkvoiceGlobalSettings":0,"aws:chime/sdkvoiceSipMediaApplication:SdkvoiceSipMediaApplication":0,"aws:chime/sdkvoiceSipRule:SdkvoiceSipRule":0,"aws:chime/sdkvoiceVoiceProfileDomain:SdkvoiceVoiceProfileDomain":0,"aws:chime/voiceConnector:VoiceConnector":0,"aws:chime/voiceConnectorGroup:VoiceConnectorGroup":0,"aws:chime/voiceConnectorLogging:VoiceConnectorLogging":0,"aws:chime/voiceConnectorOrigination:VoiceConnectorOrigination":0,"aws:chime/voiceConnectorStreaming:VoiceConnectorStreaming":0,"aws:chime/voiceConnectorTermination:VoiceConnectorTermination":0,"aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials":0,"aws:chimesdkmediapipelines/mediaInsightsPipelineConfiguration:MediaInsightsPipelineConfiguration":0,"aws:cleanrooms/collaboration:Collaboration":0,"aws:cleanrooms/configuredTable:ConfiguredTable":0,"aws:cleanrooms/membership:Membership":1,"aws:cloud9/environmentEC2:EnvironmentEC2":0,"aws:cloud9/environmentMembership:EnvironmentMembership":0,"aws:cloudcontrol/resource:Resource":0,"aws:cloudformation/cloudFormationType:CloudFormationType":0,"aws:cloudformation/stack:Stack":0,"aws:cloudformation/stackInstances:StackInstances":0,"aws:cloudformation/stackSet:StackSet":0,"aws:cloudformation/stackSetInstance:StackSetInstance":0,"aws:cloudfront/cachePolicy:CachePolicy":0,"aws:cloudfront/continuousDeploymentPolicy:ContinuousDeploymentPolicy":1,"aws:cloudfront/distribution:Distribution":0,"aws:cloudfront/fieldLevelEncryptionConfig:FieldLevelEncryptionConfig":0,"aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile":0,"aws:cloudfront/function:Function":0,"aws:cloudfront/keyGroup:KeyGroup":0,"aws:cloudfront/keyValueStore:KeyValueStore":1,"aws:cloudfront/keyvaluestoreKey:KeyvaluestoreKey":1,"aws:cloudfront/keyvaluestoreKeysExclusive:KeyvaluestoreKeysExclusive":1,"aws:cloudfront/monitoringSubscription:MonitoringSubscription":0,"aws:cloudfront/originAccessControl:OriginAccessControl":0,"aws:cloudfront/originAccessIdentity:OriginAccessIdentity":0,"aws:cloudfront/originRequestPolicy:OriginRequestPolicy":0,"aws:cloudfront/publicKey:PublicKey":0,"aws:cloudfront/realtimeLogConfig:RealtimeLogConfig":0,"aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy":0,"aws:cloudfront/vpcOrigin:VpcOrigin":1,"aws:cloudhsmv2/cluster:Cluster":0,"aws:cloudhsmv2/hsm:Hsm":0,"aws:cloudsearch/domain:Domain":0,"aws:cloudsearch/domainServiceAccessPolicy:DomainServiceAccessPolicy":0,"aws:cloudtrail/eventDataStore:EventDataStore":0,"aws:cloudtrail/organizationDelegatedAdminAccount:OrganizationDelegatedAdminAccount":1,"aws:cloudtrail/trail:Trail":0,"aws:cloudwatch/compositeAlarm:CompositeAlarm":0,"aws:cloudwatch/contributorInsightRule:ContributorInsightRule":1,"aws:cloudwatch/contributorManagedInsightRule:ContributorManagedInsightRule":1,"aws:cloudwatch/dashboard:Dashboard":0,"aws:cloudwatch/eventApiDestination:EventApiDestination":0,"aws:cloudwatch/eventArchive:EventArchive":0,"aws:cloudwatch/eventBus:EventBus":0,"aws:cloudwatch/eventBusPolicy:EventBusPolicy":0,"aws:cloudwatch/eventConnection:EventConnection":0,"aws:cloudwatch/eventEndpoint:EventEndpoint":0,"aws:cloudwatch/eventPermission:EventPermission":0,"aws:cloudwatch/eventRule:EventRule":0,"aws:cloudwatch/eventTarget:EventTarget":0,"aws:cloudwatch/internetMonitor:InternetMonitor":0,"aws:cloudwatch/logAccountPolicy:LogAccountPolicy":0,"aws:cloudwatch/logAnomalyDetector:LogAnomalyDetector":1,"aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy":0,"aws:cloudwatch/logDelivery:LogDelivery":1,"aws:cloudwatch/logDeliveryDestination:LogDeliveryDestination":1,"aws:cloudwatch/logDeliveryDestinationPolicy:LogDeliveryDestinationPolicy":1,"aws:cloudwatch/logDeliverySource:LogDeliverySource":1,"aws:cloudwatch/logDestination:LogDestination":0,"aws:cloudwatch/logDestinationPolicy:LogDestinationPolicy":0,"aws:cloudwatch/logGroup:LogGroup":0,"aws:cloudwatch/logIndexPolicy:LogIndexPolicy":1,"aws:cloudwatch/logMetricFilter:LogMetricFilter":0,"aws:cloudwatch/logResourcePolicy:LogResourcePolicy":0,"aws:cloudwatch/logStream:LogStream":0,"aws:cloudwatch/logSubscriptionFilter:LogSubscriptionFilter":0,"aws:cloudwatch/metricAlarm:MetricAlarm":0,"aws:cloudwatch/metricStream:MetricStream":0,"aws:cloudwatch/queryDefinition:QueryDefinition":0,"aws:codeartifact/domain:Domain":0,"aws:codeartifact/domainPermissions:DomainPermissions":0,"aws:codeartifact/repository:Repository":0,"aws:codeartifact/repositoryPermissionsPolicy:RepositoryPermissionsPolicy":0,"aws:codebuild/fleet:Fleet":0,"aws:codebuild/project:Project":0,"aws:codebuild/reportGroup:ReportGroup":0,"aws:codebuild/resourcePolicy:ResourcePolicy":0,"aws:codebuild/sourceCredential:SourceCredential":0,"aws:codebuild/webhook:Webhook":0,"aws:codecatalyst/devEnvironment:DevEnvironment":0,"aws:codecatalyst/project:Project":0,"aws:codecatalyst/sourceRepository:SourceRepository":0,"aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate":0,"aws:codecommit/approvalRuleTemplateAssociation:ApprovalRuleTemplateAssociation":0,"aws:codecommit/repository:Repository":0,"aws:codecommit/trigger:Trigger":0,"aws:codeconnections/connection:Connection":1,"aws:codeconnections/host:Host":1,"aws:codedeploy/application:Application":0,"aws:codedeploy/deploymentConfig:DeploymentConfig":0,"aws:codedeploy/deploymentGroup:DeploymentGroup":0,"aws:codeguruprofiler/profilingGroup:ProfilingGroup":1,"aws:codegurureviewer/repositoryAssociation:RepositoryAssociation":0,"aws:codepipeline/customActionType:CustomActionType":0,"aws:codepipeline/pipeline:Pipeline":0,"aws:codepipeline/webhook:Webhook":0,"aws:codestarconnections/connection:Connection":0,"aws:codestarconnections/host:Host":0,"aws:codestarnotifications/notificationRule:NotificationRule":0,"aws:cognito/identityPool:IdentityPool":0,"aws:cognito/identityPoolProviderPrincipalTag:IdentityPoolProviderPrincipalTag":0,"aws:cognito/identityPoolRoleAttachment:IdentityPoolRoleAttachment":0,"aws:cognito/identityProvider:IdentityProvider":0,"aws:cognito/logDeliveryConfiguration:LogDeliveryConfiguration":1,"aws:cognito/managedLoginBranding:ManagedLoginBranding":1,"aws:cognito/managedUserPoolClient:ManagedUserPoolClient":1,"aws:cognito/resourceServer:ResourceServer":0,"aws:cognito/riskConfiguration:RiskConfiguration":0,"aws:cognito/user:User":0,"aws:cognito/userGroup:UserGroup":0,"aws:cognito/userInGroup:UserInGroup":0,"aws:cognito/userPool:UserPool":0,"aws:cognito/userPoolClient:UserPoolClient":1,"aws:cognito/userPoolDomain:UserPoolDomain":0,"aws:cognito/userPoolUICustomization:UserPoolUICustomization":0,"aws:comprehend/documentClassifier:DocumentClassifier":0,"aws:comprehend/entityRecognizer:EntityRecognizer":0,"aws:computeoptimizer/enrollmentStatus:EnrollmentStatus":1,"aws:computeoptimizer/recommendationPreferences:RecommendationPreferences":1,"aws:connect/botAssociation:BotAssociation":0,"aws:connect/contactFlow:ContactFlow":0,"aws:connect/contactFlowModule:ContactFlowModule":0,"aws:connect/hoursOfOperation:HoursOfOperation":0,"aws:connect/instance:Instance":0,"aws:connect/instanceStorageConfig:InstanceStorageConfig":0,"aws:connect/lambdaFunctionAssociation:LambdaFunctionAssociation":0,"aws:connect/phoneNumber:PhoneNumber":0,"aws:connect/phoneNumberContactFlowAssociation:PhoneNumberContactFlowAssociation":1,"aws:connect/queue:Queue":0,"aws:connect/quickConnect:QuickConnect":0,"aws:connect/routingProfile:RoutingProfile":0,"aws:connect/securityProfile:SecurityProfile":0,"aws:connect/user:User":0,"aws:connect/userHierarchyGroup:UserHierarchyGroup":0,"aws:connect/userHierarchyStructure:UserHierarchyStructure":0,"aws:connect/vocabulary:Vocabulary":0,"aws:controltower/baseline:Baseline":1,"aws:controltower/controlTowerControl:ControlTowerControl":0,"aws:controltower/landingZone:LandingZone":0,"aws:costexplorer/anomalyMonitor:AnomalyMonitor":0,"aws:costexplorer/anomalySubscription:AnomalySubscription":0,"aws:costexplorer/costAllocationTag:CostAllocationTag":0,"aws:costexplorer/costCategory:CostCategory":0,"aws:costoptimizationhub/enrollmentStatus:EnrollmentStatus":1,"aws:costoptimizationhub/preferences:Preferences":1,"aws:cur/reportDefinition:ReportDefinition":0,"aws:customerprofiles/domain:Domain":0,"aws:customerprofiles/profile:Profile":0,"aws:dataexchange/dataSet:DataSet":0,"aws:dataexchange/eventAction:EventAction":1,"aws:dataexchange/revision:Revision":0,"aws:dataexchange/revisionAssets:RevisionAssets":1,"aws:datapipeline/pipeline:Pipeline":0,"aws:datapipeline/pipelineDefinition:PipelineDefinition":0,"aws:datasync/agent:Agent":0,"aws:datasync/efsLocation:EfsLocation":0,"aws:datasync/fsxOpenZfsFileSystem:FsxOpenZfsFileSystem":0,"aws:datasync/locationAzureBlob:LocationAzureBlob":0,"aws:datasync/locationFsxLustre:LocationFsxLustre":0,"aws:datasync/locationFsxOntapFileSystem:LocationFsxOntapFileSystem":0,"aws:datasync/locationFsxWindows:LocationFsxWindows":0,"aws:datasync/locationHdfs:LocationHdfs":0,"aws:datasync/locationObjectStorage:LocationObjectStorage":0,"aws:datasync/locationSmb:LocationSmb":0,"aws:datasync/nfsLocation:NfsLocation":0,"aws:datasync/s3Location:S3Location":0,"aws:datasync/task:Task":0,"aws:datazone/assetType:AssetType":1,"aws:datazone/domain:Domain":1,"aws:datazone/environment:Environment":1,"aws:datazone/environmentBlueprintConfiguration:EnvironmentBlueprintConfiguration":1,"aws:datazone/environmentProfile:EnvironmentProfile":1,"aws:datazone/formType:FormType":1,"aws:datazone/glossary:Glossary":1,"aws:datazone/glossaryTerm:GlossaryTerm":1,"aws:datazone/project:Project":1,"aws:datazone/userProfile:UserProfile":1,"aws:dax/cluster:Cluster":0,"aws:dax/parameterGroup:ParameterGroup":0,"aws:dax/subnetGroup:SubnetGroup":0,"aws:detective/graph:Graph":0,"aws:detective/invitationAccepter:InvitationAccepter":0,"aws:detective/member:Member":0,"aws:detective/organizationAdminAccount:OrganizationAdminAccount":0,"aws:detective/organizationConfiguration:OrganizationConfiguration":0,"aws:devicefarm/devicePool:DevicePool":0,"aws:devicefarm/instanceProfile:InstanceProfile":0,"aws:devicefarm/networkProfile:NetworkProfile":0,"aws:devicefarm/project:Project":0,"aws:devicefarm/testGridProject:TestGridProject":0,"aws:devicefarm/upload:Upload":0,"aws:devopsguru/eventSourcesConfig:EventSourcesConfig":1,"aws:devopsguru/notificationChannel:NotificationChannel":1,"aws:devopsguru/resourceCollection:ResourceCollection":1,"aws:devopsguru/serviceIntegration:ServiceIntegration":1,"aws:directconnect/bgpPeer:BgpPeer":0,"aws:directconnect/connection:Connection":0,"aws:directconnect/connectionAssociation:ConnectionAssociation":0,"aws:directconnect/connectionConfirmation:ConnectionConfirmation":0,"aws:directconnect/gateway:Gateway":0,"aws:directconnect/gatewayAssociation:GatewayAssociation":0,"aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal":0,"aws:directconnect/hostedConnection:HostedConnection":0,"aws:directconnect/hostedPrivateVirtualInterface:HostedPrivateVirtualInterface":0,"aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter":0,"aws:directconnect/hostedPublicVirtualInterface:HostedPublicVirtualInterface":0,"aws:directconnect/hostedPublicVirtualInterfaceAccepter:HostedPublicVirtualInterfaceAccepter":0,"aws:directconnect/hostedTransitVirtualInterface:HostedTransitVirtualInterface":0,"aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor":0,"aws:directconnect/linkAggregationGroup:LinkAggregationGroup":0,"aws:directconnect/macsecKeyAssociation:MacsecKeyAssociation":0,"aws:directconnect/privateVirtualInterface:PrivateVirtualInterface":0,"aws:directconnect/publicVirtualInterface:PublicVirtualInterface":0,"aws:directconnect/transitVirtualInterface:TransitVirtualInterface":0,"aws:directoryservice/conditionalForwarder:ConditionalForwarder":0,"aws:directoryservice/directory:Directory":0,"aws:directoryservice/logSubscription:LogSubscription":0,"aws:directoryservice/radiusSettings:RadiusSettings":0,"aws:directoryservice/serviceRegion:ServiceRegion":0,"aws:directoryservice/sharedDirectory:SharedDirectory":0,"aws:directoryservice/sharedDirectoryAccepter:SharedDirectoryAccepter":0,"aws:directoryservice/trust:Trust":1,"aws:dlm/lifecyclePolicy:LifecyclePolicy":0,"aws:dms/certificate:Certificate":0,"aws:dms/endpoint:Endpoint":0,"aws:dms/eventSubscription:EventSubscription":0,"aws:dms/replicationConfig:ReplicationConfig":0,"aws:dms/replicationInstance:ReplicationInstance":0,"aws:dms/replicationSubnetGroup:ReplicationSubnetGroup":0,"aws:dms/replicationTask:ReplicationTask":0,"aws:dms/s3Endpoint:S3Endpoint":0,"aws:docdb/cluster:Cluster":0,"aws:docdb/clusterInstance:ClusterInstance":0,"aws:docdb/clusterParameterGroup:ClusterParameterGroup":0,"aws:docdb/clusterSnapshot:ClusterSnapshot":0,"aws:docdb/elasticCluster:ElasticCluster":1,"aws:docdb/eventSubscription:EventSubscription":0,"aws:docdb/globalCluster:GlobalCluster":0,"aws:docdb/subnetGroup:SubnetGroup":0,"aws:drs/replicationConfigurationTemplate:ReplicationConfigurationTemplate":1,"aws:dsql/cluster:Cluster":1,"aws:dsql/clusterPeering:ClusterPeering":1,"aws:dynamodb/contributorInsights:ContributorInsights":0,"aws:dynamodb/globalTable:GlobalTable":0,"aws:dynamodb/kinesisStreamingDestination:KinesisStreamingDestination":0,"aws:dynamodb/resourcePolicy:ResourcePolicy":1,"aws:dynamodb/table:Table":0,"aws:dynamodb/tableExport:TableExport":0,"aws:dynamodb/tableItem:TableItem":0,"aws:dynamodb/tableReplica:TableReplica":0,"aws:dynamodb/tag:Tag":0,"aws:ebs/defaultKmsKey:DefaultKmsKey":0,"aws:ebs/encryptionByDefault:EncryptionByDefault":0,"aws:ebs/fastSnapshotRestore:FastSnapshotRestore":1,"aws:ebs/snapshot:Snapshot":0,"aws:ebs/snapshotBlockPublicAccess:SnapshotBlockPublicAccess":0,"aws:ebs/snapshotCopy:SnapshotCopy":0,"aws:ebs/snapshotImport:SnapshotImport":0,"aws:ebs/volume:Volume":0,"aws:ec2/allowedImagesSettings:AllowedImagesSettings":1,"aws:ec2/ami:Ami":0,"aws:ec2/amiCopy:AmiCopy":0,"aws:ec2/amiFromInstance:AmiFromInstance":0,"aws:ec2/amiLaunchPermission:AmiLaunchPermission":0,"aws:ec2/availabilityZoneGroup:AvailabilityZoneGroup":0,"aws:ec2/capacityBlockReservation:CapacityBlockReservation":1,"aws:ec2/capacityReservation:CapacityReservation":0,"aws:ec2/carrierGateway:CarrierGateway":0,"aws:ec2/customerGateway:CustomerGateway":0,"aws:ec2/dedicatedHost:DedicatedHost":0,"aws:ec2/defaultCreditSpecification:DefaultCreditSpecification":1,"aws:ec2/defaultNetworkAcl:DefaultNetworkAcl":0,"aws:ec2/defaultRouteTable:DefaultRouteTable":0,"aws:ec2/defaultSecurityGroup:DefaultSecurityGroup":0,"aws:ec2/defaultSubnet:DefaultSubnet":0,"aws:ec2/defaultVpc:DefaultVpc":0,"aws:ec2/defaultVpcDhcpOptions:DefaultVpcDhcpOptions":0,"aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway":0,"aws:ec2/eip:Eip":0,"aws:ec2/eipAssociation:EipAssociation":0,"aws:ec2/eipDomainName:EipDomainName":1,"aws:ec2/fleet:Fleet":0,"aws:ec2/flowLog:FlowLog":0,"aws:ec2/imageBlockPublicAccess:ImageBlockPublicAccess":0,"aws:ec2/instance:Instance":0,"aws:ec2/instanceMetadataDefaults:InstanceMetadataDefaults":1,"aws:ec2/internetGateway:InternetGateway":0,"aws:ec2/internetGatewayAttachment:InternetGatewayAttachment":0,"aws:ec2/keyPair:KeyPair":0,"aws:ec2/launchConfiguration:LaunchConfiguration":0,"aws:ec2/launchTemplate:LaunchTemplate":0,"aws:ec2/localGatewayRoute:LocalGatewayRoute":0,"aws:ec2/localGatewayRouteTableVpcAssociation:LocalGatewayRouteTableVpcAssociation":0,"aws:ec2/mainRouteTableAssociation:MainRouteTableAssociation":0,"aws:ec2/managedPrefixList:ManagedPrefixList":0,"aws:ec2/managedPrefixListEntry:ManagedPrefixListEntry":0,"aws:ec2/natGateway:NatGateway":0,"aws:ec2/natGatewayEipAssociation:NatGatewayEipAssociation":1,"aws:ec2/networkAcl:NetworkAcl":0,"aws:ec2/networkAclAssociation:NetworkAclAssociation":0,"aws:ec2/networkAclRule:NetworkAclRule":0,"aws:ec2/networkInsightsAnalysis:NetworkInsightsAnalysis":0,"aws:ec2/networkInsightsPath:NetworkInsightsPath":0,"aws:ec2/networkInterface:NetworkInterface":0,"aws:ec2/networkInterfaceAttachment:NetworkInterfaceAttachment":0,"aws:ec2/networkInterfacePermission:NetworkInterfacePermission":1,"aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment":0,"aws:ec2/peeringConnectionOptions:PeeringConnectionOptions":0,"aws:ec2/placementGroup:PlacementGroup":0,"aws:ec2/proxyProtocolPolicy:ProxyProtocolPolicy":0,"aws:ec2/route:Route":0,"aws:ec2/routeTable:RouteTable":0,"aws:ec2/routeTableAssociation:RouteTableAssociation":0,"aws:ec2/securityGroup:SecurityGroup":0,"aws:ec2/securityGroupAssociation:SecurityGroupAssociation":0,"aws:ec2/securityGroupRule:SecurityGroupRule":0,"aws:ec2/serialConsoleAccess:SerialConsoleAccess":0,"aws:ec2/snapshotCreateVolumePermission:SnapshotCreateVolumePermission":0,"aws:ec2/spotDatafeedSubscription:SpotDatafeedSubscription":0,"aws:ec2/spotFleetRequest:SpotFleetRequest":0,"aws:ec2/spotInstanceRequest:SpotInstanceRequest":0,"aws:ec2/subnet:Subnet":0,"aws:ec2/subnetCidrReservation:SubnetCidrReservation":0,"aws:ec2/tag:Tag":0,"aws:ec2/trafficMirrorFilter:TrafficMirrorFilter":0,"aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule":0,"aws:ec2/trafficMirrorSession:TrafficMirrorSession":0,"aws:ec2/trafficMirrorTarget:TrafficMirrorTarget":0,"aws:ec2/volumeAttachment:VolumeAttachment":0,"aws:ec2/vpc:Vpc":0,"aws:ec2/vpcBlockPublicAccessExclusion:VpcBlockPublicAccessExclusion":1,"aws:ec2/vpcBlockPublicAccessOptions:VpcBlockPublicAccessOptions":1,"aws:ec2/vpcDhcpOptions:VpcDhcpOptions":0,"aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation":0,"aws:ec2/vpcEndpoint:VpcEndpoint":0,"aws:ec2/vpcEndpointConnectionAccepter:VpcEndpointConnectionAccepter":0,"aws:ec2/vpcEndpointConnectionNotification:VpcEndpointConnectionNotification":0,"aws:ec2/vpcEndpointPolicy:VpcEndpointPolicy":0,"aws:ec2/vpcEndpointRouteTableAssociation:VpcEndpointRouteTableAssociation":0,"aws:ec2/vpcEndpointService:VpcEndpointService":0,"aws:ec2/vpcEndpointServiceAllowedPrinciple:VpcEndpointServiceAllowedPrinciple":0,"aws:ec2/vpcEndpointSubnetAssociation:VpcEndpointSubnetAssociation":0,"aws:ec2/vpcIpam:VpcIpam":0,"aws:ec2/vpcIpamOrganizationAdminAccount:VpcIpamOrganizationAdminAccount":0,"aws:ec2/vpcIpamPool:VpcIpamPool":0,"aws:ec2/vpcIpamPoolCidr:VpcIpamPoolCidr":0,"aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation":0,"aws:ec2/vpcIpamPreviewNextCidr:VpcIpamPreviewNextCidr":0,"aws:ec2/vpcIpamResourceDiscovery:VpcIpamResourceDiscovery":0,"aws:ec2/vpcIpamResourceDiscoveryAssociation:VpcIpamResourceDiscoveryAssociation":0,"aws:ec2/vpcIpamScope:VpcIpamScope":0,"aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation":0,"aws:ec2/vpcIpv6CidrBlockAssociation:VpcIpv6CidrBlockAssociation":0,"aws:ec2/vpcNetworkPerformanceMetricSubscription:VpcNetworkPerformanceMetricSubscription":0,"aws:ec2/vpcPeeringConnection:VpcPeeringConnection":0,"aws:ec2/vpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter":0,"aws:ec2/vpnConnection:VpnConnection":0,"aws:ec2/vpnConnectionRoute:VpnConnectionRoute":0,"aws:ec2/vpnGateway:VpnGateway":0,"aws:ec2/vpnGatewayAttachment:VpnGatewayAttachment":0,"aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation":0,"aws:ec2clientvpn/authorizationRule:AuthorizationRule":0,"aws:ec2clientvpn/endpoint:Endpoint":0,"aws:ec2clientvpn/networkAssociation:NetworkAssociation":0,"aws:ec2clientvpn/route:Route":0,"aws:ec2transitgateway/connect:Connect":0,"aws:ec2transitgateway/connectPeer:ConnectPeer":0,"aws:ec2transitgateway/defaultRouteTableAssociation:DefaultRouteTableAssociation":1,"aws:ec2transitgateway/defaultRouteTablePropagation:DefaultRouteTablePropagation":1,"aws:ec2transitgateway/instanceConnectEndpoint:InstanceConnectEndpoint":1,"aws:ec2transitgateway/instanceState:InstanceState":0,"aws:ec2transitgateway/multicastDomain:MulticastDomain":0,"aws:ec2transitgateway/multicastDomainAssociation:MulticastDomainAssociation":0,"aws:ec2transitgateway/multicastGroupMember:MulticastGroupMember":0,"aws:ec2transitgateway/multicastGroupSource:MulticastGroupSource":0,"aws:ec2transitgateway/peeringAttachment:PeeringAttachment":0,"aws:ec2transitgateway/peeringAttachmentAccepter:PeeringAttachmentAccepter":0,"aws:ec2transitgateway/policyTable:PolicyTable":0,"aws:ec2transitgateway/policyTableAssociation:PolicyTableAssociation":0,"aws:ec2transitgateway/prefixListReference:PrefixListReference":0,"aws:ec2transitgateway/route:Route":0,"aws:ec2transitgateway/routeTable:RouteTable":0,"aws:ec2transitgateway/routeTableAssociation:RouteTableAssociation":0,"aws:ec2transitgateway/routeTablePropagation:RouteTablePropagation":0,"aws:ec2transitgateway/transitGateway:TransitGateway":0,"aws:ec2transitgateway/vpcAttachment:VpcAttachment":0,"aws:ec2transitgateway/vpcAttachmentAccepter:VpcAttachmentAccepter":0,"aws:ecr/accountSetting:AccountSetting":1,"aws:ecr/lifecyclePolicy:LifecyclePolicy":0,"aws:ecr/pullThroughCacheRule:PullThroughCacheRule":0,"aws:ecr/registryPolicy:RegistryPolicy":0,"aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration":0,"aws:ecr/replicationConfiguration:ReplicationConfiguration":0,"aws:ecr/repository:Repository":0,"aws:ecr/repositoryCreationTemplate:RepositoryCreationTemplate":0,"aws:ecr/repositoryPolicy:RepositoryPolicy":0,"aws:ecrpublic/repository:Repository":0,"aws:ecrpublic/repositoryPolicy:RepositoryPolicy":0,"aws:ecs/accountSettingDefault:AccountSettingDefault":0,"aws:ecs/capacityProvider:CapacityProvider":0,"aws:ecs/cluster:Cluster":0,"aws:ecs/clusterCapacityProviders:ClusterCapacityProviders":0,"aws:ecs/service:Service":0,"aws:ecs/tag:Tag":0,"aws:ecs/taskDefinition:TaskDefinition":0,"aws:ecs/taskSet:TaskSet":0,"aws:efs/accessPoint:AccessPoint":0,"aws:efs/backupPolicy:BackupPolicy":0,"aws:efs/fileSystem:FileSystem":0,"aws:efs/fileSystemPolicy:FileSystemPolicy":0,"aws:efs/mountTarget:MountTarget":0,"aws:efs/replicationConfiguration:ReplicationConfiguration":0,"aws:eks/accessEntry:AccessEntry":0,"aws:eks/accessPolicyAssociation:AccessPolicyAssociation":0,"aws:eks/addon:Addon":0,"aws:eks/cluster:Cluster":0,"aws:eks/fargateProfile:FargateProfile":0,"aws:eks/identityProviderConfig:IdentityProviderConfig":0,"aws:eks/nodeGroup:NodeGroup":0,"aws:eks/podIdentityAssociation:PodIdentityAssociation":1,"aws:elasticache/cluster:Cluster":0,"aws:elasticache/globalReplicationGroup:GlobalReplicationGroup":0,"aws:elasticache/parameterGroup:ParameterGroup":0,"aws:elasticache/replicationGroup:ReplicationGroup":0,"aws:elasticache/reservedCacheNode:ReservedCacheNode":1,"aws:elasticache/serverlessCache:ServerlessCache":1,"aws:elasticache/subnetGroup:SubnetGroup":0,"aws:elasticache/user:User":0,"aws:elasticache/userGroup:UserGroup":0,"aws:elasticache/userGroupAssociation:UserGroupAssociation":0,"aws:elasticbeanstalk/application:Application":0,"aws:elasticbeanstalk/applicationVersion:ApplicationVersion":0,"aws:elasticbeanstalk/configurationTemplate:ConfigurationTemplate":0,"aws:elasticbeanstalk/environment:Environment":0,"aws:elasticsearch/domain:Domain":0,"aws:elasticsearch/domainPolicy:DomainPolicy":0,"aws:elasticsearch/domainSamlOptions:DomainSamlOptions":0,"aws:elasticsearch/vpcEndpoint:VpcEndpoint":0,"aws:elastictranscoder/pipeline:Pipeline":0,"aws:elastictranscoder/preset:Preset":0,"aws:elb/appCookieStickinessPolicy:AppCookieStickinessPolicy":0,"aws:elb/attachment:Attachment":0,"aws:elb/listenerPolicy:ListenerPolicy":0,"aws:elb/loadBalancer:LoadBalancer":0,"aws:elb/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy":0,"aws:elb/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy":0,"aws:elb/loadBalancerPolicy:LoadBalancerPolicy":0,"aws:elb/sslNegotiationPolicy:SslNegotiationPolicy":0,"aws:emr/blockPublicAccessConfiguration:BlockPublicAccessConfiguration":0,"aws:emr/cluster:Cluster":0,"aws:emr/instanceFleet:InstanceFleet":0,"aws:emr/instanceGroup:InstanceGroup":0,"aws:emr/managedScalingPolicy:ManagedScalingPolicy":0,"aws:emr/securityConfiguration:SecurityConfiguration":0,"aws:emr/studio:Studio":0,"aws:emr/studioSessionMapping:StudioSessionMapping":0,"aws:emrcontainers/jobTemplate:JobTemplate":0,"aws:emrcontainers/virtualCluster:VirtualCluster":0,"aws:emrserverless/application:Application":0,"aws:evidently/feature:Feature":0,"aws:evidently/launch:Launch":0,"aws:evidently/project:Project":0,"aws:evidently/segment:Segment":0,"aws:finspace/kxCluster:KxCluster":0,"aws:finspace/kxDatabase:KxDatabase":0,"aws:finspace/kxDataview:KxDataview":0,"aws:finspace/kxEnvironment:KxEnvironment":0,"aws:finspace/kxScalingGroup:KxScalingGroup":0,"aws:finspace/kxUser:KxUser":0,"aws:finspace/kxVolume:KxVolume":0,"aws:fis/experimentTemplate:ExperimentTemplate":0,"aws:fis/targetAccountConfiguration:TargetAccountConfiguration":1,"aws:fms/adminAccount:AdminAccount":0,"aws:fms/policy:Policy":0,"aws:fms/resourceSet:ResourceSet":1,"aws:fsx/backup:Backup":0,"aws:fsx/dataRepositoryAssociation:DataRepositoryAssociation":0,"aws:fsx/fileCache:FileCache":0,"aws:fsx/lustreFileSystem:LustreFileSystem":0,"aws:fsx/ontapFileSystem:OntapFileSystem":0,"aws:fsx/ontapStorageVirtualMachine:OntapStorageVirtualMachine":0,"aws:fsx/ontapVolume:OntapVolume":0,"aws:fsx/openZfsFileSystem:OpenZfsFileSystem":0,"aws:fsx/openZfsSnapshot:OpenZfsSnapshot":0,"aws:fsx/openZfsVolume:OpenZfsVolume":0,"aws:fsx/s3AccessPointAttachment:S3AccessPointAttachment":1,"aws:fsx/windowsFileSystem:WindowsFileSystem":0,"aws:gamelift/alias:Alias":0,"aws:gamelift/build:Build":0,"aws:gamelift/fleet:Fleet":0,"aws:gamelift/gameServerGroup:GameServerGroup":0,"aws:gamelift/gameSessionQueue:GameSessionQueue":0,"aws:gamelift/script:Script":0,"aws:glacier/vault:Vault":0,"aws:glacier/vaultLock:VaultLock":0,"aws:globalaccelerator/accelerator:Accelerator":0,"aws:globalaccelerator/crossAccountAttachment:CrossAccountAttachment":1,"aws:globalaccelerator/customRoutingAccelerator:CustomRoutingAccelerator":0,"aws:globalaccelerator/customRoutingEndpointGroup:CustomRoutingEndpointGroup":0,"aws:globalaccelerator/customRoutingListener:CustomRoutingListener":0,"aws:globalaccelerator/endpointGroup:EndpointGroup":0,"aws:globalaccelerator/listener:Listener":0,"aws:glue/catalogDatabase:CatalogDatabase":0,"aws:glue/catalogTable:CatalogTable":0,"aws:glue/catalogTableOptimizer:CatalogTableOptimizer":1,"aws:glue/classifier:Classifier":0,"aws:glue/connection:Connection":0,"aws:glue/crawler:Crawler":0,"aws:glue/dataCatalogEncryptionSettings:DataCatalogEncryptionSettings":0,"aws:glue/dataQualityRuleset:DataQualityRuleset":0,"aws:glue/devEndpoint:DevEndpoint":0,"aws:glue/job:Job":0,"aws:glue/mLTransform:MLTransform":0,"aws:glue/partition:Partition":0,"aws:glue/partitionIndex:PartitionIndex":0,"aws:glue/registry:Registry":0,"aws:glue/resourcePolicy:ResourcePolicy":0,"aws:glue/schema:Schema":0,"aws:glue/securityConfiguration:SecurityConfiguration":0,"aws:glue/trigger:Trigger":0,"aws:glue/userDefinedFunction:UserDefinedFunction":0,"aws:glue/workflow:Workflow":0,"aws:grafana/licenseAssociation:LicenseAssociation":0,"aws:grafana/roleAssociation:RoleAssociation":0,"aws:grafana/workspace:Workspace":0,"aws:grafana/workspaceApiKey:WorkspaceApiKey":0,"aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration":0,"aws:grafana/workspaceServiceAccount:WorkspaceServiceAccount":1,"aws:grafana/workspaceServiceAccountToken:WorkspaceServiceAccountToken":1,"aws:guardduty/detector:Detector":0,"aws:guardduty/detectorFeature:DetectorFeature":0,"aws:guardduty/filter:Filter":0,"aws:guardduty/iPSet:IPSet":0,"aws:guardduty/inviteAccepter:InviteAccepter":0,"aws:guardduty/malwareProtectionPlan:MalwareProtectionPlan":1,"aws:guardduty/member:Member":0,"aws:guardduty/memberDetectorFeature:MemberDetectorFeature":1,"aws:guardduty/organizationAdminAccount:OrganizationAdminAccount":0,"aws:guardduty/organizationConfiguration:OrganizationConfiguration":0,"aws:guardduty/organizationConfigurationFeature:OrganizationConfigurationFeature":0,"aws:guardduty/publishingDestination:PublishingDestination":0,"aws:guardduty/threatIntelSet:ThreatIntelSet":0,"aws:iam/accessKey:AccessKey":0,"aws:iam/accountAlias:AccountAlias":0,"aws:iam/accountPasswordPolicy:AccountPasswordPolicy":0,"aws:iam/group:Group":0,"aws:iam/groupMembership:GroupMembership":0,"aws:iam/groupPoliciesExclusive:GroupPoliciesExclusive":1,"aws:iam/groupPolicy:GroupPolicy":0,"aws:iam/groupPolicyAttachment:GroupPolicyAttachment":0,"aws:iam/groupPolicyAttachmentsExclusive:GroupPolicyAttachmentsExclusive":1,"aws:iam/instanceProfile:InstanceProfile":0,"aws:iam/openIdConnectProvider:OpenIdConnectProvider":0,"aws:iam/organizationsFeatures:OrganizationsFeatures":1,"aws:iam/policy:Policy":0,"aws:iam/policyAttachment:PolicyAttachment":0,"aws:iam/role:Role":0,"aws:iam/rolePoliciesExclusive:RolePoliciesExclusive":1,"aws:iam/rolePolicy:RolePolicy":0,"aws:iam/rolePolicyAttachment:RolePolicyAttachment":0,"aws:iam/rolePolicyAttachmentsExclusive:RolePolicyAttachmentsExclusive":1,"aws:iam/samlProvider:SamlProvider":0,"aws:iam/securityTokenServicePreferences:SecurityTokenServicePreferences":0,"aws:iam/serverCertificate:ServerCertificate":0,"aws:iam/serviceLinkedRole:ServiceLinkedRole":0,"aws:iam/serviceSpecificCredential:ServiceSpecificCredential":0,"aws:iam/signingCertificate:SigningCertificate":0,"aws:iam/sshKey:SshKey":0,"aws:iam/user:User":0,"aws:iam/userGroupMembership:UserGroupMembership":0,"aws:iam/userLoginProfile:UserLoginProfile":0,"aws:iam/userPoliciesExclusive:UserPoliciesExclusive":1,"aws:iam/userPolicy:UserPolicy":0,"aws:iam/userPolicyAttachment:UserPolicyAttachment":0,"aws:iam/userPolicyAttachmentsExclusive:UserPolicyAttachmentsExclusive":1,"aws:iam/virtualMfaDevice:VirtualMfaDevice":0,"aws:identitystore/group:Group":0,"aws:identitystore/groupMembership:GroupMembership":0,"aws:identitystore/user:User":0,"aws:imagebuilder/component:Component":0,"aws:imagebuilder/containerRecipe:ContainerRecipe":0,"aws:imagebuilder/distributionConfiguration:DistributionConfiguration":0,"aws:imagebuilder/image:Image":0,"aws:imagebuilder/imagePipeline:ImagePipeline":0,"aws:imagebuilder/imageRecipe:ImageRecipe":0,"aws:imagebuilder/infrastructureConfiguration:InfrastructureConfiguration":0,"aws:imagebuilder/lifecyclePolicy:LifecyclePolicy":1,"aws:imagebuilder/workflow:Workflow":0,"aws:inspector/assessmentTarget:AssessmentTarget":0,"aws:inspector/assessmentTemplate:AssessmentTemplate":0,"aws:inspector/resourceGroup:ResourceGroup":0,"aws:inspector2/delegatedAdminAccount:DelegatedAdminAccount":0,"aws:inspector2/enabler:Enabler":0,"aws:inspector2/filter:Filter":1,"aws:inspector2/memberAssociation:MemberAssociation":0,"aws:inspector2/organizationConfiguration:OrganizationConfiguration":0,"aws:invoicing/invoiceUnit:InvoiceUnit":1,"aws:iot/authorizer:Authorizer":0,"aws:iot/billingGroup:BillingGroup":1,"aws:iot/caCertificate:CaCertificate":0,"aws:iot/certificate:Certificate":0,"aws:iot/domainConfiguration:DomainConfiguration":0,"aws:iot/eventConfigurations:EventConfigurations":0,"aws:iot/indexingConfiguration:IndexingConfiguration":0,"aws:iot/loggingOptions:LoggingOptions":0,"aws:iot/policy:Policy":0,"aws:iot/policyAttachment:PolicyAttachment":0,"aws:iot/provisioningTemplate:ProvisioningTemplate":0,"aws:iot/roleAlias:RoleAlias":0,"aws:iot/thing:Thing":0,"aws:iot/thingGroup:ThingGroup":0,"aws:iot/thingGroupMembership:ThingGroupMembership":0,"aws:iot/thingPrincipalAttachment:ThingPrincipalAttachment":0,"aws:iot/thingType:ThingType":0,"aws:iot/topicRule:TopicRule":0,"aws:iot/topicRuleDestination:TopicRuleDestination":0,"aws:ivs/channel:Channel":0,"aws:ivs/playbackKeyPair:PlaybackKeyPair":0,"aws:ivs/recordingConfiguration:RecordingConfiguration":0,"aws:ivschat/loggingConfiguration:LoggingConfiguration":0,"aws:ivschat/room:Room":0,"aws:kendra/dataSource:DataSource":0,"aws:kendra/experience:Experience":0,"aws:kendra/faq:Faq":0,"aws:kendra/index:Index":0,"aws:kendra/querySuggestionsBlockList:QuerySuggestionsBlockList":0,"aws:kendra/thesaurus:Thesaurus":0,"aws:keyspaces/keyspace:Keyspace":0,"aws:keyspaces/table:Table":0,"aws:kinesis/analyticsApplication:AnalyticsApplication":0,"aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream":0,"aws:kinesis/resourcePolicy:ResourcePolicy":1,"aws:kinesis/stream:Stream":0,"aws:kinesis/streamConsumer:StreamConsumer":0,"aws:kinesis/videoStream:VideoStream":0,"aws:kinesisanalyticsv2/application:Application":0,"aws:kinesisanalyticsv2/applicationSnapshot:ApplicationSnapshot":0,"aws:kms/alias:Alias":0,"aws:kms/ciphertext:Ciphertext":0,"aws:kms/customKeyStore:CustomKeyStore":0,"aws:kms/externalKey:ExternalKey":0,"aws:kms/grant:Grant":0,"aws:kms/key:Key":0,"aws:kms/keyPolicy:KeyPolicy":0,"aws:kms/replicaExternalKey:ReplicaExternalKey":0,"aws:kms/replicaKey:ReplicaKey":0,"aws:lakeformation/dataCellsFilter:DataCellsFilter":1,"aws:lakeformation/dataLakeSettings:DataLakeSettings":0,"aws:lakeformation/identityCenterConfiguration:IdentityCenterConfiguration":1,"aws:lakeformation/lfTag:LfTag":0,"aws:lakeformation/lfTagExpression:LfTagExpression":1,"aws:lakeformation/optIn:OptIn":1,"aws:lakeformation/permissions:Permissions":0,"aws:lakeformation/resource:Resource":0,"aws:lakeformation/resourceLfTag:ResourceLfTag":1,"aws:lakeformation/resourceLfTags:ResourceLfTags":0,"aws:lambda/alias:Alias":0,"aws:lambda/codeSigningConfig:CodeSigningConfig":0,"aws:lambda/eventSourceMapping:EventSourceMapping":0,"aws:lambda/function:Function":0,"aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig":0,"aws:lambda/functionRecursionConfig:FunctionRecursionConfig":1,"aws:lambda/functionUrl:FunctionUrl":0,"aws:lambda/invocation:Invocation":0,"aws:lambda/layerVersion:LayerVersion":0,"aws:lambda/layerVersionPermission:LayerVersionPermission":0,"aws:lambda/permission:Permission":0,"aws:lambda/provisionedConcurrencyConfig:ProvisionedConcurrencyConfig":0,"aws:lambda/runtimeManagementConfig:RuntimeManagementConfig":1,"aws:lb/listener:Listener":0,"aws:lb/listenerCertificate:ListenerCertificate":0,"aws:lb/listenerRule:ListenerRule":0,"aws:lb/loadBalancer:LoadBalancer":0,"aws:lb/targetGroup:TargetGroup":0,"aws:lb/targetGroupAttachment:TargetGroupAttachment":0,"aws:lb/trustStore:TrustStore":0,"aws:lb/trustStoreRevocation:TrustStoreRevocation":0,"aws:lex/bot:Bot":0,"aws:lex/botAlias:BotAlias":0,"aws:lex/intent:Intent":0,"aws:lex/slotType:SlotType":0,"aws:lex/v2modelsBot:V2modelsBot":1,"aws:lex/v2modelsBotLocale:V2modelsBotLocale":1,"aws:lex/v2modelsBotVersion:V2modelsBotVersion":1,"aws:lex/v2modelsIntent:V2modelsIntent":1,"aws:lex/v2modelsSlot:V2modelsSlot":1,"aws:lex/v2modelsSlotType:V2modelsSlotType":1,"aws:licensemanager/association:Association":0,"aws:licensemanager/licenseConfiguration:LicenseConfiguration":0,"aws:licensemanager/licenseGrant:LicenseGrant":0,"aws:licensemanager/licenseGrantAccepter:LicenseGrantAccepter":0,"aws:lightsail/bucket:Bucket":0,"aws:lightsail/bucketAccessKey:BucketAccessKey":0,"aws:lightsail/bucketResourceAccess:BucketResourceAccess":0,"aws:lightsail/certificate:Certificate":0,"aws:lightsail/containerService:ContainerService":0,"aws:lightsail/containerServiceDeploymentVersion:ContainerServiceDeploymentVersion":0,"aws:lightsail/database:Database":0,"aws:lightsail/disk:Disk":0,"aws:lightsail/disk_attachment:Disk_attachment":0,"aws:lightsail/distribution:Distribution":0,"aws:lightsail/domain:Domain":0,"aws:lightsail/domainEntry:DomainEntry":0,"aws:lightsail/instance:Instance":0,"aws:lightsail/instancePublicPorts:InstancePublicPorts":0,"aws:lightsail/keyPair:KeyPair":0,"aws:lightsail/lb:Lb":0,"aws:lightsail/lbAttachment:LbAttachment":0,"aws:lightsail/lbCertificate:LbCertificate":0,"aws:lightsail/lbCertificateAttachment:LbCertificateAttachment":0,"aws:lightsail/lbHttpsRedirectionPolicy:LbHttpsRedirectionPolicy":0,"aws:lightsail/lbStickinessPolicy:LbStickinessPolicy":0,"aws:lightsail/staticIp:StaticIp":0,"aws:lightsail/staticIpAttachment:StaticIpAttachment":0,"aws:location/geofenceCollection:GeofenceCollection":0,"aws:location/map:Map":0,"aws:location/placeIndex:PlaceIndex":0,"aws:location/routeCalculation:RouteCalculation":0,"aws:location/tracker:Tracker":0,"aws:location/trackerAssociation:TrackerAssociation":0,"aws:m2/application:Application":1,"aws:m2/deployment:Deployment":1,"aws:m2/environment:Environment":1,"aws:macie/customDataIdentifier:CustomDataIdentifier":0,"aws:macie/findingsFilter:FindingsFilter":0,"aws:macie2/account:Account":0,"aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration":0,"aws:macie2/classificationJob:ClassificationJob":0,"aws:macie2/invitationAccepter:InvitationAccepter":0,"aws:macie2/member:Member":0,"aws:macie2/organizationAdminAccount:OrganizationAdminAccount":0,"aws:macie2/organizationConfiguration:OrganizationConfiguration":1,"aws:mediaconvert/queue:Queue":0,"aws:medialive/channel:Channel":0,"aws:medialive/input:Input":0,"aws:medialive/inputSecurityGroup:InputSecurityGroup":0,"aws:medialive/multiplex:Multiplex":0,"aws:medialive/multiplexProgram:MultiplexProgram":1,"aws:mediapackage/channel:Channel":0,"aws:mediapackagev2/channelGroup:ChannelGroup":1,"aws:mediastore/container:Container":0,"aws:mediastore/containerPolicy:ContainerPolicy":0,"aws:memorydb/acl:Acl":0,"aws:memorydb/cluster:Cluster":0,"aws:memorydb/multiRegionCluster:MultiRegionCluster":1,"aws:memorydb/parameterGroup:ParameterGroup":0,"aws:memorydb/snapshot:Snapshot":0,"aws:memorydb/subnetGroup:SubnetGroup":0,"aws:memorydb/user:User":0,"aws:mq/broker:Broker":0,"aws:mq/configuration:Configuration":0,"aws:msk/cluster:Cluster":0,"aws:msk/clusterPolicy:ClusterPolicy":0,"aws:msk/configuration:Configuration":0,"aws:msk/replicator:Replicator":0,"aws:msk/scramSecretAssociation:ScramSecretAssociation":0,"aws:msk/serverlessCluster:ServerlessCluster":0,"aws:msk/singleScramSecretAssociation:SingleScramSecretAssociation":1,"aws:msk/vpcConnection:VpcConnection":0,"aws:mskconnect/connector:Connector":0,"aws:mskconnect/customPlugin:CustomPlugin":0,"aws:mskconnect/workerConfiguration:WorkerConfiguration":0,"aws:mwaa/environment:Environment":0,"aws:neptune/cluster:Cluster":0,"aws:neptune/clusterEndpoint:ClusterEndpoint":0,"aws:neptune/clusterInstance:ClusterInstance":0,"aws:neptune/clusterParameterGroup:ClusterParameterGroup":0,"aws:neptune/clusterSnapshot:ClusterSnapshot":0,"aws:neptune/eventSubscription:EventSubscription":0,"aws:neptune/globalCluster:GlobalCluster":0,"aws:neptune/parameterGroup:ParameterGroup":0,"aws:neptune/subnetGroup:SubnetGroup":0,"aws:neptunegraph/graph:Graph":1,"aws:networkfirewall/firewall:Firewall":0,"aws:networkfirewall/firewallPolicy:FirewallPolicy":0,"aws:networkfirewall/firewallTransitGatewayAttachmentAccepter:FirewallTransitGatewayAttachmentAccepter":1,"aws:networkfirewall/loggingConfiguration:LoggingConfiguration":0,"aws:networkfirewall/resourcePolicy:ResourcePolicy":0,"aws:networkfirewall/ruleGroup:RuleGroup":0,"aws:networkfirewall/tlsInspectionConfiguration:TlsInspectionConfiguration":1,"aws:networkfirewall/vpcEndpointAssociation:VpcEndpointAssociation":1,"aws:networkflowmonitor/monitor:Monitor":1,"aws:networkflowmonitor/scope:Scope":1,"aws:networkmanager/attachmentAccepter:AttachmentAccepter":0,"aws:networkmanager/connectAttachment:ConnectAttachment":0,"aws:networkmanager/connectPeer:ConnectPeer":0,"aws:networkmanager/connection:Connection":0,"aws:networkmanager/coreNetwork:CoreNetwork":0,"aws:networkmanager/coreNetworkPolicyAttachment:CoreNetworkPolicyAttachment":0,"aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation":0,"aws:networkmanager/device:Device":0,"aws:networkmanager/dxGatewayAttachment:DxGatewayAttachment":1,"aws:networkmanager/globalNetwork:GlobalNetwork":0,"aws:networkmanager/link:Link":0,"aws:networkmanager/linkAssociation:LinkAssociation":0,"aws:networkmanager/site:Site":0,"aws:networkmanager/siteToSiteVpnAttachment:SiteToSiteVpnAttachment":0,"aws:networkmanager/transitGatewayConnectPeerAssociation:TransitGatewayConnectPeerAssociation":0,"aws:networkmanager/transitGatewayPeering:TransitGatewayPeering":0,"aws:networkmanager/transitGatewayRegistration:TransitGatewayRegistration":0,"aws:networkmanager/transitGatewayRouteTableAttachment:TransitGatewayRouteTableAttachment":0,"aws:networkmanager/vpcAttachment:VpcAttachment":0,"aws:networkmonitor/monitor:Monitor":1,"aws:networkmonitor/probe:Probe":1,"aws:notifications/channelAssociation:ChannelAssociation":1,"aws:notifications/contactsEmailContact:ContactsEmailContact":1,"aws:notifications/eventRule:EventRule":1,"aws:notifications/notificationConfiguration:NotificationConfiguration":1,"aws:notifications/notificationHub:NotificationHub":1,"aws:oam/link:Link":0,"aws:oam/sink:Sink":0,"aws:oam/sinkPolicy:SinkPolicy":0,"aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization":1,"aws:odb/cloudAutonomousVmCluster:CloudAutonomousVmCluster":1,"aws:odb/cloudExadataInfrastructure:CloudExadataInfrastructure":1,"aws:odb/cloudVmCluster:CloudVmCluster":1,"aws:odb/network:Network":1,"aws:odb/networkPeeringConnection:NetworkPeeringConnection":1,"aws:opensearch/authorizeVpcEndpointAccess:AuthorizeVpcEndpointAccess":1,"aws:opensearch/domain:Domain":0,"aws:opensearch/domainPolicy:DomainPolicy":0,"aws:opensearch/domainSamlOptions:DomainSamlOptions":0,"aws:opensearch/inboundConnectionAccepter:InboundConnectionAccepter":0,"aws:opensearch/outboundConnection:OutboundConnection":0,"aws:opensearch/package:Package":0,"aws:opensearch/packageAssociation:PackageAssociation":0,"aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy":1,"aws:opensearch/serverlessCollection:ServerlessCollection":1,"aws:opensearch/serverlessLifecyclePolicy:ServerlessLifecyclePolicy":1,"aws:opensearch/serverlessSecurityConfig:ServerlessSecurityConfig":1,"aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy":1,"aws:opensearch/serverlessVpcEndpoint:ServerlessVpcEndpoint":1,"aws:opensearch/vpcEndpoint:VpcEndpoint":0,"aws:opensearchingest/pipeline:Pipeline":1,"aws:organizations/account:Account":0,"aws:organizations/delegatedAdministrator:DelegatedAdministrator":0,"aws:organizations/organization:Organization":0,"aws:organizations/organizationalUnit:OrganizationalUnit":0,"aws:organizations/policy:Policy":0,"aws:organizations/policyAttachment:PolicyAttachment":0,"aws:organizations/resourcePolicy:ResourcePolicy":0,"aws:paymentcryptography/key:Key":1,"aws:paymentcryptography/keyAlias:KeyAlias":1,"aws:pinpoint/admChannel:AdmChannel":0,"aws:pinpoint/apnsChannel:ApnsChannel":0,"aws:pinpoint/apnsSandboxChannel:ApnsSandboxChannel":0,"aws:pinpoint/apnsVoipChannel:ApnsVoipChannel":0,"aws:pinpoint/apnsVoipSandboxChannel:ApnsVoipSandboxChannel":0,"aws:pinpoint/app:App":0,"aws:pinpoint/baiduChannel:BaiduChannel":0,"aws:pinpoint/emailChannel:EmailChannel":0,"aws:pinpoint/emailTemplate:EmailTemplate":1,"aws:pinpoint/eventStream:EventStream":0,"aws:pinpoint/gcmChannel:GcmChannel":0,"aws:pinpoint/smsChannel:SmsChannel":0,"aws:pinpoint/smsvoicev2ConfigurationSet:Smsvoicev2ConfigurationSet":1,"aws:pinpoint/smsvoicev2OptOutList:Smsvoicev2OptOutList":1,"aws:pinpoint/smsvoicev2PhoneNumber:Smsvoicev2PhoneNumber":1,"aws:pipes/pipe:Pipe":0,"aws:qbusiness/application:Application":1,"aws:qldb/ledger:Ledger":0,"aws:qldb/stream:Stream":0,"aws:quicksight/accountSettings:AccountSettings":1,"aws:quicksight/accountSubscription:AccountSubscription":0,"aws:quicksight/analysis:Analysis":0,"aws:quicksight/customPermissions:CustomPermissions":1,"aws:quicksight/dashboard:Dashboard":0,"aws:quicksight/dataSet:DataSet":0,"aws:quicksight/dataSource:DataSource":0,"aws:quicksight/folder:Folder":0,"aws:quicksight/folderMembership:FolderMembership":1,"aws:quicksight/group:Group":0,"aws:quicksight/groupMembership:GroupMembership":0,"aws:quicksight/iamPolicyAssignment:IamPolicyAssignment":1,"aws:quicksight/ingestion:Ingestion":1,"aws:quicksight/ipRestriction:IpRestriction":1,"aws:quicksight/keyRegistration:KeyRegistration":1,"aws:quicksight/namespace:Namespace":1,"aws:quicksight/refreshSchedule:RefreshSchedule":1,"aws:quicksight/roleCustomPermission:RoleCustomPermission":1,"aws:quicksight/roleMembership:RoleMembership":1,"aws:quicksight/template:Template":0,"aws:quicksight/templateAlias:TemplateAlias":1,"aws:quicksight/theme:Theme":0,"aws:quicksight/user:User":0,"aws:quicksight/userCustomPermission:UserCustomPermission":1,"aws:quicksight/vpcConnection:VpcConnection":1,"aws:ram/principalAssociation:PrincipalAssociation":0,"aws:ram/resourceAssociation:ResourceAssociation":0,"aws:ram/resourceShare:ResourceShare":0,"aws:ram/resourceShareAccepter:ResourceShareAccepter":0,"aws:ram/sharingWithOrganization:SharingWithOrganization":0,"aws:rbin/rule:Rule":0,"aws:rds/certificate:Certificate":0,"aws:rds/cluster:Cluster":0,"aws:rds/clusterActivityStream:ClusterActivityStream":0,"aws:rds/clusterEndpoint:ClusterEndpoint":0,"aws:rds/clusterInstance:ClusterInstance":0,"aws:rds/clusterParameterGroup:ClusterParameterGroup":0,"aws:rds/clusterRoleAssociation:ClusterRoleAssociation":0,"aws:rds/clusterSnapshot:ClusterSnapshot":0,"aws:rds/clusterSnapshotCopy:ClusterSnapshotCopy":1,"aws:rds/customDbEngineVersion:CustomDbEngineVersion":0,"aws:rds/eventSubscription:EventSubscription":0,"aws:rds/exportTask:ExportTask":1,"aws:rds/globalCluster:GlobalCluster":0,"aws:rds/instance:Instance":0,"aws:rds/instanceAutomatedBackupsReplication:InstanceAutomatedBackupsReplication":0,"aws:rds/instanceDesiredState:InstanceDesiredState":1,"aws:rds/integration:Integration":1,"aws:rds/optionGroup:OptionGroup":0,"aws:rds/parameterGroup:ParameterGroup":0,"aws:rds/proxy:Proxy":0,"aws:rds/proxyDefaultTargetGroup:ProxyDefaultTargetGroup":0,"aws:rds/proxyEndpoint:ProxyEndpoint":0,"aws:rds/proxyTarget:ProxyTarget":0,"aws:rds/reservedInstance:ReservedInstance":0,"aws:rds/roleAssociation:RoleAssociation":0,"aws:rds/shardGroup:ShardGroup":1,"aws:rds/snapshot:Snapshot":0,"aws:rds/snapshotCopy:SnapshotCopy":0,"aws:rds/subnetGroup:SubnetGroup":0,"aws:redshift/authenticationProfile:AuthenticationProfile":0,"aws:redshift/cluster:Cluster":0,"aws:redshift/clusterIamRoles:ClusterIamRoles":0,"aws:redshift/clusterSnapshot:ClusterSnapshot":0,"aws:redshift/dataShareAuthorization:DataShareAuthorization":1,"aws:redshift/dataShareConsumerAssociation:DataShareConsumerAssociation":1,"aws:redshift/endpointAccess:EndpointAccess":0,"aws:redshift/endpointAuthorization:EndpointAuthorization":0,"aws:redshift/eventSubscription:EventSubscription":0,"aws:redshift/hsmClientCertificate:HsmClientCertificate":0,"aws:redshift/hsmConfiguration:HsmConfiguration":0,"aws:redshift/integration:Integration":1,"aws:redshift/logging:Logging":1,"aws:redshift/parameterGroup:ParameterGroup":0,"aws:redshift/partner:Partner":0,"aws:redshift/resourcePolicy:ResourcePolicy":0,"aws:redshift/scheduledAction:ScheduledAction":0,"aws:redshift/snapshotCopy:SnapshotCopy":1,"aws:redshift/snapshotCopyGrant:SnapshotCopyGrant":0,"aws:redshift/snapshotSchedule:SnapshotSchedule":0,"aws:redshift/snapshotScheduleAssociation:SnapshotScheduleAssociation":0,"aws:redshift/subnetGroup:SubnetGroup":0,"aws:redshift/usageLimit:UsageLimit":0,"aws:redshiftdata/statement:Statement":0,"aws:redshiftserverless/customDomainAssociation:CustomDomainAssociation":1,"aws:redshiftserverless/endpointAccess:EndpointAccess":0,"aws:redshiftserverless/namespace:Namespace":0,"aws:redshiftserverless/resourcePolicy:ResourcePolicy":0,"aws:redshiftserverless/snapshot:Snapshot":0,"aws:redshiftserverless/usageLimit:UsageLimit":0,"aws:redshiftserverless/workgroup:Workgroup":0,"aws:rekognition/collection:Collection":1,"aws:rekognition/project:Project":1,"aws:rekognition/streamProcessor:StreamProcessor":1,"aws:resiliencehub/resiliencyPolicy:ResiliencyPolicy":1,"aws:resourceexplorer/index:Index":1,"aws:resourceexplorer/view:View":1,"aws:resourcegroups/group:Group":0,"aws:resourcegroups/resource:Resource":0,"aws:rolesanywhere/profile:Profile":0,"aws:rolesanywhere/trustAnchor:TrustAnchor":0,"aws:route53/cidrCollection:CidrCollection":1,"aws:route53/cidrLocation:CidrLocation":1,"aws:route53/delegationSet:DelegationSet":0,"aws:route53/healthCheck:HealthCheck":0,"aws:route53/hostedZoneDnsSec:HostedZoneDnsSec":0,"aws:route53/keySigningKey:KeySigningKey":0,"aws:route53/profilesAssociation:ProfilesAssociation":1,"aws:route53/profilesProfile:ProfilesProfile":1,"aws:route53/profilesResourceAssociation:ProfilesResourceAssociation":1,"aws:route53/queryLog:QueryLog":0,"aws:route53/record:Record":0,"aws:route53/recordsExclusive:RecordsExclusive":1,"aws:route53/resolverConfig:ResolverConfig":0,"aws:route53/resolverDnsSecConfig:ResolverDnsSecConfig":0,"aws:route53/resolverEndpoint:ResolverEndpoint":0,"aws:route53/resolverFirewallConfig:ResolverFirewallConfig":0,"aws:route53/resolverFirewallDomainList:ResolverFirewallDomainList":0,"aws:route53/resolverFirewallRule:ResolverFirewallRule":0,"aws:route53/resolverFirewallRuleGroup:ResolverFirewallRuleGroup":0,"aws:route53/resolverFirewallRuleGroupAssociation:ResolverFirewallRuleGroupAssociation":0,"aws:route53/resolverQueryLogConfig:ResolverQueryLogConfig":0,"aws:route53/resolverQueryLogConfigAssociation:ResolverQueryLogConfigAssociation":0,"aws:route53/resolverRule:ResolverRule":0,"aws:route53/resolverRuleAssociation:ResolverRuleAssociation":0,"aws:route53/trafficPolicy:TrafficPolicy":0,"aws:route53/trafficPolicyInstance:TrafficPolicyInstance":0,"aws:route53/vpcAssociationAuthorization:VpcAssociationAuthorization":0,"aws:route53/zone:Zone":0,"aws:route53/zoneAssociation:ZoneAssociation":0,"aws:route53domains/delegationSignerRecord:DelegationSignerRecord":1,"aws:route53domains/domain:Domain":1,"aws:route53domains/registeredDomain:RegisteredDomain":0,"aws:route53recoverycontrol/cluster:Cluster":0,"aws:route53recoverycontrol/controlPanel:ControlPanel":0,"aws:route53recoverycontrol/routingControl:RoutingControl":0,"aws:route53recoverycontrol/safetyRule:SafetyRule":0,"aws:route53recoveryreadiness/cell:Cell":0,"aws:route53recoveryreadiness/readinessCheck:ReadinessCheck":0,"aws:route53recoveryreadiness/recoveryGroup:RecoveryGroup":0,"aws:route53recoveryreadiness/resourceSet:ResourceSet":0,"aws:rum/appMonitor:AppMonitor":0,"aws:rum/metricsDestination:MetricsDestination":0,"aws:s3/accessPoint:AccessPoint":0,"aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock":0,"aws:s3/analyticsConfiguration:AnalyticsConfiguration":0,"aws:s3/bucket:Bucket":0,"aws:s3/bucketAccelerateConfiguration:BucketAccelerateConfiguration":0,"aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2":0,"aws:s3/bucketAcl:BucketAcl":0,"aws:s3/bucketAclV2:BucketAclV2":0,"aws:s3/bucketCorsConfiguration:BucketCorsConfiguration":0,"aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2":0,"aws:s3/bucketIntelligentTieringConfiguration:BucketIntelligentTieringConfiguration":0,"aws:s3/bucketLifecycleConfiguration:BucketLifecycleConfiguration":1,"aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2":1,"aws:s3/bucketLogging:BucketLogging":0,"aws:s3/bucketLoggingV2:BucketLoggingV2":0,"aws:s3/bucketMetadataConfiguration:BucketMetadataConfiguration":1,"aws:s3/bucketMetric:BucketMetric":0,"aws:s3/bucketNotification:BucketNotification":0,"aws:s3/bucketObject:BucketObject":0,"aws:s3/bucketObjectLockConfiguration:BucketObjectLockConfiguration":0,"aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2":0,"aws:s3/bucketObjectv2:BucketObjectv2":0,"aws:s3/bucketOwnershipControls:BucketOwnershipControls":0,"aws:s3/bucketPolicy:BucketPolicy":0,"aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock":0,"aws:s3/bucketReplicationConfig:BucketReplicationConfig":0,"aws:s3/bucketRequestPaymentConfiguration:BucketRequestPaymentConfiguration":0,"aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2":0,"aws:s3/bucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration":0,"aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2":0,"aws:s3/bucketV2:BucketV2":0,"aws:s3/bucketVersioning:BucketVersioning":0,"aws:s3/bucketVersioningV2:BucketVersioningV2":0,"aws:s3/bucketWebsiteConfiguration:BucketWebsiteConfiguration":0,"aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2":0,"aws:s3/directoryBucket:DirectoryBucket":1,"aws:s3/inventory:Inventory":0,"aws:s3/objectCopy:ObjectCopy":0,"aws:s3control/accessGrant:AccessGrant":1,"aws:s3control/accessGrantsInstance:AccessGrantsInstance":1,"aws:s3control/accessGrantsInstanceResourcePolicy:AccessGrantsInstanceResourcePolicy":1,"aws:s3control/accessGrantsLocation:AccessGrantsLocation":1,"aws:s3control/accessPointPolicy:AccessPointPolicy":0,"aws:s3control/bucket:Bucket":0,"aws:s3control/bucketLifecycleConfiguration:BucketLifecycleConfiguration":0,"aws:s3control/bucketPolicy:BucketPolicy":0,"aws:s3control/directoryBucketAccessPointScope:DirectoryBucketAccessPointScope":1,"aws:s3control/multiRegionAccessPoint:MultiRegionAccessPoint":0,"aws:s3control/multiRegionAccessPointPolicy:MultiRegionAccessPointPolicy":0,"aws:s3control/objectLambdaAccessPoint:ObjectLambdaAccessPoint":0,"aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy":0,"aws:s3control/storageLensConfiguration:StorageLensConfiguration":0,"aws:s3outposts/endpoint:Endpoint":0,"aws:s3tables/namespace:Namespace":1,"aws:s3tables/table:Table":1,"aws:s3tables/tableBucket:TableBucket":1,"aws:s3tables/tableBucketPolicy:TableBucketPolicy":1,"aws:s3tables/tablePolicy:TablePolicy":1,"aws:sagemaker/app:App":0,"aws:sagemaker/appImageConfig:AppImageConfig":0,"aws:sagemaker/codeRepository:CodeRepository":0,"aws:sagemaker/dataQualityJobDefinition:DataQualityJobDefinition":0,"aws:sagemaker/device:Device":0,"aws:sagemaker/deviceFleet:DeviceFleet":0,"aws:sagemaker/domain:Domain":0,"aws:sagemaker/endpoint:Endpoint":0,"aws:sagemaker/endpointConfiguration:EndpointConfiguration":0,"aws:sagemaker/featureGroup:FeatureGroup":0,"aws:sagemaker/flowDefinition:FlowDefinition":0,"aws:sagemaker/hub:Hub":0,"aws:sagemaker/humanTaskUI:HumanTaskUI":0,"aws:sagemaker/image:Image":0,"aws:sagemaker/imageVersion:ImageVersion":0,"aws:sagemaker/mlflowTrackingServer:MlflowTrackingServer":0,"aws:sagemaker/model:Model":0,"aws:sagemaker/modelPackageGroup:ModelPackageGroup":0,"aws:sagemaker/modelPackageGroupPolicy:ModelPackageGroupPolicy":0,"aws:sagemaker/monitoringSchedule:MonitoringSchedule":0,"aws:sagemaker/notebookInstance:NotebookInstance":0,"aws:sagemaker/notebookInstanceLifecycleConfiguration:NotebookInstanceLifecycleConfiguration":0,"aws:sagemaker/pipeline:Pipeline":0,"aws:sagemaker/project:Project":0,"aws:sagemaker/servicecatalogPortfolioStatus:ServicecatalogPortfolioStatus":0,"aws:sagemaker/space:Space":0,"aws:sagemaker/studioLifecycleConfig:StudioLifecycleConfig":0,"aws:sagemaker/userProfile:UserProfile":0,"aws:sagemaker/workforce:Workforce":0,"aws:sagemaker/workteam:Workteam":0,"aws:scheduler/schedule:Schedule":0,"aws:scheduler/scheduleGroup:ScheduleGroup":0,"aws:schemas/discoverer:Discoverer":0,"aws:schemas/registry:Registry":0,"aws:schemas/registryPolicy:RegistryPolicy":0,"aws:schemas/schema:Schema":0,"aws:secretsmanager/secret:Secret":0,"aws:secretsmanager/secretPolicy:SecretPolicy":0,"aws:secretsmanager/secretRotation:SecretRotation":0,"aws:secretsmanager/secretVersion:SecretVersion":0,"aws:securityhub/account:Account":0,"aws:securityhub/actionTarget:ActionTarget":0,"aws:securityhub/automationRule:AutomationRule":1,"aws:securityhub/configurationPolicy:ConfigurationPolicy":0,"aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation":0,"aws:securityhub/findingAggregator:FindingAggregator":0,"aws:securityhub/insight:Insight":0,"aws:securityhub/inviteAccepter:InviteAccepter":0,"aws:securityhub/member:Member":0,"aws:securityhub/organizationAdminAccount:OrganizationAdminAccount":0,"aws:securityhub/organizationConfiguration:OrganizationConfiguration":0,"aws:securityhub/productSubscription:ProductSubscription":0,"aws:securityhub/standardsControl:StandardsControl":0,"aws:securityhub/standardsControlAssociation:StandardsControlAssociation":1,"aws:securityhub/standardsSubscription:StandardsSubscription":0,"aws:securitylake/awsLogSource:AwsLogSource":1,"aws:securitylake/customLogSource:CustomLogSource":1,"aws:securitylake/dataLake:DataLake":1,"aws:securitylake/subscriber:Subscriber":1,"aws:securitylake/subscriberNotification:SubscriberNotification":1,"aws:serverlessrepository/cloudFormationStack:CloudFormationStack":0,"aws:servicecatalog/appregistryApplication:AppregistryApplication":1,"aws:servicecatalog/appregistryAttributeGroup:AppregistryAttributeGroup":1,"aws:servicecatalog/appregistryAttributeGroupAssociation:AppregistryAttributeGroupAssociation":1,"aws:servicecatalog/budgetResourceAssociation:BudgetResourceAssociation":0,"aws:servicecatalog/constraint:Constraint":0,"aws:servicecatalog/organizationsAccess:OrganizationsAccess":0,"aws:servicecatalog/portfolio:Portfolio":0,"aws:servicecatalog/portfolioShare:PortfolioShare":0,"aws:servicecatalog/principalPortfolioAssociation:PrincipalPortfolioAssociation":0,"aws:servicecatalog/product:Product":0,"aws:servicecatalog/productPortfolioAssociation:ProductPortfolioAssociation":0,"aws:servicecatalog/provisionedProduct:ProvisionedProduct":0,"aws:servicecatalog/provisioningArtifact:ProvisioningArtifact":0,"aws:servicecatalog/serviceAction:ServiceAction":0,"aws:servicecatalog/tagOption:TagOption":0,"aws:servicecatalog/tagOptionResourceAssociation:TagOptionResourceAssociation":0,"aws:servicediscovery/httpNamespace:HttpNamespace":0,"aws:servicediscovery/instance:Instance":0,"aws:servicediscovery/privateDnsNamespace:PrivateDnsNamespace":0,"aws:servicediscovery/publicDnsNamespace:PublicDnsNamespace":0,"aws:servicediscovery/service:Service":0,"aws:servicequotas/serviceQuota:ServiceQuota":0,"aws:servicequotas/template:Template":1,"aws:servicequotas/templateAssociation:TemplateAssociation":1,"aws:ses/activeReceiptRuleSet:ActiveReceiptRuleSet":0,"aws:ses/configurationSet:ConfigurationSet":0,"aws:ses/domainDkim:DomainDkim":0,"aws:ses/domainIdentity:DomainIdentity":0,"aws:ses/domainIdentityVerification:DomainIdentityVerification":0,"aws:ses/emailIdentity:EmailIdentity":0,"aws:ses/eventDestination:EventDestination":0,"aws:ses/identityNotificationTopic:IdentityNotificationTopic":0,"aws:ses/identityPolicy:IdentityPolicy":0,"aws:ses/mailFrom:MailFrom":0,"aws:ses/receiptFilter:ReceiptFilter":0,"aws:ses/receiptRule:ReceiptRule":0,"aws:ses/receiptRuleSet:ReceiptRuleSet":0,"aws:ses/template:Template":0,"aws:sesv2/accountSuppressionAttributes:AccountSuppressionAttributes":1,"aws:sesv2/accountVdmAttributes:AccountVdmAttributes":0,"aws:sesv2/configurationSet:ConfigurationSet":0,"aws:sesv2/configurationSetEventDestination:ConfigurationSetEventDestination":0,"aws:sesv2/contactList:ContactList":0,"aws:sesv2/dedicatedIpAssignment:DedicatedIpAssignment":0,"aws:sesv2/dedicatedIpPool:DedicatedIpPool":0,"aws:sesv2/emailIdentity:EmailIdentity":0,"aws:sesv2/emailIdentityFeedbackAttributes:EmailIdentityFeedbackAttributes":0,"aws:sesv2/emailIdentityMailFromAttributes:EmailIdentityMailFromAttributes":0,"aws:sesv2/emailIdentityPolicy:EmailIdentityPolicy":0,"aws:sfn/activity:Activity":0,"aws:sfn/alias:Alias":0,"aws:sfn/stateMachine:StateMachine":0,"aws:shield/applicationLayerAutomaticResponse:ApplicationLayerAutomaticResponse":1,"aws:shield/drtAccessLogBucketAssociation:DrtAccessLogBucketAssociation":1,"aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation":1,"aws:shield/proactiveEngagement:ProactiveEngagement":1,"aws:shield/protection:Protection":0,"aws:shield/protectionGroup:ProtectionGroup":0,"aws:shield/protectionHealthCheckAssociation:ProtectionHealthCheckAssociation":0,"aws:shield/subscription:Subscription":1,"aws:signer/signingJob:SigningJob":0,"aws:signer/signingProfile:SigningProfile":0,"aws:signer/signingProfilePermission:SigningProfilePermission":0,"aws:sns/dataProtectionPolicy:DataProtectionPolicy":0,"aws:sns/platformApplication:PlatformApplication":0,"aws:sns/smsPreferences:SmsPreferences":0,"aws:sns/topic:Topic":0,"aws:sns/topicPolicy:TopicPolicy":0,"aws:sns/topicSubscription:TopicSubscription":0,"aws:sqs/queue:Queue":0,"aws:sqs/queuePolicy:QueuePolicy":0,"aws:sqs/redriveAllowPolicy:RedriveAllowPolicy":0,"aws:sqs/redrivePolicy:RedrivePolicy":0,"aws:ssm/activation:Activation":0,"aws:ssm/association:Association":0,"aws:ssm/contactsRotation:ContactsRotation":1,"aws:ssm/defaultPatchBaseline:DefaultPatchBaseline":0,"aws:ssm/document:Document":0,"aws:ssm/maintenanceWindow:MaintenanceWindow":0,"aws:ssm/maintenanceWindowTarget:MaintenanceWindowTarget":0,"aws:ssm/maintenanceWindowTask:MaintenanceWindowTask":0,"aws:ssm/parameter:Parameter":0,"aws:ssm/patchBaseline:PatchBaseline":0,"aws:ssm/patchGroup:PatchGroup":0,"aws:ssm/quicksetupConfigurationManager:QuicksetupConfigurationManager":1,"aws:ssm/resourceDataSync:ResourceDataSync":0,"aws:ssm/serviceSetting:ServiceSetting":0,"aws:ssmcontacts/contact:Contact":0,"aws:ssmcontacts/contactChannel:ContactChannel":0,"aws:ssmcontacts/plan:Plan":0,"aws:ssmincidents/replicationSet:ReplicationSet":0,"aws:ssmincidents/responsePlan:ResponsePlan":0,"aws:ssoadmin/accountAssignment:AccountAssignment":0,"aws:ssoadmin/application:Application":1,"aws:ssoadmin/applicationAccessScope:ApplicationAccessScope":1,"aws:ssoadmin/applicationAssignment:ApplicationAssignment":1,"aws:ssoadmin/applicationAssignmentConfiguration:ApplicationAssignmentConfiguration":1,"aws:ssoadmin/customerManagedPolicyAttachment:CustomerManagedPolicyAttachment":0,"aws:ssoadmin/instanceAccessControlAttributes:InstanceAccessControlAttributes":0,"aws:ssoadmin/managedPolicyAttachment:ManagedPolicyAttachment":0,"aws:ssoadmin/permissionSet:PermissionSet":0,"aws:ssoadmin/permissionSetInlinePolicy:PermissionSetInlinePolicy":0,"aws:ssoadmin/permissionsBoundaryAttachment:PermissionsBoundaryAttachment":0,"aws:ssoadmin/trustedTokenIssuer:TrustedTokenIssuer":1,"aws:storagegateway/cache:Cache":0,"aws:storagegateway/cachesIscsiVolume:CachesIscsiVolume":0,"aws:storagegateway/fileSystemAssociation:FileSystemAssociation":0,"aws:storagegateway/gateway:Gateway":0,"aws:storagegateway/nfsFileShare:NfsFileShare":0,"aws:storagegateway/smbFileShare:SmbFileShare":0,"aws:storagegateway/storedIscsiVolume:StoredIscsiVolume":0,"aws:storagegateway/tapePool:TapePool":0,"aws:storagegateway/uploadBuffer:UploadBuffer":0,"aws:storagegateway/workingStorage:WorkingStorage":0,"aws:swf/domain:Domain":0,"aws:synthetics/canary:Canary":0,"aws:synthetics/group:Group":0,"aws:synthetics/groupAssociation:GroupAssociation":0,"aws:timestreaminfluxdb/dbCluster:DbCluster":1,"aws:timestreaminfluxdb/dbInstance:DbInstance":1,"aws:timestreamquery/scheduledQuery:ScheduledQuery":1,"aws:timestreamwrite/database:Database":0,"aws:timestreamwrite/table:Table":0,"aws:transcribe/languageModel:LanguageModel":0,"aws:transcribe/medicalVocabulary:MedicalVocabulary":0,"aws:transcribe/vocabulary:Vocabulary":0,"aws:transcribe/vocabularyFilter:VocabularyFilter":0,"aws:transfer/access:Access":0,"aws:transfer/agreement:Agreement":0,"aws:transfer/certificate:Certificate":0,"aws:transfer/connector:Connector":0,"aws:transfer/hostKey:HostKey":1,"aws:transfer/profile:Profile":0,"aws:transfer/server:Server":0,"aws:transfer/sshKey:SshKey":0,"aws:transfer/tag:Tag":0,"aws:transfer/user:User":0,"aws:transfer/webApp:WebApp":1,"aws:transfer/webAppCustomization:WebAppCustomization":1,"aws:transfer/workflow:Workflow":0,"aws:verifiedaccess/endpoint:Endpoint":0,"aws:verifiedaccess/group:Group":0,"aws:verifiedaccess/instance:Instance":0,"aws:verifiedaccess/instanceLoggingConfiguration:InstanceLoggingConfiguration":0,"aws:verifiedaccess/instanceTrustProviderAttachment:InstanceTrustProviderAttachment":0,"aws:verifiedaccess/trustProvider:TrustProvider":0,"aws:verifiedpermissions/identitySource:IdentitySource":1,"aws:verifiedpermissions/policy:Policy":1,"aws:verifiedpermissions/policyStore:PolicyStore":1,"aws:verifiedpermissions/policyTemplate:PolicyTemplate":1,"aws:verifiedpermissions/schema:Schema":1,"aws:vpc/endpointPrivateDns:EndpointPrivateDns":1,"aws:vpc/endpointServicePrivateDnsVerification:EndpointServicePrivateDnsVerification":1,"aws:vpc/routeServer:RouteServer":1,"aws:vpc/routeServerEndpoint:RouteServerEndpoint":1,"aws:vpc/routeServerPeer:RouteServerPeer":1,"aws:vpc/routeServerPropagation:RouteServerPropagation":1,"aws:vpc/routeServerVpcAssociation:RouteServerVpcAssociation":1,"aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule":1,"aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule":1,"aws:vpc/securityGroupVpcAssociation:SecurityGroupVpcAssociation":1,"aws:vpclattice/accessLogSubscription:AccessLogSubscription":0,"aws:vpclattice/authPolicy:AuthPolicy":0,"aws:vpclattice/listener:Listener":0,"aws:vpclattice/listenerRule:ListenerRule":0,"aws:vpclattice/resourceConfiguration:ResourceConfiguration":1,"aws:vpclattice/resourceGateway:ResourceGateway":1,"aws:vpclattice/resourcePolicy:ResourcePolicy":0,"aws:vpclattice/service:Service":0,"aws:vpclattice/serviceNetwork:ServiceNetwork":0,"aws:vpclattice/serviceNetworkResourceAssociation:ServiceNetworkResourceAssociation":1,"aws:vpclattice/serviceNetworkServiceAssociation:ServiceNetworkServiceAssociation":0,"aws:vpclattice/serviceNetworkVpcAssociation:ServiceNetworkVpcAssociation":0,"aws:vpclattice/targetGroup:TargetGroup":0,"aws:vpclattice/targetGroupAttachment:TargetGroupAttachment":0,"aws:waf/byteMatchSet:ByteMatchSet":0,"aws:waf/geoMatchSet:GeoMatchSet":0,"aws:waf/ipSet:IpSet":0,"aws:waf/rateBasedRule:RateBasedRule":0,"aws:waf/regexMatchSet:RegexMatchSet":0,"aws:waf/regexPatternSet:RegexPatternSet":0,"aws:waf/rule:Rule":0,"aws:waf/ruleGroup:RuleGroup":0,"aws:waf/sizeConstraintSet:SizeConstraintSet":0,"aws:waf/sqlInjectionMatchSet:SqlInjectionMatchSet":0,"aws:waf/webAcl:WebAcl":0,"aws:waf/xssMatchSet:XssMatchSet":0,"aws:wafregional/byteMatchSet:ByteMatchSet":0,"aws:wafregional/geoMatchSet:GeoMatchSet":0,"aws:wafregional/ipSet:IpSet":0,"aws:wafregional/rateBasedRule:RateBasedRule":0,"aws:wafregional/regexMatchSet:RegexMatchSet":0,"aws:wafregional/regexPatternSet:RegexPatternSet":0,"aws:wafregional/rule:Rule":0,"aws:wafregional/ruleGroup:RuleGroup":0,"aws:wafregional/sizeConstraintSet:SizeConstraintSet":0,"aws:wafregional/sqlInjectionMatchSet:SqlInjectionMatchSet":0,"aws:wafregional/webAcl:WebAcl":0,"aws:wafregional/webAclAssociation:WebAclAssociation":0,"aws:wafregional/xssMatchSet:XssMatchSet":0,"aws:wafv2/apiKey:ApiKey":1,"aws:wafv2/ipSet:IpSet":0,"aws:wafv2/regexPatternSet:RegexPatternSet":0,"aws:wafv2/ruleGroup:RuleGroup":0,"aws:wafv2/webAcl:WebAcl":0,"aws:wafv2/webAclAssociation:WebAclAssociation":0,"aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration":0,"aws:wafv2/webAclRuleGroupAssociation:WebAclRuleGroupAssociation":1,"aws:workspaces/connectionAlias:ConnectionAlias":1,"aws:workspaces/directory:Directory":0,"aws:workspaces/ipGroup:IpGroup":0,"aws:workspaces/workspace:Workspace":0,"aws:workspacesweb/browserSettings:BrowserSettings":1,"aws:workspacesweb/browserSettingsAssociation:BrowserSettingsAssociation":1,"aws:workspacesweb/dataProtectionSettings:DataProtectionSettings":1,"aws:workspacesweb/dataProtectionSettingsAssociation:DataProtectionSettingsAssociation":1,"aws:workspacesweb/identityProvider:IdentityProvider":1,"aws:workspacesweb/ipAccessSettings:IpAccessSettings":1,"aws:workspacesweb/ipAccessSettingsAssociation:IpAccessSettingsAssociation":1,"aws:workspacesweb/networkSettings:NetworkSettings":1,"aws:workspacesweb/networkSettingsAssociation:NetworkSettingsAssociation":1,"aws:workspacesweb/portal:Portal":1,"aws:workspacesweb/sessionLogger:SessionLogger":1,"aws:workspacesweb/sessionLoggerAssociation:SessionLoggerAssociation":1,"aws:workspacesweb/trustStore:TrustStore":1,"aws:workspacesweb/trustStoreAssociation:TrustStoreAssociation":1,"aws:workspacesweb/userAccessLoggingSettings:UserAccessLoggingSettings":1,"aws:workspacesweb/userAccessLoggingSettingsAssociation:UserAccessLoggingSettingsAssociation":1,"aws:workspacesweb/userSettings:UserSettings":1,"aws:workspacesweb/userSettingsAssociation:UserSettingsAssociation":1,"aws:xray/encryptionConfig:EncryptionConfig":0,"aws:xray/group:Group":0,"aws:xray/resourcePolicy:ResourcePolicy":1,"aws:xray/samplingRule:SamplingRule":0},"functions":{"aws:account/getPrimaryContact:getPrimaryContact":1,"aws:acm/getCertificate:getCertificate":0,"aws:acmpca/getCertificate:getCertificate":0,"aws:acmpca/getCertificateAuthority:getCertificateAuthority":0,"aws:alb/getListener:getListener":0,"aws:alb/getLoadBalancer:getLoadBalancer":0,"aws:alb/getTargetGroup:getTargetGroup":0,"aws:amp/getDefaultScraperConfiguration:getDefaultScraperConfiguration":1,"aws:amp/getWorkspace:getWorkspace":0,"aws:amp/getWorkspaces:getWorkspaces":0,"aws:apigateway/getApiKeys:getApiKeys":1,"aws:apigateway/getAuthorizer:getAuthorizer":0,"aws:apigateway/getAuthorizers:getAuthorizers":0,"aws:apigateway/getDomainName:getDomainName":0,"aws:apigateway/getExport:getExport":0,"aws:apigateway/getKey:getKey":0,"aws:apigateway/getResource:getResource":0,"aws:apigateway/getRestApi:getRestApi":0,"aws:apigateway/getSdk:getSdk":0,"aws:apigateway/getVpcLink:getVpcLink":0,"aws:apigatewayv2/getApi:getApi":0,"aws:apigatewayv2/getApis:getApis":0,"aws:apigatewayv2/getExport:getExport":0,"aws:apigatewayv2/getVpcLink:getVpcLink":0,"aws:appconfig/getApplication:getApplication":1,"aws:appconfig/getConfigurationProfile:getConfigurationProfile":0,"aws:appconfig/getConfigurationProfiles:getConfigurationProfiles":0,"aws:appconfig/getEnvironment:getEnvironment":0,"aws:appconfig/getEnvironments:getEnvironments":0,"aws:appintegrations/getEventIntegration:getEventIntegration":0,"aws:appmesh/getGatewayRoute:getGatewayRoute":0,"aws:appmesh/getMesh:getMesh":0,"aws:appmesh/getRoute:getRoute":0,"aws:appmesh/getVirtualGateway:getVirtualGateway":0,"aws:appmesh/getVirtualNode:getVirtualNode":0,"aws:appmesh/getVirtualRouter:getVirtualRouter":0,"aws:appmesh/getVirtualService:getVirtualService":0,"aws:apprunner/getHostedZoneId:getHostedZoneId":1,"aws:appstream/getImage:getImage":1,"aws:athena/getNamedQuery:getNamedQuery":0,"aws:auditmanager/getControl:getControl":1,"aws:auditmanager/getFramework:getFramework":1,"aws:autoscaling/getAmiIds:getAmiIds":0,"aws:autoscaling/getGroup:getGroup":0,"aws:backup/getFramework:getFramework":0,"aws:backup/getPlan:getPlan":0,"aws:backup/getReportPlan:getReportPlan":0,"aws:backup/getSelection:getSelection":0,"aws:backup/getVault:getVault":0,"aws:batch/getComputeEnvironment:getComputeEnvironment":0,"aws:batch/getJobDefinition:getJobDefinition":1,"aws:batch/getJobQueue:getJobQueue":0,"aws:batch/getSchedulingPolicy:getSchedulingPolicy":0,"aws:bedrock/getAgentAgentVersions:getAgentAgentVersions":1,"aws:bedrock/getCustomModel:getCustomModel":1,"aws:bedrock/getCustomModels:getCustomModels":1,"aws:bedrock/getInferenceProfile:getInferenceProfile":1,"aws:bedrock/getInferenceProfiles:getInferenceProfiles":1,"aws:bedrockfoundation/getModel:getModel":1,"aws:bedrockfoundation/getModels:getModels":1,"aws:billing/getViews:getViews":1,"aws:budgets/getBudget:getBudget":0,"aws:chatbot/getSlackWorkspace:getSlackWorkspace":1,"aws:cloudcontrol/getResource:getResource":0,"aws:cloudformation/getCloudFormationType:getCloudFormationType":0,"aws:cloudformation/getExport:getExport":0,"aws:cloudformation/getStack:getStack":0,"aws:cloudfront/getCachePolicy:getCachePolicy":0,"aws:cloudfront/getDistribution:getDistribution":0,"aws:cloudfront/getFunction:getFunction":0,"aws:cloudfront/getLogDeliveryCanonicalUserId:getLogDeliveryCanonicalUserId":0,"aws:cloudfront/getOriginAccessControl:getOriginAccessControl":1,"aws:cloudfront/getOriginAccessIdentities:getOriginAccessIdentities":0,"aws:cloudfront/getOriginAccessIdentity:getOriginAccessIdentity":0,"aws:cloudfront/getOriginRequestPolicy:getOriginRequestPolicy":0,"aws:cloudfront/getRealtimeLogConfig:getRealtimeLogConfig":0,"aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy":0,"aws:cloudhsmv2/getCluster:getCluster":0,"aws:cloudtrail/getServiceAccount:getServiceAccount":0,"aws:cloudwatch/getContributorManagedInsightRules:getContributorManagedInsightRules":1,"aws:cloudwatch/getEventBus:getEventBus":0,"aws:cloudwatch/getEventBuses:getEventBuses":1,"aws:cloudwatch/getEventConnection:getEventConnection":0,"aws:cloudwatch/getEventSource:getEventSource":0,"aws:cloudwatch/getLogDataProtectionPolicyDocument:getLogDataProtectionPolicyDocument":0,"aws:cloudwatch/getLogGroup:getLogGroup":0,"aws:cloudwatch/getLogGroups:getLogGroups":0,"aws:codeartifact/getAuthorizationToken:getAuthorizationToken":0,"aws:codeartifact/getRepositoryEndpoint:getRepositoryEndpoint":0,"aws:codebuild/getFleet:getFleet":0,"aws:codecatalyst/getDevEnvironment:getDevEnvironment":0,"aws:codecommit/getApprovalRuleTemplate:getApprovalRuleTemplate":0,"aws:codecommit/getRepository:getRepository":0,"aws:codeguruprofiler/getProfilingGroup:getProfilingGroup":1,"aws:codestarconnections/getConnection:getConnection":0,"aws:cognito/getIdentityPool:getIdentityPool":0,"aws:cognito/getUserGroup:getUserGroup":1,"aws:cognito/getUserGroups:getUserGroups":1,"aws:cognito/getUserPool:getUserPool":1,"aws:cognito/getUserPoolClient:getUserPoolClient":0,"aws:cognito/getUserPoolClients:getUserPoolClients":0,"aws:cognito/getUserPoolSigningCertificate:getUserPoolSigningCertificate":0,"aws:cognito/getUserPools:getUserPools":0,"aws:connect/getBotAssociation:getBotAssociation":0,"aws:connect/getContactFlow:getContactFlow":0,"aws:connect/getContactFlowModule:getContactFlowModule":0,"aws:connect/getHoursOfOperation:getHoursOfOperation":0,"aws:connect/getInstance:getInstance":0,"aws:connect/getInstanceStorageConfig:getInstanceStorageConfig":0,"aws:connect/getLambdaFunctionAssociation:getLambdaFunctionAssociation":0,"aws:connect/getPrompt:getPrompt":0,"aws:connect/getQueue:getQueue":0,"aws:connect/getQuickConnect:getQuickConnect":0,"aws:connect/getRoutingProfile:getRoutingProfile":0,"aws:connect/getSecurityProfile:getSecurityProfile":0,"aws:connect/getUser:getUser":0,"aws:connect/getUserHierarchyGroup:getUserHierarchyGroup":0,"aws:connect/getUserHierarchyStructure:getUserHierarchyStructure":0,"aws:connect/getVocabulary:getVocabulary":0,"aws:controltower/getControls:getControls":0,"aws:costexplorer/getCostCategory:getCostCategory":0,"aws:costexplorer/getTags:getTags":0,"aws:cur/getReportDefinition:getReportDefinition":0,"aws:datapipeline/getPipeline:getPipeline":0,"aws:datapipeline/getPipelineDefinition:getPipelineDefinition":0,"aws:datazone/getDomain:getDomain":1,"aws:datazone/getEnvironmentBlueprint:getEnvironmentBlueprint":1,"aws:devopsguru/getNotificationChannel:getNotificationChannel":1,"aws:devopsguru/getResourceCollection:getResourceCollection":1,"aws:directconnect/getConnection:getConnection":0,"aws:directconnect/getGateway:getGateway":0,"aws:directconnect/getLocation:getLocation":0,"aws:directconnect/getLocations:getLocations":0,"aws:directconnect/getRouterConfiguration:getRouterConfiguration":0,"aws:directoryservice/getDirectory:getDirectory":0,"aws:dms/getCertificate:getCertificate":0,"aws:dms/getEndpoint:getEndpoint":0,"aws:dms/getReplicationInstance:getReplicationInstance":0,"aws:dms/getReplicationSubnetGroup:getReplicationSubnetGroup":0,"aws:dms/getReplicationTask:getReplicationTask":0,"aws:docdb/getEngineVersion:getEngineVersion":0,"aws:docdb/getOrderableDbInstance:getOrderableDbInstance":0,"aws:dynamodb/getTable:getTable":0,"aws:dynamodb/getTableItem:getTableItem":0,"aws:dynamodb/getTables:getTables":1,"aws:ebs/getDefaultKmsKey:getDefaultKmsKey":0,"aws:ebs/getEbsVolumes:getEbsVolumes":0,"aws:ebs/getEncryptionByDefault:getEncryptionByDefault":0,"aws:ebs/getSnapshot:getSnapshot":0,"aws:ebs/getSnapshotIds:getSnapshotIds":0,"aws:ebs/getVolume:getVolume":0,"aws:ec2/getAmi:getAmi":0,"aws:ec2/getAmiIds:getAmiIds":0,"aws:ec2/getCapacityBlockOffering:getCapacityBlockOffering":1,"aws:ec2/getCoipPool:getCoipPool":0,"aws:ec2/getCoipPools:getCoipPools":0,"aws:ec2/getCustomerGateway:getCustomerGateway":0,"aws:ec2/getDedicatedHost:getDedicatedHost":0,"aws:ec2/getEips:getEips":0,"aws:ec2/getElasticIp:getElasticIp":0,"aws:ec2/getInstance:getInstance":0,"aws:ec2/getInstanceType:getInstanceType":0,"aws:ec2/getInstanceTypeOffering:getInstanceTypeOffering":0,"aws:ec2/getInstanceTypeOfferings:getInstanceTypeOfferings":0,"aws:ec2/getInstanceTypes:getInstanceTypes":0,"aws:ec2/getInstances:getInstances":0,"aws:ec2/getInternetGateway:getInternetGateway":0,"aws:ec2/getIpamPreviewNextCidr:getIpamPreviewNextCidr":0,"aws:ec2/getKeyPair:getKeyPair":0,"aws:ec2/getLaunchConfiguration:getLaunchConfiguration":0,"aws:ec2/getLaunchTemplate:getLaunchTemplate":0,"aws:ec2/getLocalGateway:getLocalGateway":0,"aws:ec2/getLocalGatewayRouteTable:getLocalGatewayRouteTable":0,"aws:ec2/getLocalGatewayRouteTables:getLocalGatewayRouteTables":0,"aws:ec2/getLocalGatewayVirtualInterface:getLocalGatewayVirtualInterface":0,"aws:ec2/getLocalGatewayVirtualInterfaceGroup:getLocalGatewayVirtualInterfaceGroup":0,"aws:ec2/getLocalGatewayVirtualInterfaceGroups:getLocalGatewayVirtualInterfaceGroups":0,"aws:ec2/getLocalGateways:getLocalGateways":0,"aws:ec2/getManagedPrefixList:getManagedPrefixList":0,"aws:ec2/getManagedPrefixLists:getManagedPrefixLists":0,"aws:ec2/getNatGateway:getNatGateway":0,"aws:ec2/getNatGateways:getNatGateways":0,"aws:ec2/getNetworkAcls:getNetworkAcls":0,"aws:ec2/getNetworkInsightsAnalysis:getNetworkInsightsAnalysis":0,"aws:ec2/getNetworkInsightsPath:getNetworkInsightsPath":0,"aws:ec2/getNetworkInterface:getNetworkInterface":0,"aws:ec2/getNetworkInterfaces:getNetworkInterfaces":0,"aws:ec2/getPrefixList:getPrefixList":0,"aws:ec2/getPublicIpv4Pool:getPublicIpv4Pool":0,"aws:ec2/getPublicIpv4Pools:getPublicIpv4Pools":0,"aws:ec2/getRoute:getRoute":0,"aws:ec2/getRouteTable:getRouteTable":0,"aws:ec2/getRouteTables:getRouteTables":0,"aws:ec2/getSecurityGroup:getSecurityGroup":0,"aws:ec2/getSecurityGroups:getSecurityGroups":0,"aws:ec2/getSerialConsoleAccess:getSerialConsoleAccess":0,"aws:ec2/getSpotDatafeedSubscription:getSpotDatafeedSubscription":1,"aws:ec2/getSpotPrice:getSpotPrice":0,"aws:ec2/getSubnet:getSubnet":0,"aws:ec2/getSubnets:getSubnets":0,"aws:ec2/getTransitGatewayRouteTables:getTransitGatewayRouteTables":0,"aws:ec2/getVpc:getVpc":0,"aws:ec2/getVpcDhcpOptions:getVpcDhcpOptions":0,"aws:ec2/getVpcEndpoint:getVpcEndpoint":0,"aws:ec2/getVpcEndpointService:getVpcEndpointService":0,"aws:ec2/getVpcIpam:getVpcIpam":1,"aws:ec2/getVpcIpamPool:getVpcIpamPool":0,"aws:ec2/getVpcIpamPoolCidrs:getVpcIpamPoolCidrs":0,"aws:ec2/getVpcIpamPools:getVpcIpamPools":0,"aws:ec2/getVpcIpams:getVpcIpams":1,"aws:ec2/getVpcPeeringConnection:getVpcPeeringConnection":0,"aws:ec2/getVpcPeeringConnections:getVpcPeeringConnections":0,"aws:ec2/getVpcs:getVpcs":0,"aws:ec2/getVpnConnection:getVpnConnection":1,"aws:ec2/getVpnGateway:getVpnGateway":0,"aws:ec2clientvpn/getEndpoint:getEndpoint":0,"aws:ec2transitgateway/getAttachment:getAttachment":0,"aws:ec2transitgateway/getAttachments:getAttachments":0,"aws:ec2transitgateway/getConnect:getConnect":0,"aws:ec2transitgateway/getConnectPeer:getConnectPeer":0,"aws:ec2transitgateway/getDirectConnectGatewayAttachment:getDirectConnectGatewayAttachment":0,"aws:ec2transitgateway/getMulticastDomain:getMulticastDomain":0,"aws:ec2transitgateway/getPeeringAttachment:getPeeringAttachment":0,"aws:ec2transitgateway/getPeeringAttachments:getPeeringAttachments":0,"aws:ec2transitgateway/getRouteTable:getRouteTable":0,"aws:ec2transitgateway/getRouteTableAssociations:getRouteTableAssociations":0,"aws:ec2transitgateway/getRouteTablePropagations:getRouteTablePropagations":0,"aws:ec2transitgateway/getRouteTableRoutes:getRouteTableRoutes":0,"aws:ec2transitgateway/getTransitGateway:getTransitGateway":0,"aws:ec2transitgateway/getVpcAttachment:getVpcAttachment":0,"aws:ec2transitgateway/getVpcAttachments:getVpcAttachments":0,"aws:ec2transitgateway/getVpnAttachment:getVpnAttachment":0,"aws:ecr/getAuthorizationToken:getAuthorizationToken":0,"aws:ecr/getImage:getImage":0,"aws:ecr/getImages:getImages":1,"aws:ecr/getLifecyclePolicyDocument:getLifecyclePolicyDocument":1,"aws:ecr/getPullThroughCacheRule:getPullThroughCacheRule":0,"aws:ecr/getRepositories:getRepositories":1,"aws:ecr/getRepository:getRepository":0,"aws:ecr/getRepositoryCreationTemplate:getRepositoryCreationTemplate":0,"aws:ecrpublic/getAuthorizationToken:getAuthorizationToken":0,"aws:ecrpublic/getImages:getImages":1,"aws:ecs/getCluster:getCluster":0,"aws:ecs/getClusters:getClusters":1,"aws:ecs/getContainerDefinition:getContainerDefinition":0,"aws:ecs/getService:getService":0,"aws:ecs/getTaskDefinition:getTaskDefinition":0,"aws:ecs/getTaskExecution:getTaskExecution":0,"aws:efs/getAccessPoint:getAccessPoint":0,"aws:efs/getAccessPoints:getAccessPoints":0,"aws:efs/getFileSystem:getFileSystem":0,"aws:efs/getMountTarget:getMountTarget":0,"aws:eks/getAccessEntry:getAccessEntry":0,"aws:eks/getAddon:getAddon":0,"aws:eks/getAddonVersion:getAddonVersion":0,"aws:eks/getCluster:getCluster":0,"aws:eks/getClusterAuth:getClusterAuth":0,"aws:eks/getClusterVersions:getClusterVersions":1,"aws:eks/getClusters:getClusters":0,"aws:eks/getNodeGroup:getNodeGroup":0,"aws:eks/getNodeGroups:getNodeGroups":0,"aws:elasticache/getCluster:getCluster":0,"aws:elasticache/getReplicationGroup:getReplicationGroup":0,"aws:elasticache/getReservedCacheNodeOffering:getReservedCacheNodeOffering":1,"aws:elasticache/getServerlessCache:getServerlessCache":1,"aws:elasticache/getSubnetGroup:getSubnetGroup":0,"aws:elasticache/getUser:getUser":0,"aws:elasticbeanstalk/getApplication:getApplication":0,"aws:elasticbeanstalk/getHostedZone:getHostedZone":0,"aws:elasticbeanstalk/getSolutionStack:getSolutionStack":0,"aws:elasticsearch/getDomain:getDomain":0,"aws:elb/getHostedZoneId:getHostedZoneId":0,"aws:elb/getLoadBalancer:getLoadBalancer":0,"aws:elb/getServiceAccount:getServiceAccount":0,"aws:emr/getReleaseLabels:getReleaseLabels":0,"aws:emr/getSupportedInstanceTypes:getSupportedInstanceTypes":1,"aws:emrcontainers/getVirtualCluster:getVirtualCluster":0,"aws:fis/getExperimentTemplates:getExperimentTemplates":1,"aws:fsx/getOntapFileSystem:getOntapFileSystem":0,"aws:fsx/getOntapStorageVirtualMachine:getOntapStorageVirtualMachine":0,"aws:fsx/getOntapStorageVirtualMachines:getOntapStorageVirtualMachines":0,"aws:fsx/getOpenZfsSnapshot:getOpenZfsSnapshot":0,"aws:fsx/getWindowsFileSystem:getWindowsFileSystem":0,"aws:globalaccelerator/getAccelerator:getAccelerator":1,"aws:globalaccelerator/getCustomRoutingAccelerator:getCustomRoutingAccelerator":0,"aws:glue/getCatalogTable:getCatalogTable":0,"aws:glue/getConnection:getConnection":0,"aws:glue/getDataCatalogEncryptionSettings:getDataCatalogEncryptionSettings":0,"aws:glue/getRegistry:getRegistry":1,"aws:glue/getScript:getScript":0,"aws:grafana/getWorkspace:getWorkspace":0,"aws:guardduty/getDetector:getDetector":0,"aws:guardduty/getFindingIds:getFindingIds":1,"aws:iam/getAccessKeys:getAccessKeys":0,"aws:iam/getAccountAlias:getAccountAlias":0,"aws:iam/getGroup:getGroup":0,"aws:iam/getInstanceProfile:getInstanceProfile":0,"aws:iam/getInstanceProfiles:getInstanceProfiles":0,"aws:iam/getOpenIdConnectProvider:getOpenIdConnectProvider":0,"aws:iam/getPolicy:getPolicy":0,"aws:iam/getPolicyDocument:getPolicyDocument":0,"aws:iam/getPrincipalPolicySimulation:getPrincipalPolicySimulation":0,"aws:iam/getRole:getRole":0,"aws:iam/getRoles:getRoles":0,"aws:iam/getSamlProvider:getSamlProvider":0,"aws:iam/getServerCertificate:getServerCertificate":0,"aws:iam/getSessionContext:getSessionContext":0,"aws:iam/getUser:getUser":0,"aws:iam/getUserSshKey:getUserSshKey":0,"aws:iam/getUsers:getUsers":0,"aws:identitystore/getGroup:getGroup":0,"aws:identitystore/getGroupMemberships:getGroupMemberships":1,"aws:identitystore/getGroups:getGroups":1,"aws:identitystore/getUser:getUser":0,"aws:identitystore/getUsers:getUsers":1,"aws:imagebuilder/getComponent:getComponent":0,"aws:imagebuilder/getComponents:getComponents":0,"aws:imagebuilder/getContainerRecipe:getContainerRecipe":0,"aws:imagebuilder/getContainerRecipes:getContainerRecipes":0,"aws:imagebuilder/getDistributionConfiguration:getDistributionConfiguration":0,"aws:imagebuilder/getDistributionConfigurations:getDistributionConfigurations":0,"aws:imagebuilder/getImage:getImage":0,"aws:imagebuilder/getImagePipeline:getImagePipeline":0,"aws:imagebuilder/getImagePipelines:getImagePipelines":0,"aws:imagebuilder/getImageRecipe:getImageRecipe":0,"aws:imagebuilder/getImageRecipes:getImageRecipes":0,"aws:imagebuilder/getInfrastructureConfiguration:getInfrastructureConfiguration":0,"aws:imagebuilder/getInfrastructureConfigurations:getInfrastructureConfigurations":0,"aws:index/getArn:getArn":1,"aws:index/getAvailabilityZone:getAvailabilityZone":0,"aws:index/getAvailabilityZones:getAvailabilityZones":0,"aws:index/getBillingServiceAccount:getBillingServiceAccount":1,"aws:index/getCallerIdentity:getCallerIdentity":1,"aws:index/getDefaultTags:getDefaultTags":1,"aws:index/getIpRanges:getIpRanges":1,"aws:index/getPartition:getPartition":1,"aws:index/getRegion:getRegion":1,"aws:index/getRegions:getRegions":1,"aws:index/getService:getService":1,"aws:index/getServicePrincipal:getServicePrincipal":1,"aws:inspector/getRulesPackages:getRulesPackages":0,"aws:iot/getEndpoint:getEndpoint":0,"aws:iot/getRegistrationCode:getRegistrationCode":0,"aws:ivs/getStreamKey:getStreamKey":0,"aws:kendra/getExperience:getExperience":0,"aws:kendra/getFaq:getFaq":0,"aws:kendra/getIndex:getIndex":0,"aws:kendra/getQuerySuggestionsBlockList:getQuerySuggestionsBlockList":0,"aws:kendra/getThesaurus:getThesaurus":0,"aws:kinesis/getFirehoseDeliveryStream:getFirehoseDeliveryStream":0,"aws:kinesis/getStream:getStream":0,"aws:kinesis/getStreamConsumer:getStreamConsumer":0,"aws:kms/getAlias:getAlias":0,"aws:kms/getCipherText:getCipherText":0,"aws:kms/getCustomKeyStore:getCustomKeyStore":0,"aws:kms/getKey:getKey":0,"aws:kms/getPublicKey:getPublicKey":0,"aws:kms/getSecret:getSecret":0,"aws:kms/getSecrets:getSecrets":0,"aws:lakeformation/getDataLakeSettings:getDataLakeSettings":0,"aws:lakeformation/getPermissions:getPermissions":0,"aws:lakeformation/getResource:getResource":0,"aws:lambda/getAlias:getAlias":0,"aws:lambda/getCodeSigningConfig:getCodeSigningConfig":0,"aws:lambda/getFunction:getFunction":0,"aws:lambda/getFunctionUrl:getFunctionUrl":0,"aws:lambda/getFunctions:getFunctions":0,"aws:lambda/getInvocation:getInvocation":0,"aws:lambda/getLayerVersion:getLayerVersion":0,"aws:lb/getHostedZoneId:getHostedZoneId":0,"aws:lb/getLbs:getLbs":0,"aws:lb/getListener:getListener":0,"aws:lb/getListenerRule:getListenerRule":1,"aws:lb/getLoadBalancer:getLoadBalancer":0,"aws:lb/getTargetGroup:getTargetGroup":0,"aws:lb/getTrustStore:getTrustStore":0,"aws:lex/getBot:getBot":0,"aws:lex/getBotAlias:getBotAlias":0,"aws:lex/getIntent:getIntent":0,"aws:lex/getSlotType:getSlotType":0,"aws:licensemanager/getLicenseGrants:getLicenseGrants":0,"aws:licensemanager/getReceivedLicense:getReceivedLicense":0,"aws:licensemanager/getReceivedLicenses:getReceivedLicenses":0,"aws:location/getGeofenceCollection:getGeofenceCollection":0,"aws:location/getMap:getMap":0,"aws:location/getPlaceIndex:getPlaceIndex":0,"aws:location/getRouteCalculator:getRouteCalculator":0,"aws:location/getTracker:getTracker":0,"aws:location/getTrackerAssociation:getTrackerAssociation":0,"aws:location/getTrackerAssociations:getTrackerAssociations":0,"aws:mediaconvert/getQueue:getQueue":0,"aws:medialive/getInput:getInput":1,"aws:memorydb/getAcl:getAcl":0,"aws:memorydb/getCluster:getCluster":0,"aws:memorydb/getParameterGroup:getParameterGroup":0,"aws:memorydb/getSnapshot:getSnapshot":0,"aws:memorydb/getSubnetGroup:getSubnetGroup":0,"aws:memorydb/getUser:getUser":0,"aws:mq/getBroker:getBroker":0,"aws:mq/getBrokerEngineTypes:getBrokerEngineTypes":0,"aws:mq/getInstanceTypeOfferings:getInstanceTypeOfferings":0,"aws:msk/getBootstrapBrokers:getBootstrapBrokers":0,"aws:msk/getBrokerNodes:getBrokerNodes":0,"aws:msk/getCluster:getCluster":0,"aws:msk/getConfiguration:getConfiguration":0,"aws:msk/getKafkaVersion:getKafkaVersion":0,"aws:msk/getVpcConnection:getVpcConnection":0,"aws:mskconnect/getConnector:getConnector":0,"aws:mskconnect/getCustomPlugin:getCustomPlugin":0,"aws:mskconnect/getWorkerConfiguration:getWorkerConfiguration":0,"aws:neptune/getEngineVersion:getEngineVersion":0,"aws:neptune/getOrderableDbInstance:getOrderableDbInstance":0,"aws:networkfirewall/getFirewall:getFirewall":0,"aws:networkfirewall/getFirewallPolicy:getFirewallPolicy":0,"aws:networkfirewall/getResourcePolicy:getResourcePolicy":0,"aws:networkmanager/getConnection:getConnection":0,"aws:networkmanager/getConnections:getConnections":0,"aws:networkmanager/getCoreNetworkPolicyDocument:getCoreNetworkPolicyDocument":0,"aws:networkmanager/getDevice:getDevice":0,"aws:networkmanager/getDevices:getDevices":0,"aws:networkmanager/getGlobalNetwork:getGlobalNetwork":0,"aws:networkmanager/getGlobalNetworks:getGlobalNetworks":0,"aws:networkmanager/getLink:getLink":0,"aws:networkmanager/getLinks:getLinks":0,"aws:networkmanager/getSite:getSite":0,"aws:networkmanager/getSites:getSites":0,"aws:oam/getLink:getLink":0,"aws:oam/getLinks:getLinks":0,"aws:oam/getSink:getSink":0,"aws:oam/getSinks:getSinks":0,"aws:odb/getCloudAutonomousVmCluster:getCloudAutonomousVmCluster":1,"aws:odb/getCloudAutonomousVmClusters:getCloudAutonomousVmClusters":1,"aws:odb/getCloudExadataInfrastructure:getCloudExadataInfrastructure":1,"aws:odb/getCloudExadataInfrastructures:getCloudExadataInfrastructures":1,"aws:odb/getCloudVmCluster:getCloudVmCluster":1,"aws:odb/getCloudVmClusters:getCloudVmClusters":1,"aws:odb/getDbNode:getDbNode":1,"aws:odb/getDbNodes:getDbNodes":1,"aws:odb/getDbServer:getDbServer":1,"aws:odb/getDbServers:getDbServers":1,"aws:odb/getDbSystemShapes:getDbSystemShapes":1,"aws:odb/getGiVersions:getGiVersions":1,"aws:odb/getNetwork:getNetwork":1,"aws:odb/getNetworkPeeringConnection:getNetworkPeeringConnection":1,"aws:odb/getNetworkPeeringConnections:getNetworkPeeringConnections":1,"aws:odb/getNetworks:getNetworks":1,"aws:opensearch/getDomain:getDomain":0,"aws:opensearch/getServerlessAccessPolicy:getServerlessAccessPolicy":1,"aws:opensearch/getServerlessCollection:getServerlessCollection":1,"aws:opensearch/getServerlessLifecyclePolicy:getServerlessLifecyclePolicy":1,"aws:opensearch/getServerlessSecurityConfig:getServerlessSecurityConfig":1,"aws:opensearch/getServerlessSecurityPolicy:getServerlessSecurityPolicy":0,"aws:opensearch/getServerlessVpcEndpoint:getServerlessVpcEndpoint":0,"aws:organizations/getDelegatedAdministrators:getDelegatedAdministrators":0,"aws:organizations/getDelegatedServices:getDelegatedServices":0,"aws:organizations/getOrganization:getOrganization":0,"aws:organizations/getOrganizationalUnit:getOrganizationalUnit":0,"aws:organizations/getOrganizationalUnitChildAccounts:getOrganizationalUnitChildAccounts":0,"aws:organizations/getOrganizationalUnitDescendantAccounts:getOrganizationalUnitDescendantAccounts":0,"aws:organizations/getOrganizationalUnitDescendantOrganizationalUnits:getOrganizationalUnitDescendantOrganizationalUnits":0,"aws:organizations/getOrganizationalUnits:getOrganizationalUnits":0,"aws:organizations/getPolicies:getPolicies":0,"aws:organizations/getPoliciesForTarget:getPoliciesForTarget":0,"aws:organizations/getPolicy:getPolicy":0,"aws:organizations/getResourceTags:getResourceTags":0,"aws:outposts/getAsset:getAsset":0,"aws:outposts/getAssets:getAssets":0,"aws:outposts/getOutpost:getOutpost":0,"aws:outposts/getOutpostInstanceType:getOutpostInstanceType":0,"aws:outposts/getOutpostInstanceTypes:getOutpostInstanceTypes":0,"aws:outposts/getOutposts:getOutposts":0,"aws:outposts/getSite:getSite":0,"aws:outposts/getSites:getSites":0,"aws:polly/getVoices:getVoices":1,"aws:pricing/getProduct:getProduct":0,"aws:qldb/getLedger:getLedger":0,"aws:quicksight/getDataSet:getDataSet":0,"aws:quicksight/getQuicksightAnalysis:getQuicksightAnalysis":0,"aws:quicksight/getQuicksightGroup:getQuicksightGroup":0,"aws:quicksight/getQuicksightUser:getQuicksightUser":0,"aws:quicksight/getTheme:getTheme":0,"aws:ram/getResourceShare:getResourceShare":0,"aws:rds/getCertificate:getCertificate":0,"aws:rds/getCluster:getCluster":0,"aws:rds/getClusterParameterGroup:getClusterParameterGroup":1,"aws:rds/getClusterSnapshot:getClusterSnapshot":0,"aws:rds/getClusters:getClusters":0,"aws:rds/getEngineVersion:getEngineVersion":0,"aws:rds/getEventCategories:getEventCategories":0,"aws:rds/getGlobalCluster:getGlobalCluster":1,"aws:rds/getInstance:getInstance":0,"aws:rds/getInstances:getInstances":0,"aws:rds/getOrderableDbInstance:getOrderableDbInstance":0,"aws:rds/getParameterGroup:getParameterGroup":0,"aws:rds/getProxy:getProxy":0,"aws:rds/getReservedInstanceOffering:getReservedInstanceOffering":0,"aws:rds/getSnapshot:getSnapshot":0,"aws:rds/getSubnetGroup:getSubnetGroup":0,"aws:redshift/getCluster:getCluster":0,"aws:redshift/getClusterCredentials:getClusterCredentials":0,"aws:redshift/getDataShares:getDataShares":1,"aws:redshift/getOrderableCluster:getOrderableCluster":0,"aws:redshift/getProducerDataShares:getProducerDataShares":1,"aws:redshift/getSubnetGroup:getSubnetGroup":0,"aws:redshiftserverless/getCredentials:getCredentials":0,"aws:redshiftserverless/getNamespace:getNamespace":0,"aws:redshiftserverless/getWorkgroup:getWorkgroup":0,"aws:resourceexplorer/search:Search":1,"aws:resourcegroupstaggingapi/getResources:getResources":0,"aws:route53/getDelegationSet:getDelegationSet":0,"aws:route53/getProfilesProfiles:getProfilesProfiles":1,"aws:route53/getQueryLogConfig:getQueryLogConfig":0,"aws:route53/getRecords:getRecords":1,"aws:route53/getResolverEndpoint:getResolverEndpoint":0,"aws:route53/getResolverFirewallConfig:getResolverFirewallConfig":0,"aws:route53/getResolverFirewallDomainList:getResolverFirewallDomainList":0,"aws:route53/getResolverFirewallRuleGroup:getResolverFirewallRuleGroup":0,"aws:route53/getResolverFirewallRuleGroupAssociation:getResolverFirewallRuleGroupAssociation":0,"aws:route53/getResolverFirewallRules:getResolverFirewallRules":0,"aws:route53/getResolverRule:getResolverRule":0,"aws:route53/getResolverRules:getResolverRules":0,"aws:route53/getTrafficPolicyDocument:getTrafficPolicyDocument":0,"aws:route53/getZone:getZone":0,"aws:route53/getZones:getZones":1,"aws:s3/getAccessPoint:getAccessPoint":1,"aws:s3/getAccountPublicAccessBlock:getAccountPublicAccessBlock":0,"aws:s3/getBucket:getBucket":0,"aws:s3/getBucketObject:getBucketObject":0,"aws:s3/getBucketObjects:getBucketObjects":0,"aws:s3/getBucketPolicy:getBucketPolicy":0,"aws:s3/getCanonicalUserId:getCanonicalUserId":0,"aws:s3/getDirectoryBuckets:getDirectoryBuckets":1,"aws:s3/getObject:getObject":0,"aws:s3/getObjects:getObjects":0,"aws:s3control/getMultiRegionAccessPoint:getMultiRegionAccessPoint":0,"aws:sagemaker/getPrebuiltEcrImage:getPrebuiltEcrImage":0,"aws:secretsmanager/getRandomPassword:getRandomPassword":0,"aws:secretsmanager/getSecret:getSecret":0,"aws:secretsmanager/getSecretRotation:getSecretRotation":0,"aws:secretsmanager/getSecretVersion:getSecretVersion":0,"aws:secretsmanager/getSecretVersions:getSecretVersions":1,"aws:secretsmanager/getSecrets:getSecrets":0,"aws:securityhub/getStandardsControlAssociations:getStandardsControlAssociations":1,"aws:serverlessrepository/getApplication:getApplication":0,"aws:servicecatalog/getAppregistryApplication:getAppregistryApplication":1,"aws:servicecatalog/getAppregistryAttributeGroup:getAppregistryAttributeGroup":1,"aws:servicecatalog/getAppregistryAttributeGroupAssociations:getAppregistryAttributeGroupAssociations":1,"aws:servicecatalog/getConstraint:getConstraint":0,"aws:servicecatalog/getLaunchPaths:getLaunchPaths":0,"aws:servicecatalog/getPortfolio:getPortfolio":0,"aws:servicecatalog/getPortfolioConstraints:getPortfolioConstraints":0,"aws:servicecatalog/getProduct:getProduct":0,"aws:servicecatalog/getProvisioningArtifacts:getProvisioningArtifacts":0,"aws:servicediscovery/getDnsNamespace:getDnsNamespace":0,"aws:servicediscovery/getHttpNamespace:getHttpNamespace":0,"aws:servicediscovery/getService:getService":0,"aws:servicequotas/getService:getService":0,"aws:servicequotas/getServiceQuota:getServiceQuota":0,"aws:servicequotas/getTemplates:getTemplates":1,"aws:ses/getActiveReceiptRuleSet:getActiveReceiptRuleSet":0,"aws:ses/getDomainIdentity:getDomainIdentity":0,"aws:ses/getEmailIdentity:getEmailIdentity":0,"aws:sesv2/getConfigurationSet:getConfigurationSet":0,"aws:sesv2/getDedicatedIpPool:getDedicatedIpPool":0,"aws:sesv2/getEmailIdentity:getEmailIdentity":0,"aws:sesv2/getEmailIdentityMailFromAttributes:getEmailIdentityMailFromAttributes":0,"aws:sfn/getActivity:getActivity":0,"aws:sfn/getAlias:getAlias":0,"aws:sfn/getStateMachine:getStateMachine":0,"aws:sfn/getStateMachineVersions:getStateMachineVersions":0,"aws:shield/getProtection:getProtection":1,"aws:signer/getSigningJob:getSigningJob":0,"aws:signer/getSigningProfile:getSigningProfile":0,"aws:sns/getTopic:getTopic":0,"aws:sqs/getQueue:getQueue":0,"aws:sqs/getQueues:getQueues":0,"aws:ssm/getContactsRotation:getContactsRotation":1,"aws:ssm/getDocument:getDocument":0,"aws:ssm/getInstances:getInstances":0,"aws:ssm/getMaintenanceWindows:getMaintenanceWindows":0,"aws:ssm/getParameter:getParameter":0,"aws:ssm/getParametersByPath:getParametersByPath":0,"aws:ssm/getPatchBaseline:getPatchBaseline":0,"aws:ssm/getPatchBaselines:getPatchBaselines":1,"aws:ssmcontacts/getContact:getContact":0,"aws:ssmcontacts/getContactChannel:getContactChannel":0,"aws:ssmcontacts/getPlan:getPlan":0,"aws:ssmincidents/getReplicationSet:getReplicationSet":0,"aws:ssmincidents/getResponsePlan:getResponsePlan":0,"aws:ssoadmin/getApplication:getApplication":1,"aws:ssoadmin/getApplicationAssignments:getApplicationAssignments":1,"aws:ssoadmin/getApplicationProviders:getApplicationProviders":1,"aws:ssoadmin/getInstances:getInstances":0,"aws:ssoadmin/getPermissionSet:getPermissionSet":0,"aws:ssoadmin/getPermissionSets:getPermissionSets":1,"aws:ssoadmin/getPrincipalApplicationAssignments:getPrincipalApplicationAssignments":1,"aws:storagegateway/getLocalDisk:getLocalDisk":0,"aws:synthetics/getRuntimeVersion:getRuntimeVersion":1,"aws:synthetics/getRuntimeVersions:getRuntimeVersions":1,"aws:timestreamwrite/getDatabase:getDatabase":1,"aws:timestreamwrite/getTable:getTable":1,"aws:transfer/getConnector:getConnector":1,"aws:transfer/getServer:getServer":0,"aws:verifiedpermissions/getPolicyStore:getPolicyStore":1,"aws:vpc/getEndpointAssociations:getEndpointAssociations":1,"aws:vpc/getSecurityGroupRule:getSecurityGroupRule":1,"aws:vpc/getSecurityGroupRules:getSecurityGroupRules":1,"aws:vpclattice/getAuthPolicy:getAuthPolicy":0,"aws:vpclattice/getListener:getListener":0,"aws:vpclattice/getResourcePolicy:getResourcePolicy":0,"aws:vpclattice/getService:getService":0,"aws:vpclattice/getServiceNetwork:getServiceNetwork":0,"aws:vpn/getConnection:getConnection":1,"aws:waf/getIpset:getIpset":0,"aws:waf/getRateBasedRule:getRateBasedRule":0,"aws:waf/getRule:getRule":0,"aws:waf/getSubscribedRuleGroup:getSubscribedRuleGroup":0,"aws:waf/getWebAcl:getWebAcl":0,"aws:wafregional/getIpset:getIpset":0,"aws:wafregional/getRateBasedMod:getRateBasedMod":0,"aws:wafregional/getRule:getRule":0,"aws:wafregional/getSubscribedRuleGroup:getSubscribedRuleGroup":0,"aws:wafregional/getWebAcl:getWebAcl":0,"aws:wafv2/getIpSet:getIpSet":0,"aws:wafv2/getRegexPatternSet:getRegexPatternSet":0,"aws:wafv2/getRuleGroup:getRuleGroup":0,"aws:wafv2/getWebAcl:getWebAcl":0,"aws:workspaces/getBundle:getBundle":0,"aws:workspaces/getDirectory:getDirectory":0,"aws:workspaces/getImage:getImage":0,"aws:workspaces/getWorkspace:getWorkspace":0}}} \ No newline at end of file +{"auto-settings":{"resources":{"aws_auditmanager_control":{"maxItemsOneOverrides":{"control_mapping_sources.$.source_keyword":true}},"aws_chime_voice_connector_origination":{"renames":["aws:chime/voiceConnectorOrganization:VoiceConnectorOrganization"]},"aws_directory_service_conditional_forwarder":{"renames":["aws:directoryservice/conditionalForwader:ConditionalForwader"]},"aws_directory_service_log_subscription":{"renames":["aws:directoryservice/logService:LogService"]},"aws_lexv2models_slot":{"maxItemsOneOverrides":{"sub_slot_setting":false}},"aws_s3_bucket":{"renames":["aws:s3/bucketV2:BucketV2"]},"aws_s3_bucket_accelerate_configuration":{"aliases":["aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2"]},"aws_s3_bucket_acl":{"aliases":["aws:s3/bucketAclV2:BucketAclV2"]},"aws_s3_bucket_cors_configuration":{"aliases":["aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2"]},"aws_s3_bucket_lifecycle_configuration":{"aliases":["aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2"]},"aws_s3_bucket_logging":{"aliases":["aws:s3/bucketLoggingV2:BucketLoggingV2"]},"aws_s3_bucket_object_lock_configuration":{"aliases":["aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2"]},"aws_s3_bucket_request_payment_configuration":{"aliases":["aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2"]},"aws_s3_bucket_server_side_encryption_configuration":{"aliases":["aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2"]},"aws_s3_bucket_versioning":{"aliases":["aws:s3/bucketVersioningV2:BucketVersioningV2"]},"aws_s3_bucket_website_configuration":{"aliases":["aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2"]},"aws_ssmquicksetup_configuration_manager":{"maxItemsOneOverrides":{"configuration_definition":true}},"aws_workspacesweb_browser_settings":{"renames":["aws:workspaces/webBrowserSettings:WebBrowserSettings"]},"aws_workspacesweb_network_settings":{"renames":["aws:workspaces/webNetworkSettings:WebNetworkSettings"]},"aws_workspacesweb_user_settings":{"renames":["aws:workspaces/webUserSettings:WebUserSettings"]}},"datasources":{"aws_auditmanager_control":{"maxItemsOneOverrides":{"control_mapping_sources.$.source_keyword":true}},"aws_opensearch_domain":{"maxItemsOneOverrides":{"off_peak_window_options":true}},"aws_vpn_connection":{"renames":["aws:vpn/getConnection:getConnection"]}}},"mux":{"resources":{"aws:accessanalyzer/analyzer:Analyzer":0,"aws:accessanalyzer/archiveRule:ArchiveRule":0,"aws:account/alternativeContact:AlternativeContact":0,"aws:account/primaryContact:PrimaryContact":0,"aws:account/region:Region":0,"aws:acm/certificate:Certificate":0,"aws:acm/certificateValidation:CertificateValidation":0,"aws:acmpca/certificate:Certificate":0,"aws:acmpca/certificateAuthority:CertificateAuthority":0,"aws:acmpca/certificateAuthorityCertificate:CertificateAuthorityCertificate":0,"aws:acmpca/permission:Permission":0,"aws:acmpca/policy:Policy":0,"aws:alb/listener:Listener":0,"aws:alb/listenerCertificate:ListenerCertificate":0,"aws:alb/listenerRule:ListenerRule":0,"aws:alb/loadBalancer:LoadBalancer":0,"aws:alb/targetGroup:TargetGroup":0,"aws:alb/targetGroupAttachment:TargetGroupAttachment":0,"aws:amp/alertManagerDefinition:AlertManagerDefinition":0,"aws:amp/queryLoggingConfiguration:QueryLoggingConfiguration":1,"aws:amp/resourcePolicy:ResourcePolicy":1,"aws:amp/ruleGroupNamespace:RuleGroupNamespace":0,"aws:amp/scraper:Scraper":1,"aws:amp/workspace:Workspace":0,"aws:amp/workspaceConfiguration:WorkspaceConfiguration":1,"aws:amplify/app:App":0,"aws:amplify/backendEnvironment:BackendEnvironment":0,"aws:amplify/branch:Branch":0,"aws:amplify/domainAssociation:DomainAssociation":0,"aws:amplify/webhook:Webhook":0,"aws:apigateway/account:Account":1,"aws:apigateway/apiKey:ApiKey":0,"aws:apigateway/authorizer:Authorizer":0,"aws:apigateway/basePathMapping:BasePathMapping":0,"aws:apigateway/clientCertificate:ClientCertificate":0,"aws:apigateway/deployment:Deployment":0,"aws:apigateway/documentationPart:DocumentationPart":0,"aws:apigateway/documentationVersion:DocumentationVersion":0,"aws:apigateway/domainName:DomainName":0,"aws:apigateway/domainNameAccessAssociation:DomainNameAccessAssociation":1,"aws:apigateway/integration:Integration":0,"aws:apigateway/integrationResponse:IntegrationResponse":0,"aws:apigateway/method:Method":0,"aws:apigateway/methodResponse:MethodResponse":0,"aws:apigateway/methodSettings:MethodSettings":0,"aws:apigateway/model:Model":0,"aws:apigateway/requestValidator:RequestValidator":0,"aws:apigateway/resource:Resource":0,"aws:apigateway/response:Response":0,"aws:apigateway/restApi:RestApi":0,"aws:apigateway/restApiPolicy:RestApiPolicy":0,"aws:apigateway/restApiPut:RestApiPut":1,"aws:apigateway/stage:Stage":0,"aws:apigateway/usagePlan:UsagePlan":0,"aws:apigateway/usagePlanKey:UsagePlanKey":0,"aws:apigateway/vpcLink:VpcLink":0,"aws:apigatewayv2/api:Api":0,"aws:apigatewayv2/apiMapping:ApiMapping":0,"aws:apigatewayv2/authorizer:Authorizer":0,"aws:apigatewayv2/deployment:Deployment":0,"aws:apigatewayv2/domainName:DomainName":0,"aws:apigatewayv2/integration:Integration":0,"aws:apigatewayv2/integrationResponse:IntegrationResponse":0,"aws:apigatewayv2/model:Model":0,"aws:apigatewayv2/route:Route":0,"aws:apigatewayv2/routeResponse:RouteResponse":0,"aws:apigatewayv2/stage:Stage":0,"aws:apigatewayv2/vpcLink:VpcLink":0,"aws:appautoscaling/policy:Policy":0,"aws:appautoscaling/scheduledAction:ScheduledAction":0,"aws:appautoscaling/target:Target":0,"aws:appconfig/application:Application":0,"aws:appconfig/configurationProfile:ConfigurationProfile":0,"aws:appconfig/deployment:Deployment":0,"aws:appconfig/deploymentStrategy:DeploymentStrategy":0,"aws:appconfig/environment:Environment":1,"aws:appconfig/eventIntegration:EventIntegration":0,"aws:appconfig/extension:Extension":0,"aws:appconfig/extensionAssociation:ExtensionAssociation":0,"aws:appconfig/hostedConfigurationVersion:HostedConfigurationVersion":0,"aws:appfabric/appAuthorization:AppAuthorization":1,"aws:appfabric/appAuthorizationConnection:AppAuthorizationConnection":1,"aws:appfabric/appBundle:AppBundle":1,"aws:appfabric/ingestion:Ingestion":1,"aws:appfabric/ingestionDestination:IngestionDestination":1,"aws:appflow/connectorProfile:ConnectorProfile":0,"aws:appflow/flow:Flow":0,"aws:appintegrations/dataIntegration:DataIntegration":0,"aws:applicationinsights/application:Application":0,"aws:appmesh/gatewayRoute:GatewayRoute":0,"aws:appmesh/mesh:Mesh":0,"aws:appmesh/route:Route":0,"aws:appmesh/virtualGateway:VirtualGateway":0,"aws:appmesh/virtualNode:VirtualNode":0,"aws:appmesh/virtualRouter:VirtualRouter":0,"aws:appmesh/virtualService:VirtualService":0,"aws:apprunner/autoScalingConfigurationVersion:AutoScalingConfigurationVersion":0,"aws:apprunner/connection:Connection":0,"aws:apprunner/customDomainAssociation:CustomDomainAssociation":0,"aws:apprunner/defaultAutoScalingConfigurationVersion:DefaultAutoScalingConfigurationVersion":1,"aws:apprunner/deployment:Deployment":1,"aws:apprunner/observabilityConfiguration:ObservabilityConfiguration":0,"aws:apprunner/service:Service":0,"aws:apprunner/vpcConnector:VpcConnector":0,"aws:apprunner/vpcIngressConnection:VpcIngressConnection":0,"aws:appstream/directoryConfig:DirectoryConfig":0,"aws:appstream/fleet:Fleet":0,"aws:appstream/fleetStackAssociation:FleetStackAssociation":0,"aws:appstream/imageBuilder:ImageBuilder":0,"aws:appstream/stack:Stack":0,"aws:appstream/user:User":0,"aws:appstream/userStackAssociation:UserStackAssociation":0,"aws:appsync/api:Api":1,"aws:appsync/apiCache:ApiCache":0,"aws:appsync/apiKey:ApiKey":0,"aws:appsync/channelNamespace:ChannelNamespace":1,"aws:appsync/dataSource:DataSource":0,"aws:appsync/domainName:DomainName":0,"aws:appsync/domainNameApiAssociation:DomainNameApiAssociation":0,"aws:appsync/function:Function":0,"aws:appsync/graphQLApi:GraphQLApi":0,"aws:appsync/resolver:Resolver":0,"aws:appsync/sourceApiAssociation:SourceApiAssociation":1,"aws:appsync/type:Type":0,"aws:athena/capacityReservation:CapacityReservation":1,"aws:athena/dataCatalog:DataCatalog":0,"aws:athena/database:Database":0,"aws:athena/namedQuery:NamedQuery":0,"aws:athena/preparedStatement:PreparedStatement":0,"aws:athena/workgroup:Workgroup":0,"aws:auditmanager/accountRegistration:AccountRegistration":1,"aws:auditmanager/assessment:Assessment":1,"aws:auditmanager/assessmentDelegation:AssessmentDelegation":1,"aws:auditmanager/assessmentReport:AssessmentReport":1,"aws:auditmanager/control:Control":1,"aws:auditmanager/framework:Framework":1,"aws:auditmanager/frameworkShare:FrameworkShare":1,"aws:auditmanager/organizationAdminAccountRegistration:OrganizationAdminAccountRegistration":1,"aws:autoscaling/attachment:Attachment":0,"aws:autoscaling/group:Group":0,"aws:autoscaling/lifecycleHook:LifecycleHook":0,"aws:autoscaling/notification:Notification":0,"aws:autoscaling/policy:Policy":0,"aws:autoscaling/schedule:Schedule":0,"aws:autoscaling/tag:Tag":0,"aws:autoscaling/trafficSourceAttachment:TrafficSourceAttachment":0,"aws:autoscalingplans/scalingPlan:ScalingPlan":0,"aws:backup/framework:Framework":0,"aws:backup/globalSettings:GlobalSettings":0,"aws:backup/logicallyAirGappedVault:LogicallyAirGappedVault":1,"aws:backup/plan:Plan":0,"aws:backup/regionSettings:RegionSettings":0,"aws:backup/reportPlan:ReportPlan":0,"aws:backup/restoreTestingPlan:RestoreTestingPlan":1,"aws:backup/restoreTestingSelection:RestoreTestingSelection":1,"aws:backup/selection:Selection":0,"aws:backup/vault:Vault":0,"aws:backup/vaultLockConfiguration:VaultLockConfiguration":0,"aws:backup/vaultNotifications:VaultNotifications":0,"aws:backup/vaultPolicy:VaultPolicy":0,"aws:batch/computeEnvironment:ComputeEnvironment":0,"aws:batch/jobDefinition:JobDefinition":0,"aws:batch/jobQueue:JobQueue":1,"aws:batch/schedulingPolicy:SchedulingPolicy":0,"aws:bcmdata/export:Export":1,"aws:bedrock/agentAgent:AgentAgent":1,"aws:bedrock/agentAgentActionGroup:AgentAgentActionGroup":1,"aws:bedrock/agentAgentAlias:AgentAgentAlias":1,"aws:bedrock/agentAgentCollaborator:AgentAgentCollaborator":1,"aws:bedrock/agentAgentKnowledgeBaseAssociation:AgentAgentKnowledgeBaseAssociation":1,"aws:bedrock/agentDataSource:AgentDataSource":1,"aws:bedrock/agentFlow:AgentFlow":1,"aws:bedrock/agentKnowledgeBase:AgentKnowledgeBase":1,"aws:bedrock/agentPrompt:AgentPrompt":1,"aws:bedrock/agentcoreAgentRuntime:AgentcoreAgentRuntime":1,"aws:bedrock/agentcoreAgentRuntimeEndpoint:AgentcoreAgentRuntimeEndpoint":1,"aws:bedrock/agentcoreApiKeyCredentialProvider:AgentcoreApiKeyCredentialProvider":1,"aws:bedrock/agentcoreBrowser:AgentcoreBrowser":1,"aws:bedrock/agentcoreCodeInterpreter:AgentcoreCodeInterpreter":1,"aws:bedrock/agentcoreGateway:AgentcoreGateway":1,"aws:bedrock/agentcoreGatewayTarget:AgentcoreGatewayTarget":1,"aws:bedrock/agentcoreMemory:AgentcoreMemory":1,"aws:bedrock/agentcoreMemoryStrategy:AgentcoreMemoryStrategy":1,"aws:bedrock/agentcoreOauth2CredentialProvider:AgentcoreOauth2CredentialProvider":1,"aws:bedrock/agentcoreTokenVaultCmk:AgentcoreTokenVaultCmk":1,"aws:bedrock/agentcoreWorkloadIdentity:AgentcoreWorkloadIdentity":1,"aws:bedrock/customModel:CustomModel":1,"aws:bedrock/guardrail:Guardrail":1,"aws:bedrock/guardrailVersion:GuardrailVersion":1,"aws:bedrock/inferenceProfile:InferenceProfile":1,"aws:bedrock/provisionedModelThroughput:ProvisionedModelThroughput":1,"aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration":1,"aws:billing/view:View":1,"aws:budgets/budget:Budget":0,"aws:budgets/budgetAction:BudgetAction":0,"aws:cfg/aggregateAuthorization:AggregateAuthorization":0,"aws:cfg/configurationAggregator:ConfigurationAggregator":0,"aws:cfg/conformancePack:ConformancePack":0,"aws:cfg/deliveryChannel:DeliveryChannel":0,"aws:cfg/organizationConformancePack:OrganizationConformancePack":0,"aws:cfg/organizationCustomPolicyRule:OrganizationCustomPolicyRule":0,"aws:cfg/organizationCustomRule:OrganizationCustomRule":0,"aws:cfg/organizationManagedRule:OrganizationManagedRule":0,"aws:cfg/recorder:Recorder":0,"aws:cfg/recorderStatus:RecorderStatus":0,"aws:cfg/remediationConfiguration:RemediationConfiguration":0,"aws:cfg/retentionConfiguration:RetentionConfiguration":1,"aws:cfg/rule:Rule":0,"aws:chatbot/slackChannelConfiguration:SlackChannelConfiguration":1,"aws:chatbot/teamsChannelConfiguration:TeamsChannelConfiguration":1,"aws:chime/sdkvoiceGlobalSettings:SdkvoiceGlobalSettings":0,"aws:chime/sdkvoiceSipMediaApplication:SdkvoiceSipMediaApplication":0,"aws:chime/sdkvoiceSipRule:SdkvoiceSipRule":0,"aws:chime/sdkvoiceVoiceProfileDomain:SdkvoiceVoiceProfileDomain":0,"aws:chime/voiceConnector:VoiceConnector":0,"aws:chime/voiceConnectorGroup:VoiceConnectorGroup":0,"aws:chime/voiceConnectorLogging:VoiceConnectorLogging":0,"aws:chime/voiceConnectorOrigination:VoiceConnectorOrigination":0,"aws:chime/voiceConnectorStreaming:VoiceConnectorStreaming":0,"aws:chime/voiceConnectorTermination:VoiceConnectorTermination":0,"aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials":0,"aws:chimesdkmediapipelines/mediaInsightsPipelineConfiguration:MediaInsightsPipelineConfiguration":0,"aws:cleanrooms/collaboration:Collaboration":0,"aws:cleanrooms/configuredTable:ConfiguredTable":0,"aws:cleanrooms/membership:Membership":1,"aws:cloud9/environmentEC2:EnvironmentEC2":0,"aws:cloud9/environmentMembership:EnvironmentMembership":0,"aws:cloudcontrol/resource:Resource":0,"aws:cloudformation/cloudFormationType:CloudFormationType":0,"aws:cloudformation/stack:Stack":0,"aws:cloudformation/stackInstances:StackInstances":0,"aws:cloudformation/stackSet:StackSet":0,"aws:cloudformation/stackSetInstance:StackSetInstance":0,"aws:cloudfront/cachePolicy:CachePolicy":0,"aws:cloudfront/continuousDeploymentPolicy:ContinuousDeploymentPolicy":1,"aws:cloudfront/distribution:Distribution":0,"aws:cloudfront/fieldLevelEncryptionConfig:FieldLevelEncryptionConfig":0,"aws:cloudfront/fieldLevelEncryptionProfile:FieldLevelEncryptionProfile":0,"aws:cloudfront/function:Function":0,"aws:cloudfront/keyGroup:KeyGroup":0,"aws:cloudfront/keyValueStore:KeyValueStore":1,"aws:cloudfront/keyvaluestoreKey:KeyvaluestoreKey":1,"aws:cloudfront/keyvaluestoreKeysExclusive:KeyvaluestoreKeysExclusive":1,"aws:cloudfront/monitoringSubscription:MonitoringSubscription":0,"aws:cloudfront/originAccessControl:OriginAccessControl":0,"aws:cloudfront/originAccessIdentity:OriginAccessIdentity":0,"aws:cloudfront/originRequestPolicy:OriginRequestPolicy":0,"aws:cloudfront/publicKey:PublicKey":0,"aws:cloudfront/realtimeLogConfig:RealtimeLogConfig":0,"aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy":0,"aws:cloudfront/vpcOrigin:VpcOrigin":1,"aws:cloudhsmv2/cluster:Cluster":0,"aws:cloudhsmv2/hsm:Hsm":0,"aws:cloudsearch/domain:Domain":0,"aws:cloudsearch/domainServiceAccessPolicy:DomainServiceAccessPolicy":0,"aws:cloudtrail/eventDataStore:EventDataStore":0,"aws:cloudtrail/organizationDelegatedAdminAccount:OrganizationDelegatedAdminAccount":1,"aws:cloudtrail/trail:Trail":0,"aws:cloudwatch/compositeAlarm:CompositeAlarm":0,"aws:cloudwatch/contributorInsightRule:ContributorInsightRule":1,"aws:cloudwatch/contributorManagedInsightRule:ContributorManagedInsightRule":1,"aws:cloudwatch/dashboard:Dashboard":0,"aws:cloudwatch/eventApiDestination:EventApiDestination":0,"aws:cloudwatch/eventArchive:EventArchive":0,"aws:cloudwatch/eventBus:EventBus":0,"aws:cloudwatch/eventBusPolicy:EventBusPolicy":0,"aws:cloudwatch/eventConnection:EventConnection":0,"aws:cloudwatch/eventEndpoint:EventEndpoint":0,"aws:cloudwatch/eventPermission:EventPermission":0,"aws:cloudwatch/eventRule:EventRule":0,"aws:cloudwatch/eventTarget:EventTarget":0,"aws:cloudwatch/internetMonitor:InternetMonitor":0,"aws:cloudwatch/logAccountPolicy:LogAccountPolicy":0,"aws:cloudwatch/logAnomalyDetector:LogAnomalyDetector":1,"aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy":0,"aws:cloudwatch/logDelivery:LogDelivery":1,"aws:cloudwatch/logDeliveryDestination:LogDeliveryDestination":1,"aws:cloudwatch/logDeliveryDestinationPolicy:LogDeliveryDestinationPolicy":1,"aws:cloudwatch/logDeliverySource:LogDeliverySource":1,"aws:cloudwatch/logDestination:LogDestination":0,"aws:cloudwatch/logDestinationPolicy:LogDestinationPolicy":0,"aws:cloudwatch/logGroup:LogGroup":0,"aws:cloudwatch/logIndexPolicy:LogIndexPolicy":1,"aws:cloudwatch/logMetricFilter:LogMetricFilter":0,"aws:cloudwatch/logResourcePolicy:LogResourcePolicy":0,"aws:cloudwatch/logStream:LogStream":0,"aws:cloudwatch/logSubscriptionFilter:LogSubscriptionFilter":0,"aws:cloudwatch/metricAlarm:MetricAlarm":0,"aws:cloudwatch/metricStream:MetricStream":0,"aws:cloudwatch/queryDefinition:QueryDefinition":0,"aws:codeartifact/domain:Domain":0,"aws:codeartifact/domainPermissions:DomainPermissions":0,"aws:codeartifact/repository:Repository":0,"aws:codeartifact/repositoryPermissionsPolicy:RepositoryPermissionsPolicy":0,"aws:codebuild/fleet:Fleet":0,"aws:codebuild/project:Project":0,"aws:codebuild/reportGroup:ReportGroup":0,"aws:codebuild/resourcePolicy:ResourcePolicy":0,"aws:codebuild/sourceCredential:SourceCredential":0,"aws:codebuild/webhook:Webhook":0,"aws:codecatalyst/devEnvironment:DevEnvironment":0,"aws:codecatalyst/project:Project":0,"aws:codecatalyst/sourceRepository:SourceRepository":0,"aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate":0,"aws:codecommit/approvalRuleTemplateAssociation:ApprovalRuleTemplateAssociation":0,"aws:codecommit/repository:Repository":0,"aws:codecommit/trigger:Trigger":0,"aws:codeconnections/connection:Connection":1,"aws:codeconnections/host:Host":1,"aws:codedeploy/application:Application":0,"aws:codedeploy/deploymentConfig:DeploymentConfig":0,"aws:codedeploy/deploymentGroup:DeploymentGroup":0,"aws:codeguruprofiler/profilingGroup:ProfilingGroup":1,"aws:codegurureviewer/repositoryAssociation:RepositoryAssociation":0,"aws:codepipeline/customActionType:CustomActionType":0,"aws:codepipeline/pipeline:Pipeline":0,"aws:codepipeline/webhook:Webhook":0,"aws:codestarconnections/connection:Connection":0,"aws:codestarconnections/host:Host":0,"aws:codestarnotifications/notificationRule:NotificationRule":0,"aws:cognito/identityPool:IdentityPool":0,"aws:cognito/identityPoolProviderPrincipalTag:IdentityPoolProviderPrincipalTag":0,"aws:cognito/identityPoolRoleAttachment:IdentityPoolRoleAttachment":0,"aws:cognito/identityProvider:IdentityProvider":0,"aws:cognito/logDeliveryConfiguration:LogDeliveryConfiguration":1,"aws:cognito/managedLoginBranding:ManagedLoginBranding":1,"aws:cognito/managedUserPoolClient:ManagedUserPoolClient":1,"aws:cognito/resourceServer:ResourceServer":0,"aws:cognito/riskConfiguration:RiskConfiguration":0,"aws:cognito/user:User":0,"aws:cognito/userGroup:UserGroup":0,"aws:cognito/userInGroup:UserInGroup":0,"aws:cognito/userPool:UserPool":0,"aws:cognito/userPoolClient:UserPoolClient":1,"aws:cognito/userPoolDomain:UserPoolDomain":0,"aws:cognito/userPoolUICustomization:UserPoolUICustomization":0,"aws:comprehend/documentClassifier:DocumentClassifier":0,"aws:comprehend/entityRecognizer:EntityRecognizer":0,"aws:computeoptimizer/enrollmentStatus:EnrollmentStatus":1,"aws:computeoptimizer/recommendationPreferences:RecommendationPreferences":1,"aws:connect/botAssociation:BotAssociation":0,"aws:connect/contactFlow:ContactFlow":0,"aws:connect/contactFlowModule:ContactFlowModule":0,"aws:connect/hoursOfOperation:HoursOfOperation":0,"aws:connect/instance:Instance":0,"aws:connect/instanceStorageConfig:InstanceStorageConfig":0,"aws:connect/lambdaFunctionAssociation:LambdaFunctionAssociation":0,"aws:connect/phoneNumber:PhoneNumber":0,"aws:connect/phoneNumberContactFlowAssociation:PhoneNumberContactFlowAssociation":1,"aws:connect/queue:Queue":0,"aws:connect/quickConnect:QuickConnect":0,"aws:connect/routingProfile:RoutingProfile":0,"aws:connect/securityProfile:SecurityProfile":0,"aws:connect/user:User":0,"aws:connect/userHierarchyGroup:UserHierarchyGroup":0,"aws:connect/userHierarchyStructure:UserHierarchyStructure":0,"aws:connect/vocabulary:Vocabulary":0,"aws:controltower/baseline:Baseline":1,"aws:controltower/controlTowerControl:ControlTowerControl":0,"aws:controltower/landingZone:LandingZone":0,"aws:costexplorer/anomalyMonitor:AnomalyMonitor":0,"aws:costexplorer/anomalySubscription:AnomalySubscription":0,"aws:costexplorer/costAllocationTag:CostAllocationTag":0,"aws:costexplorer/costCategory:CostCategory":0,"aws:costoptimizationhub/enrollmentStatus:EnrollmentStatus":1,"aws:costoptimizationhub/preferences:Preferences":1,"aws:cur/reportDefinition:ReportDefinition":0,"aws:customerprofiles/domain:Domain":0,"aws:customerprofiles/profile:Profile":0,"aws:dataexchange/dataSet:DataSet":0,"aws:dataexchange/eventAction:EventAction":1,"aws:dataexchange/revision:Revision":0,"aws:dataexchange/revisionAssets:RevisionAssets":1,"aws:datapipeline/pipeline:Pipeline":0,"aws:datapipeline/pipelineDefinition:PipelineDefinition":0,"aws:datasync/agent:Agent":0,"aws:datasync/efsLocation:EfsLocation":0,"aws:datasync/fsxOpenZfsFileSystem:FsxOpenZfsFileSystem":0,"aws:datasync/locationAzureBlob:LocationAzureBlob":0,"aws:datasync/locationFsxLustre:LocationFsxLustre":0,"aws:datasync/locationFsxOntapFileSystem:LocationFsxOntapFileSystem":0,"aws:datasync/locationFsxWindows:LocationFsxWindows":0,"aws:datasync/locationHdfs:LocationHdfs":0,"aws:datasync/locationObjectStorage:LocationObjectStorage":0,"aws:datasync/locationSmb:LocationSmb":0,"aws:datasync/nfsLocation:NfsLocation":0,"aws:datasync/s3Location:S3Location":0,"aws:datasync/task:Task":0,"aws:datazone/assetType:AssetType":1,"aws:datazone/domain:Domain":1,"aws:datazone/environment:Environment":1,"aws:datazone/environmentBlueprintConfiguration:EnvironmentBlueprintConfiguration":1,"aws:datazone/environmentProfile:EnvironmentProfile":1,"aws:datazone/formType:FormType":1,"aws:datazone/glossary:Glossary":1,"aws:datazone/glossaryTerm:GlossaryTerm":1,"aws:datazone/project:Project":1,"aws:datazone/userProfile:UserProfile":1,"aws:dax/cluster:Cluster":0,"aws:dax/parameterGroup:ParameterGroup":0,"aws:dax/subnetGroup:SubnetGroup":0,"aws:detective/graph:Graph":0,"aws:detective/invitationAccepter:InvitationAccepter":0,"aws:detective/member:Member":0,"aws:detective/organizationAdminAccount:OrganizationAdminAccount":0,"aws:detective/organizationConfiguration:OrganizationConfiguration":0,"aws:devicefarm/devicePool:DevicePool":0,"aws:devicefarm/instanceProfile:InstanceProfile":0,"aws:devicefarm/networkProfile:NetworkProfile":0,"aws:devicefarm/project:Project":0,"aws:devicefarm/testGridProject:TestGridProject":0,"aws:devicefarm/upload:Upload":0,"aws:devopsguru/eventSourcesConfig:EventSourcesConfig":1,"aws:devopsguru/notificationChannel:NotificationChannel":1,"aws:devopsguru/resourceCollection:ResourceCollection":1,"aws:devopsguru/serviceIntegration:ServiceIntegration":1,"aws:directconnect/bgpPeer:BgpPeer":0,"aws:directconnect/connection:Connection":0,"aws:directconnect/connectionAssociation:ConnectionAssociation":0,"aws:directconnect/connectionConfirmation:ConnectionConfirmation":0,"aws:directconnect/gateway:Gateway":0,"aws:directconnect/gatewayAssociation:GatewayAssociation":0,"aws:directconnect/gatewayAssociationProposal:GatewayAssociationProposal":0,"aws:directconnect/hostedConnection:HostedConnection":0,"aws:directconnect/hostedPrivateVirtualInterface:HostedPrivateVirtualInterface":0,"aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter":0,"aws:directconnect/hostedPublicVirtualInterface:HostedPublicVirtualInterface":0,"aws:directconnect/hostedPublicVirtualInterfaceAccepter:HostedPublicVirtualInterfaceAccepter":0,"aws:directconnect/hostedTransitVirtualInterface:HostedTransitVirtualInterface":0,"aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor":0,"aws:directconnect/linkAggregationGroup:LinkAggregationGroup":0,"aws:directconnect/macsecKeyAssociation:MacsecKeyAssociation":0,"aws:directconnect/privateVirtualInterface:PrivateVirtualInterface":0,"aws:directconnect/publicVirtualInterface:PublicVirtualInterface":0,"aws:directconnect/transitVirtualInterface:TransitVirtualInterface":0,"aws:directoryservice/conditionalForwarder:ConditionalForwarder":0,"aws:directoryservice/directory:Directory":0,"aws:directoryservice/logSubscription:LogSubscription":0,"aws:directoryservice/radiusSettings:RadiusSettings":0,"aws:directoryservice/serviceRegion:ServiceRegion":0,"aws:directoryservice/sharedDirectory:SharedDirectory":0,"aws:directoryservice/sharedDirectoryAccepter:SharedDirectoryAccepter":0,"aws:directoryservice/trust:Trust":1,"aws:dlm/lifecyclePolicy:LifecyclePolicy":0,"aws:dms/certificate:Certificate":0,"aws:dms/endpoint:Endpoint":0,"aws:dms/eventSubscription:EventSubscription":0,"aws:dms/replicationConfig:ReplicationConfig":0,"aws:dms/replicationInstance:ReplicationInstance":0,"aws:dms/replicationSubnetGroup:ReplicationSubnetGroup":0,"aws:dms/replicationTask:ReplicationTask":0,"aws:dms/s3Endpoint:S3Endpoint":0,"aws:docdb/cluster:Cluster":0,"aws:docdb/clusterInstance:ClusterInstance":0,"aws:docdb/clusterParameterGroup:ClusterParameterGroup":0,"aws:docdb/clusterSnapshot:ClusterSnapshot":0,"aws:docdb/elasticCluster:ElasticCluster":1,"aws:docdb/eventSubscription:EventSubscription":0,"aws:docdb/globalCluster:GlobalCluster":0,"aws:docdb/subnetGroup:SubnetGroup":0,"aws:drs/replicationConfigurationTemplate:ReplicationConfigurationTemplate":1,"aws:dsql/cluster:Cluster":1,"aws:dsql/clusterPeering:ClusterPeering":1,"aws:dynamodb/contributorInsights:ContributorInsights":0,"aws:dynamodb/globalTable:GlobalTable":0,"aws:dynamodb/kinesisStreamingDestination:KinesisStreamingDestination":0,"aws:dynamodb/resourcePolicy:ResourcePolicy":1,"aws:dynamodb/table:Table":0,"aws:dynamodb/tableExport:TableExport":0,"aws:dynamodb/tableItem:TableItem":0,"aws:dynamodb/tableReplica:TableReplica":0,"aws:dynamodb/tag:Tag":0,"aws:ebs/defaultKmsKey:DefaultKmsKey":0,"aws:ebs/encryptionByDefault:EncryptionByDefault":0,"aws:ebs/fastSnapshotRestore:FastSnapshotRestore":1,"aws:ebs/snapshot:Snapshot":0,"aws:ebs/snapshotBlockPublicAccess:SnapshotBlockPublicAccess":0,"aws:ebs/snapshotCopy:SnapshotCopy":0,"aws:ebs/snapshotImport:SnapshotImport":0,"aws:ebs/volume:Volume":0,"aws:ec2/allowedImagesSettings:AllowedImagesSettings":1,"aws:ec2/ami:Ami":0,"aws:ec2/amiCopy:AmiCopy":0,"aws:ec2/amiFromInstance:AmiFromInstance":0,"aws:ec2/amiLaunchPermission:AmiLaunchPermission":0,"aws:ec2/availabilityZoneGroup:AvailabilityZoneGroup":0,"aws:ec2/capacityBlockReservation:CapacityBlockReservation":1,"aws:ec2/capacityReservation:CapacityReservation":0,"aws:ec2/carrierGateway:CarrierGateway":0,"aws:ec2/customerGateway:CustomerGateway":0,"aws:ec2/dedicatedHost:DedicatedHost":0,"aws:ec2/defaultCreditSpecification:DefaultCreditSpecification":1,"aws:ec2/defaultNetworkAcl:DefaultNetworkAcl":0,"aws:ec2/defaultRouteTable:DefaultRouteTable":0,"aws:ec2/defaultSecurityGroup:DefaultSecurityGroup":0,"aws:ec2/defaultSubnet:DefaultSubnet":0,"aws:ec2/defaultVpc:DefaultVpc":0,"aws:ec2/defaultVpcDhcpOptions:DefaultVpcDhcpOptions":0,"aws:ec2/egressOnlyInternetGateway:EgressOnlyInternetGateway":0,"aws:ec2/eip:Eip":0,"aws:ec2/eipAssociation:EipAssociation":0,"aws:ec2/eipDomainName:EipDomainName":1,"aws:ec2/fleet:Fleet":0,"aws:ec2/flowLog:FlowLog":0,"aws:ec2/imageBlockPublicAccess:ImageBlockPublicAccess":0,"aws:ec2/instance:Instance":0,"aws:ec2/instanceMetadataDefaults:InstanceMetadataDefaults":1,"aws:ec2/internetGateway:InternetGateway":0,"aws:ec2/internetGatewayAttachment:InternetGatewayAttachment":0,"aws:ec2/keyPair:KeyPair":0,"aws:ec2/launchConfiguration:LaunchConfiguration":0,"aws:ec2/launchTemplate:LaunchTemplate":0,"aws:ec2/localGatewayRoute:LocalGatewayRoute":0,"aws:ec2/localGatewayRouteTableVpcAssociation:LocalGatewayRouteTableVpcAssociation":0,"aws:ec2/mainRouteTableAssociation:MainRouteTableAssociation":0,"aws:ec2/managedPrefixList:ManagedPrefixList":0,"aws:ec2/managedPrefixListEntry:ManagedPrefixListEntry":0,"aws:ec2/natGateway:NatGateway":0,"aws:ec2/natGatewayEipAssociation:NatGatewayEipAssociation":1,"aws:ec2/networkAcl:NetworkAcl":0,"aws:ec2/networkAclAssociation:NetworkAclAssociation":0,"aws:ec2/networkAclRule:NetworkAclRule":0,"aws:ec2/networkInsightsAnalysis:NetworkInsightsAnalysis":0,"aws:ec2/networkInsightsPath:NetworkInsightsPath":0,"aws:ec2/networkInterface:NetworkInterface":0,"aws:ec2/networkInterfaceAttachment:NetworkInterfaceAttachment":0,"aws:ec2/networkInterfacePermission:NetworkInterfacePermission":1,"aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment":0,"aws:ec2/peeringConnectionOptions:PeeringConnectionOptions":0,"aws:ec2/placementGroup:PlacementGroup":0,"aws:ec2/proxyProtocolPolicy:ProxyProtocolPolicy":0,"aws:ec2/route:Route":0,"aws:ec2/routeTable:RouteTable":0,"aws:ec2/routeTableAssociation:RouteTableAssociation":0,"aws:ec2/securityGroup:SecurityGroup":0,"aws:ec2/securityGroupAssociation:SecurityGroupAssociation":0,"aws:ec2/securityGroupRule:SecurityGroupRule":0,"aws:ec2/serialConsoleAccess:SerialConsoleAccess":0,"aws:ec2/snapshotCreateVolumePermission:SnapshotCreateVolumePermission":0,"aws:ec2/spotDatafeedSubscription:SpotDatafeedSubscription":0,"aws:ec2/spotFleetRequest:SpotFleetRequest":0,"aws:ec2/spotInstanceRequest:SpotInstanceRequest":0,"aws:ec2/subnet:Subnet":0,"aws:ec2/subnetCidrReservation:SubnetCidrReservation":0,"aws:ec2/tag:Tag":0,"aws:ec2/trafficMirrorFilter:TrafficMirrorFilter":0,"aws:ec2/trafficMirrorFilterRule:TrafficMirrorFilterRule":0,"aws:ec2/trafficMirrorSession:TrafficMirrorSession":0,"aws:ec2/trafficMirrorTarget:TrafficMirrorTarget":0,"aws:ec2/volumeAttachment:VolumeAttachment":0,"aws:ec2/vpc:Vpc":0,"aws:ec2/vpcBlockPublicAccessExclusion:VpcBlockPublicAccessExclusion":1,"aws:ec2/vpcBlockPublicAccessOptions:VpcBlockPublicAccessOptions":1,"aws:ec2/vpcDhcpOptions:VpcDhcpOptions":0,"aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation":0,"aws:ec2/vpcEndpoint:VpcEndpoint":0,"aws:ec2/vpcEndpointConnectionAccepter:VpcEndpointConnectionAccepter":0,"aws:ec2/vpcEndpointConnectionNotification:VpcEndpointConnectionNotification":0,"aws:ec2/vpcEndpointPolicy:VpcEndpointPolicy":0,"aws:ec2/vpcEndpointRouteTableAssociation:VpcEndpointRouteTableAssociation":0,"aws:ec2/vpcEndpointService:VpcEndpointService":0,"aws:ec2/vpcEndpointServiceAllowedPrinciple:VpcEndpointServiceAllowedPrinciple":0,"aws:ec2/vpcEndpointSubnetAssociation:VpcEndpointSubnetAssociation":0,"aws:ec2/vpcIpam:VpcIpam":0,"aws:ec2/vpcIpamOrganizationAdminAccount:VpcIpamOrganizationAdminAccount":0,"aws:ec2/vpcIpamPool:VpcIpamPool":0,"aws:ec2/vpcIpamPoolCidr:VpcIpamPoolCidr":0,"aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation":0,"aws:ec2/vpcIpamPreviewNextCidr:VpcIpamPreviewNextCidr":0,"aws:ec2/vpcIpamResourceDiscovery:VpcIpamResourceDiscovery":0,"aws:ec2/vpcIpamResourceDiscoveryAssociation:VpcIpamResourceDiscoveryAssociation":0,"aws:ec2/vpcIpamScope:VpcIpamScope":0,"aws:ec2/vpcIpv4CidrBlockAssociation:VpcIpv4CidrBlockAssociation":0,"aws:ec2/vpcIpv6CidrBlockAssociation:VpcIpv6CidrBlockAssociation":0,"aws:ec2/vpcNetworkPerformanceMetricSubscription:VpcNetworkPerformanceMetricSubscription":0,"aws:ec2/vpcPeeringConnection:VpcPeeringConnection":0,"aws:ec2/vpcPeeringConnectionAccepter:VpcPeeringConnectionAccepter":0,"aws:ec2/vpnConnection:VpnConnection":0,"aws:ec2/vpnConnectionRoute:VpnConnectionRoute":0,"aws:ec2/vpnGateway:VpnGateway":0,"aws:ec2/vpnGatewayAttachment:VpnGatewayAttachment":0,"aws:ec2/vpnGatewayRoutePropagation:VpnGatewayRoutePropagation":0,"aws:ec2clientvpn/authorizationRule:AuthorizationRule":0,"aws:ec2clientvpn/endpoint:Endpoint":0,"aws:ec2clientvpn/networkAssociation:NetworkAssociation":0,"aws:ec2clientvpn/route:Route":0,"aws:ec2transitgateway/connect:Connect":0,"aws:ec2transitgateway/connectPeer:ConnectPeer":0,"aws:ec2transitgateway/defaultRouteTableAssociation:DefaultRouteTableAssociation":1,"aws:ec2transitgateway/defaultRouteTablePropagation:DefaultRouteTablePropagation":1,"aws:ec2transitgateway/instanceConnectEndpoint:InstanceConnectEndpoint":1,"aws:ec2transitgateway/instanceState:InstanceState":0,"aws:ec2transitgateway/multicastDomain:MulticastDomain":0,"aws:ec2transitgateway/multicastDomainAssociation:MulticastDomainAssociation":0,"aws:ec2transitgateway/multicastGroupMember:MulticastGroupMember":0,"aws:ec2transitgateway/multicastGroupSource:MulticastGroupSource":0,"aws:ec2transitgateway/peeringAttachment:PeeringAttachment":0,"aws:ec2transitgateway/peeringAttachmentAccepter:PeeringAttachmentAccepter":0,"aws:ec2transitgateway/policyTable:PolicyTable":0,"aws:ec2transitgateway/policyTableAssociation:PolicyTableAssociation":0,"aws:ec2transitgateway/prefixListReference:PrefixListReference":0,"aws:ec2transitgateway/route:Route":0,"aws:ec2transitgateway/routeTable:RouteTable":0,"aws:ec2transitgateway/routeTableAssociation:RouteTableAssociation":0,"aws:ec2transitgateway/routeTablePropagation:RouteTablePropagation":0,"aws:ec2transitgateway/transitGateway:TransitGateway":0,"aws:ec2transitgateway/vpcAttachment:VpcAttachment":0,"aws:ec2transitgateway/vpcAttachmentAccepter:VpcAttachmentAccepter":0,"aws:ecr/accountSetting:AccountSetting":1,"aws:ecr/lifecyclePolicy:LifecyclePolicy":0,"aws:ecr/pullThroughCacheRule:PullThroughCacheRule":0,"aws:ecr/registryPolicy:RegistryPolicy":0,"aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration":0,"aws:ecr/replicationConfiguration:ReplicationConfiguration":0,"aws:ecr/repository:Repository":0,"aws:ecr/repositoryCreationTemplate:RepositoryCreationTemplate":0,"aws:ecr/repositoryPolicy:RepositoryPolicy":0,"aws:ecrpublic/repository:Repository":0,"aws:ecrpublic/repositoryPolicy:RepositoryPolicy":0,"aws:ecs/accountSettingDefault:AccountSettingDefault":0,"aws:ecs/capacityProvider:CapacityProvider":0,"aws:ecs/cluster:Cluster":0,"aws:ecs/clusterCapacityProviders:ClusterCapacityProviders":0,"aws:ecs/service:Service":0,"aws:ecs/tag:Tag":0,"aws:ecs/taskDefinition:TaskDefinition":0,"aws:ecs/taskSet:TaskSet":0,"aws:efs/accessPoint:AccessPoint":0,"aws:efs/backupPolicy:BackupPolicy":0,"aws:efs/fileSystem:FileSystem":0,"aws:efs/fileSystemPolicy:FileSystemPolicy":0,"aws:efs/mountTarget:MountTarget":0,"aws:efs/replicationConfiguration:ReplicationConfiguration":0,"aws:eks/accessEntry:AccessEntry":0,"aws:eks/accessPolicyAssociation:AccessPolicyAssociation":0,"aws:eks/addon:Addon":0,"aws:eks/cluster:Cluster":0,"aws:eks/fargateProfile:FargateProfile":0,"aws:eks/identityProviderConfig:IdentityProviderConfig":0,"aws:eks/nodeGroup:NodeGroup":0,"aws:eks/podIdentityAssociation:PodIdentityAssociation":1,"aws:elasticache/cluster:Cluster":0,"aws:elasticache/globalReplicationGroup:GlobalReplicationGroup":0,"aws:elasticache/parameterGroup:ParameterGroup":0,"aws:elasticache/replicationGroup:ReplicationGroup":0,"aws:elasticache/reservedCacheNode:ReservedCacheNode":1,"aws:elasticache/serverlessCache:ServerlessCache":1,"aws:elasticache/subnetGroup:SubnetGroup":0,"aws:elasticache/user:User":0,"aws:elasticache/userGroup:UserGroup":0,"aws:elasticache/userGroupAssociation:UserGroupAssociation":0,"aws:elasticbeanstalk/application:Application":0,"aws:elasticbeanstalk/applicationVersion:ApplicationVersion":0,"aws:elasticbeanstalk/configurationTemplate:ConfigurationTemplate":0,"aws:elasticbeanstalk/environment:Environment":0,"aws:elasticsearch/domain:Domain":0,"aws:elasticsearch/domainPolicy:DomainPolicy":0,"aws:elasticsearch/domainSamlOptions:DomainSamlOptions":0,"aws:elasticsearch/vpcEndpoint:VpcEndpoint":0,"aws:elastictranscoder/pipeline:Pipeline":0,"aws:elastictranscoder/preset:Preset":0,"aws:elb/appCookieStickinessPolicy:AppCookieStickinessPolicy":0,"aws:elb/attachment:Attachment":0,"aws:elb/listenerPolicy:ListenerPolicy":0,"aws:elb/loadBalancer:LoadBalancer":0,"aws:elb/loadBalancerBackendServerPolicy:LoadBalancerBackendServerPolicy":0,"aws:elb/loadBalancerCookieStickinessPolicy:LoadBalancerCookieStickinessPolicy":0,"aws:elb/loadBalancerPolicy:LoadBalancerPolicy":0,"aws:elb/sslNegotiationPolicy:SslNegotiationPolicy":0,"aws:emr/blockPublicAccessConfiguration:BlockPublicAccessConfiguration":0,"aws:emr/cluster:Cluster":0,"aws:emr/instanceFleet:InstanceFleet":0,"aws:emr/instanceGroup:InstanceGroup":0,"aws:emr/managedScalingPolicy:ManagedScalingPolicy":0,"aws:emr/securityConfiguration:SecurityConfiguration":0,"aws:emr/studio:Studio":0,"aws:emr/studioSessionMapping:StudioSessionMapping":0,"aws:emrcontainers/jobTemplate:JobTemplate":0,"aws:emrcontainers/virtualCluster:VirtualCluster":0,"aws:emrserverless/application:Application":0,"aws:evidently/feature:Feature":0,"aws:evidently/launch:Launch":0,"aws:evidently/project:Project":0,"aws:evidently/segment:Segment":0,"aws:finspace/kxCluster:KxCluster":0,"aws:finspace/kxDatabase:KxDatabase":0,"aws:finspace/kxDataview:KxDataview":0,"aws:finspace/kxEnvironment:KxEnvironment":0,"aws:finspace/kxScalingGroup:KxScalingGroup":0,"aws:finspace/kxUser:KxUser":0,"aws:finspace/kxVolume:KxVolume":0,"aws:fis/experimentTemplate:ExperimentTemplate":0,"aws:fis/targetAccountConfiguration:TargetAccountConfiguration":1,"aws:fms/adminAccount:AdminAccount":0,"aws:fms/policy:Policy":0,"aws:fms/resourceSet:ResourceSet":1,"aws:fsx/backup:Backup":0,"aws:fsx/dataRepositoryAssociation:DataRepositoryAssociation":0,"aws:fsx/fileCache:FileCache":0,"aws:fsx/lustreFileSystem:LustreFileSystem":0,"aws:fsx/ontapFileSystem:OntapFileSystem":0,"aws:fsx/ontapStorageVirtualMachine:OntapStorageVirtualMachine":0,"aws:fsx/ontapVolume:OntapVolume":0,"aws:fsx/openZfsFileSystem:OpenZfsFileSystem":0,"aws:fsx/openZfsSnapshot:OpenZfsSnapshot":0,"aws:fsx/openZfsVolume:OpenZfsVolume":0,"aws:fsx/s3AccessPointAttachment:S3AccessPointAttachment":1,"aws:fsx/windowsFileSystem:WindowsFileSystem":0,"aws:gamelift/alias:Alias":0,"aws:gamelift/build:Build":0,"aws:gamelift/fleet:Fleet":0,"aws:gamelift/gameServerGroup:GameServerGroup":0,"aws:gamelift/gameSessionQueue:GameSessionQueue":0,"aws:gamelift/script:Script":0,"aws:glacier/vault:Vault":0,"aws:glacier/vaultLock:VaultLock":0,"aws:globalaccelerator/accelerator:Accelerator":0,"aws:globalaccelerator/crossAccountAttachment:CrossAccountAttachment":1,"aws:globalaccelerator/customRoutingAccelerator:CustomRoutingAccelerator":0,"aws:globalaccelerator/customRoutingEndpointGroup:CustomRoutingEndpointGroup":0,"aws:globalaccelerator/customRoutingListener:CustomRoutingListener":0,"aws:globalaccelerator/endpointGroup:EndpointGroup":0,"aws:globalaccelerator/listener:Listener":0,"aws:glue/catalogDatabase:CatalogDatabase":0,"aws:glue/catalogTable:CatalogTable":0,"aws:glue/catalogTableOptimizer:CatalogTableOptimizer":1,"aws:glue/classifier:Classifier":0,"aws:glue/connection:Connection":0,"aws:glue/crawler:Crawler":0,"aws:glue/dataCatalogEncryptionSettings:DataCatalogEncryptionSettings":0,"aws:glue/dataQualityRuleset:DataQualityRuleset":0,"aws:glue/devEndpoint:DevEndpoint":0,"aws:glue/job:Job":0,"aws:glue/mLTransform:MLTransform":0,"aws:glue/partition:Partition":0,"aws:glue/partitionIndex:PartitionIndex":0,"aws:glue/registry:Registry":0,"aws:glue/resourcePolicy:ResourcePolicy":0,"aws:glue/schema:Schema":0,"aws:glue/securityConfiguration:SecurityConfiguration":0,"aws:glue/trigger:Trigger":0,"aws:glue/userDefinedFunction:UserDefinedFunction":0,"aws:glue/workflow:Workflow":0,"aws:grafana/licenseAssociation:LicenseAssociation":0,"aws:grafana/roleAssociation:RoleAssociation":0,"aws:grafana/workspace:Workspace":0,"aws:grafana/workspaceApiKey:WorkspaceApiKey":0,"aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration":0,"aws:grafana/workspaceServiceAccount:WorkspaceServiceAccount":1,"aws:grafana/workspaceServiceAccountToken:WorkspaceServiceAccountToken":1,"aws:guardduty/detector:Detector":0,"aws:guardduty/detectorFeature:DetectorFeature":0,"aws:guardduty/filter:Filter":0,"aws:guardduty/iPSet:IPSet":0,"aws:guardduty/inviteAccepter:InviteAccepter":0,"aws:guardduty/malwareProtectionPlan:MalwareProtectionPlan":1,"aws:guardduty/member:Member":0,"aws:guardduty/memberDetectorFeature:MemberDetectorFeature":1,"aws:guardduty/organizationAdminAccount:OrganizationAdminAccount":0,"aws:guardduty/organizationConfiguration:OrganizationConfiguration":0,"aws:guardduty/organizationConfigurationFeature:OrganizationConfigurationFeature":0,"aws:guardduty/publishingDestination:PublishingDestination":0,"aws:guardduty/threatIntelSet:ThreatIntelSet":0,"aws:iam/accessKey:AccessKey":0,"aws:iam/accountAlias:AccountAlias":0,"aws:iam/accountPasswordPolicy:AccountPasswordPolicy":0,"aws:iam/group:Group":0,"aws:iam/groupMembership:GroupMembership":0,"aws:iam/groupPoliciesExclusive:GroupPoliciesExclusive":1,"aws:iam/groupPolicy:GroupPolicy":0,"aws:iam/groupPolicyAttachment:GroupPolicyAttachment":0,"aws:iam/groupPolicyAttachmentsExclusive:GroupPolicyAttachmentsExclusive":1,"aws:iam/instanceProfile:InstanceProfile":0,"aws:iam/openIdConnectProvider:OpenIdConnectProvider":0,"aws:iam/organizationsFeatures:OrganizationsFeatures":1,"aws:iam/policy:Policy":0,"aws:iam/policyAttachment:PolicyAttachment":0,"aws:iam/role:Role":0,"aws:iam/rolePoliciesExclusive:RolePoliciesExclusive":1,"aws:iam/rolePolicy:RolePolicy":0,"aws:iam/rolePolicyAttachment:RolePolicyAttachment":0,"aws:iam/rolePolicyAttachmentsExclusive:RolePolicyAttachmentsExclusive":1,"aws:iam/samlProvider:SamlProvider":0,"aws:iam/securityTokenServicePreferences:SecurityTokenServicePreferences":0,"aws:iam/serverCertificate:ServerCertificate":0,"aws:iam/serviceLinkedRole:ServiceLinkedRole":0,"aws:iam/serviceSpecificCredential:ServiceSpecificCredential":0,"aws:iam/signingCertificate:SigningCertificate":0,"aws:iam/sshKey:SshKey":0,"aws:iam/user:User":0,"aws:iam/userGroupMembership:UserGroupMembership":0,"aws:iam/userLoginProfile:UserLoginProfile":0,"aws:iam/userPoliciesExclusive:UserPoliciesExclusive":1,"aws:iam/userPolicy:UserPolicy":0,"aws:iam/userPolicyAttachment:UserPolicyAttachment":0,"aws:iam/userPolicyAttachmentsExclusive:UserPolicyAttachmentsExclusive":1,"aws:iam/virtualMfaDevice:VirtualMfaDevice":0,"aws:identitystore/group:Group":0,"aws:identitystore/groupMembership:GroupMembership":0,"aws:identitystore/user:User":0,"aws:imagebuilder/component:Component":0,"aws:imagebuilder/containerRecipe:ContainerRecipe":0,"aws:imagebuilder/distributionConfiguration:DistributionConfiguration":0,"aws:imagebuilder/image:Image":0,"aws:imagebuilder/imagePipeline:ImagePipeline":0,"aws:imagebuilder/imageRecipe:ImageRecipe":0,"aws:imagebuilder/infrastructureConfiguration:InfrastructureConfiguration":0,"aws:imagebuilder/lifecyclePolicy:LifecyclePolicy":1,"aws:imagebuilder/workflow:Workflow":0,"aws:inspector/assessmentTarget:AssessmentTarget":0,"aws:inspector/assessmentTemplate:AssessmentTemplate":0,"aws:inspector/resourceGroup:ResourceGroup":0,"aws:inspector2/delegatedAdminAccount:DelegatedAdminAccount":0,"aws:inspector2/enabler:Enabler":0,"aws:inspector2/filter:Filter":1,"aws:inspector2/memberAssociation:MemberAssociation":0,"aws:inspector2/organizationConfiguration:OrganizationConfiguration":0,"aws:invoicing/invoiceUnit:InvoiceUnit":1,"aws:iot/authorizer:Authorizer":0,"aws:iot/billingGroup:BillingGroup":1,"aws:iot/caCertificate:CaCertificate":0,"aws:iot/certificate:Certificate":0,"aws:iot/domainConfiguration:DomainConfiguration":0,"aws:iot/eventConfigurations:EventConfigurations":0,"aws:iot/indexingConfiguration:IndexingConfiguration":0,"aws:iot/loggingOptions:LoggingOptions":0,"aws:iot/policy:Policy":0,"aws:iot/policyAttachment:PolicyAttachment":0,"aws:iot/provisioningTemplate:ProvisioningTemplate":0,"aws:iot/roleAlias:RoleAlias":0,"aws:iot/thing:Thing":0,"aws:iot/thingGroup:ThingGroup":0,"aws:iot/thingGroupMembership:ThingGroupMembership":0,"aws:iot/thingPrincipalAttachment:ThingPrincipalAttachment":0,"aws:iot/thingType:ThingType":0,"aws:iot/topicRule:TopicRule":0,"aws:iot/topicRuleDestination:TopicRuleDestination":0,"aws:ivs/channel:Channel":0,"aws:ivs/playbackKeyPair:PlaybackKeyPair":0,"aws:ivs/recordingConfiguration:RecordingConfiguration":0,"aws:ivschat/loggingConfiguration:LoggingConfiguration":0,"aws:ivschat/room:Room":0,"aws:kendra/dataSource:DataSource":0,"aws:kendra/experience:Experience":0,"aws:kendra/faq:Faq":0,"aws:kendra/index:Index":0,"aws:kendra/querySuggestionsBlockList:QuerySuggestionsBlockList":0,"aws:kendra/thesaurus:Thesaurus":0,"aws:keyspaces/keyspace:Keyspace":0,"aws:keyspaces/table:Table":0,"aws:kinesis/analyticsApplication:AnalyticsApplication":0,"aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream":0,"aws:kinesis/resourcePolicy:ResourcePolicy":1,"aws:kinesis/stream:Stream":0,"aws:kinesis/streamConsumer:StreamConsumer":0,"aws:kinesis/videoStream:VideoStream":0,"aws:kinesisanalyticsv2/application:Application":0,"aws:kinesisanalyticsv2/applicationSnapshot:ApplicationSnapshot":0,"aws:kms/alias:Alias":0,"aws:kms/ciphertext:Ciphertext":0,"aws:kms/customKeyStore:CustomKeyStore":0,"aws:kms/externalKey:ExternalKey":0,"aws:kms/grant:Grant":0,"aws:kms/key:Key":0,"aws:kms/keyPolicy:KeyPolicy":0,"aws:kms/replicaExternalKey:ReplicaExternalKey":0,"aws:kms/replicaKey:ReplicaKey":0,"aws:lakeformation/dataCellsFilter:DataCellsFilter":1,"aws:lakeformation/dataLakeSettings:DataLakeSettings":0,"aws:lakeformation/identityCenterConfiguration:IdentityCenterConfiguration":1,"aws:lakeformation/lfTag:LfTag":0,"aws:lakeformation/lfTagExpression:LfTagExpression":1,"aws:lakeformation/optIn:OptIn":1,"aws:lakeformation/permissions:Permissions":0,"aws:lakeformation/resource:Resource":0,"aws:lakeformation/resourceLfTag:ResourceLfTag":1,"aws:lakeformation/resourceLfTags:ResourceLfTags":0,"aws:lambda/alias:Alias":0,"aws:lambda/codeSigningConfig:CodeSigningConfig":0,"aws:lambda/eventSourceMapping:EventSourceMapping":0,"aws:lambda/function:Function":0,"aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig":0,"aws:lambda/functionRecursionConfig:FunctionRecursionConfig":1,"aws:lambda/functionUrl:FunctionUrl":0,"aws:lambda/invocation:Invocation":0,"aws:lambda/layerVersion:LayerVersion":0,"aws:lambda/layerVersionPermission:LayerVersionPermission":0,"aws:lambda/permission:Permission":0,"aws:lambda/provisionedConcurrencyConfig:ProvisionedConcurrencyConfig":0,"aws:lambda/runtimeManagementConfig:RuntimeManagementConfig":1,"aws:lb/listener:Listener":0,"aws:lb/listenerCertificate:ListenerCertificate":0,"aws:lb/listenerRule:ListenerRule":0,"aws:lb/loadBalancer:LoadBalancer":0,"aws:lb/targetGroup:TargetGroup":0,"aws:lb/targetGroupAttachment:TargetGroupAttachment":0,"aws:lb/trustStore:TrustStore":0,"aws:lb/trustStoreRevocation:TrustStoreRevocation":0,"aws:lex/bot:Bot":0,"aws:lex/botAlias:BotAlias":0,"aws:lex/intent:Intent":0,"aws:lex/slotType:SlotType":0,"aws:lex/v2modelsBot:V2modelsBot":1,"aws:lex/v2modelsBotLocale:V2modelsBotLocale":1,"aws:lex/v2modelsBotVersion:V2modelsBotVersion":1,"aws:lex/v2modelsIntent:V2modelsIntent":1,"aws:lex/v2modelsSlot:V2modelsSlot":1,"aws:lex/v2modelsSlotType:V2modelsSlotType":1,"aws:licensemanager/association:Association":0,"aws:licensemanager/licenseConfiguration:LicenseConfiguration":0,"aws:licensemanager/licenseGrant:LicenseGrant":0,"aws:licensemanager/licenseGrantAccepter:LicenseGrantAccepter":0,"aws:lightsail/bucket:Bucket":0,"aws:lightsail/bucketAccessKey:BucketAccessKey":0,"aws:lightsail/bucketResourceAccess:BucketResourceAccess":0,"aws:lightsail/certificate:Certificate":0,"aws:lightsail/containerService:ContainerService":0,"aws:lightsail/containerServiceDeploymentVersion:ContainerServiceDeploymentVersion":0,"aws:lightsail/database:Database":0,"aws:lightsail/disk:Disk":0,"aws:lightsail/disk_attachment:Disk_attachment":0,"aws:lightsail/distribution:Distribution":0,"aws:lightsail/domain:Domain":0,"aws:lightsail/domainEntry:DomainEntry":0,"aws:lightsail/instance:Instance":0,"aws:lightsail/instancePublicPorts:InstancePublicPorts":0,"aws:lightsail/keyPair:KeyPair":0,"aws:lightsail/lb:Lb":0,"aws:lightsail/lbAttachment:LbAttachment":0,"aws:lightsail/lbCertificate:LbCertificate":0,"aws:lightsail/lbCertificateAttachment:LbCertificateAttachment":0,"aws:lightsail/lbHttpsRedirectionPolicy:LbHttpsRedirectionPolicy":0,"aws:lightsail/lbStickinessPolicy:LbStickinessPolicy":0,"aws:lightsail/staticIp:StaticIp":0,"aws:lightsail/staticIpAttachment:StaticIpAttachment":0,"aws:location/geofenceCollection:GeofenceCollection":0,"aws:location/map:Map":0,"aws:location/placeIndex:PlaceIndex":0,"aws:location/routeCalculation:RouteCalculation":0,"aws:location/tracker:Tracker":0,"aws:location/trackerAssociation:TrackerAssociation":0,"aws:m2/application:Application":1,"aws:m2/deployment:Deployment":1,"aws:m2/environment:Environment":1,"aws:macie/customDataIdentifier:CustomDataIdentifier":0,"aws:macie/findingsFilter:FindingsFilter":0,"aws:macie2/account:Account":0,"aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration":0,"aws:macie2/classificationJob:ClassificationJob":0,"aws:macie2/invitationAccepter:InvitationAccepter":0,"aws:macie2/member:Member":0,"aws:macie2/organizationAdminAccount:OrganizationAdminAccount":0,"aws:macie2/organizationConfiguration:OrganizationConfiguration":1,"aws:mediaconvert/queue:Queue":0,"aws:medialive/channel:Channel":0,"aws:medialive/input:Input":0,"aws:medialive/inputSecurityGroup:InputSecurityGroup":0,"aws:medialive/multiplex:Multiplex":0,"aws:medialive/multiplexProgram:MultiplexProgram":1,"aws:mediapackage/channel:Channel":0,"aws:mediapackagev2/channelGroup:ChannelGroup":1,"aws:mediastore/container:Container":0,"aws:mediastore/containerPolicy:ContainerPolicy":0,"aws:memorydb/acl:Acl":0,"aws:memorydb/cluster:Cluster":0,"aws:memorydb/multiRegionCluster:MultiRegionCluster":1,"aws:memorydb/parameterGroup:ParameterGroup":0,"aws:memorydb/snapshot:Snapshot":0,"aws:memorydb/subnetGroup:SubnetGroup":0,"aws:memorydb/user:User":0,"aws:mq/broker:Broker":0,"aws:mq/configuration:Configuration":0,"aws:msk/cluster:Cluster":0,"aws:msk/clusterPolicy:ClusterPolicy":0,"aws:msk/configuration:Configuration":0,"aws:msk/replicator:Replicator":0,"aws:msk/scramSecretAssociation:ScramSecretAssociation":0,"aws:msk/serverlessCluster:ServerlessCluster":0,"aws:msk/singleScramSecretAssociation:SingleScramSecretAssociation":1,"aws:msk/vpcConnection:VpcConnection":0,"aws:mskconnect/connector:Connector":0,"aws:mskconnect/customPlugin:CustomPlugin":0,"aws:mskconnect/workerConfiguration:WorkerConfiguration":0,"aws:mwaa/environment:Environment":0,"aws:neptune/cluster:Cluster":0,"aws:neptune/clusterEndpoint:ClusterEndpoint":0,"aws:neptune/clusterInstance:ClusterInstance":0,"aws:neptune/clusterParameterGroup:ClusterParameterGroup":0,"aws:neptune/clusterSnapshot:ClusterSnapshot":0,"aws:neptune/eventSubscription:EventSubscription":0,"aws:neptune/globalCluster:GlobalCluster":0,"aws:neptune/parameterGroup:ParameterGroup":0,"aws:neptune/subnetGroup:SubnetGroup":0,"aws:neptunegraph/graph:Graph":1,"aws:networkfirewall/firewall:Firewall":0,"aws:networkfirewall/firewallPolicy:FirewallPolicy":0,"aws:networkfirewall/firewallTransitGatewayAttachmentAccepter:FirewallTransitGatewayAttachmentAccepter":1,"aws:networkfirewall/loggingConfiguration:LoggingConfiguration":0,"aws:networkfirewall/resourcePolicy:ResourcePolicy":0,"aws:networkfirewall/ruleGroup:RuleGroup":0,"aws:networkfirewall/tlsInspectionConfiguration:TlsInspectionConfiguration":1,"aws:networkfirewall/vpcEndpointAssociation:VpcEndpointAssociation":1,"aws:networkflowmonitor/monitor:Monitor":1,"aws:networkflowmonitor/scope:Scope":1,"aws:networkmanager/attachmentAccepter:AttachmentAccepter":0,"aws:networkmanager/connectAttachment:ConnectAttachment":0,"aws:networkmanager/connectPeer:ConnectPeer":0,"aws:networkmanager/connection:Connection":0,"aws:networkmanager/coreNetwork:CoreNetwork":0,"aws:networkmanager/coreNetworkPolicyAttachment:CoreNetworkPolicyAttachment":0,"aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation":0,"aws:networkmanager/device:Device":0,"aws:networkmanager/dxGatewayAttachment:DxGatewayAttachment":1,"aws:networkmanager/globalNetwork:GlobalNetwork":0,"aws:networkmanager/link:Link":0,"aws:networkmanager/linkAssociation:LinkAssociation":0,"aws:networkmanager/site:Site":0,"aws:networkmanager/siteToSiteVpnAttachment:SiteToSiteVpnAttachment":0,"aws:networkmanager/transitGatewayConnectPeerAssociation:TransitGatewayConnectPeerAssociation":0,"aws:networkmanager/transitGatewayPeering:TransitGatewayPeering":0,"aws:networkmanager/transitGatewayRegistration:TransitGatewayRegistration":0,"aws:networkmanager/transitGatewayRouteTableAttachment:TransitGatewayRouteTableAttachment":0,"aws:networkmanager/vpcAttachment:VpcAttachment":0,"aws:networkmonitor/monitor:Monitor":1,"aws:networkmonitor/probe:Probe":1,"aws:notifications/channelAssociation:ChannelAssociation":1,"aws:notifications/contactsEmailContact:ContactsEmailContact":1,"aws:notifications/eventRule:EventRule":1,"aws:notifications/notificationConfiguration:NotificationConfiguration":1,"aws:notifications/notificationHub:NotificationHub":1,"aws:oam/link:Link":0,"aws:oam/sink:Sink":0,"aws:oam/sinkPolicy:SinkPolicy":0,"aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization":1,"aws:odb/cloudAutonomousVmCluster:CloudAutonomousVmCluster":1,"aws:odb/cloudExadataInfrastructure:CloudExadataInfrastructure":1,"aws:odb/cloudVmCluster:CloudVmCluster":1,"aws:odb/network:Network":1,"aws:odb/networkPeeringConnection:NetworkPeeringConnection":1,"aws:opensearch/authorizeVpcEndpointAccess:AuthorizeVpcEndpointAccess":1,"aws:opensearch/domain:Domain":0,"aws:opensearch/domainPolicy:DomainPolicy":0,"aws:opensearch/domainSamlOptions:DomainSamlOptions":0,"aws:opensearch/inboundConnectionAccepter:InboundConnectionAccepter":0,"aws:opensearch/outboundConnection:OutboundConnection":0,"aws:opensearch/package:Package":0,"aws:opensearch/packageAssociation:PackageAssociation":0,"aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy":1,"aws:opensearch/serverlessCollection:ServerlessCollection":1,"aws:opensearch/serverlessLifecyclePolicy:ServerlessLifecyclePolicy":1,"aws:opensearch/serverlessSecurityConfig:ServerlessSecurityConfig":1,"aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy":1,"aws:opensearch/serverlessVpcEndpoint:ServerlessVpcEndpoint":1,"aws:opensearch/vpcEndpoint:VpcEndpoint":0,"aws:opensearchingest/pipeline:Pipeline":1,"aws:organizations/account:Account":0,"aws:organizations/delegatedAdministrator:DelegatedAdministrator":0,"aws:organizations/organization:Organization":0,"aws:organizations/organizationalUnit:OrganizationalUnit":0,"aws:organizations/policy:Policy":0,"aws:organizations/policyAttachment:PolicyAttachment":0,"aws:organizations/resourcePolicy:ResourcePolicy":0,"aws:paymentcryptography/key:Key":1,"aws:paymentcryptography/keyAlias:KeyAlias":1,"aws:pinpoint/admChannel:AdmChannel":0,"aws:pinpoint/apnsChannel:ApnsChannel":0,"aws:pinpoint/apnsSandboxChannel:ApnsSandboxChannel":0,"aws:pinpoint/apnsVoipChannel:ApnsVoipChannel":0,"aws:pinpoint/apnsVoipSandboxChannel:ApnsVoipSandboxChannel":0,"aws:pinpoint/app:App":0,"aws:pinpoint/baiduChannel:BaiduChannel":0,"aws:pinpoint/emailChannel:EmailChannel":0,"aws:pinpoint/emailTemplate:EmailTemplate":1,"aws:pinpoint/eventStream:EventStream":0,"aws:pinpoint/gcmChannel:GcmChannel":0,"aws:pinpoint/smsChannel:SmsChannel":0,"aws:pinpoint/smsvoicev2ConfigurationSet:Smsvoicev2ConfigurationSet":1,"aws:pinpoint/smsvoicev2OptOutList:Smsvoicev2OptOutList":1,"aws:pinpoint/smsvoicev2PhoneNumber:Smsvoicev2PhoneNumber":1,"aws:pipes/pipe:Pipe":0,"aws:qbusiness/application:Application":1,"aws:qldb/ledger:Ledger":0,"aws:qldb/stream:Stream":0,"aws:quicksight/accountSettings:AccountSettings":1,"aws:quicksight/accountSubscription:AccountSubscription":0,"aws:quicksight/analysis:Analysis":0,"aws:quicksight/customPermissions:CustomPermissions":1,"aws:quicksight/dashboard:Dashboard":0,"aws:quicksight/dataSet:DataSet":0,"aws:quicksight/dataSource:DataSource":0,"aws:quicksight/folder:Folder":0,"aws:quicksight/folderMembership:FolderMembership":1,"aws:quicksight/group:Group":0,"aws:quicksight/groupMembership:GroupMembership":0,"aws:quicksight/iamPolicyAssignment:IamPolicyAssignment":1,"aws:quicksight/ingestion:Ingestion":1,"aws:quicksight/ipRestriction:IpRestriction":1,"aws:quicksight/keyRegistration:KeyRegistration":1,"aws:quicksight/namespace:Namespace":1,"aws:quicksight/refreshSchedule:RefreshSchedule":1,"aws:quicksight/roleCustomPermission:RoleCustomPermission":1,"aws:quicksight/roleMembership:RoleMembership":1,"aws:quicksight/template:Template":0,"aws:quicksight/templateAlias:TemplateAlias":1,"aws:quicksight/theme:Theme":0,"aws:quicksight/user:User":0,"aws:quicksight/userCustomPermission:UserCustomPermission":1,"aws:quicksight/vpcConnection:VpcConnection":1,"aws:ram/principalAssociation:PrincipalAssociation":0,"aws:ram/resourceAssociation:ResourceAssociation":0,"aws:ram/resourceShare:ResourceShare":0,"aws:ram/resourceShareAccepter:ResourceShareAccepter":0,"aws:ram/sharingWithOrganization:SharingWithOrganization":0,"aws:rbin/rule:Rule":0,"aws:rds/certificate:Certificate":0,"aws:rds/cluster:Cluster":0,"aws:rds/clusterActivityStream:ClusterActivityStream":0,"aws:rds/clusterEndpoint:ClusterEndpoint":0,"aws:rds/clusterInstance:ClusterInstance":0,"aws:rds/clusterParameterGroup:ClusterParameterGroup":0,"aws:rds/clusterRoleAssociation:ClusterRoleAssociation":0,"aws:rds/clusterSnapshot:ClusterSnapshot":0,"aws:rds/clusterSnapshotCopy:ClusterSnapshotCopy":1,"aws:rds/customDbEngineVersion:CustomDbEngineVersion":0,"aws:rds/eventSubscription:EventSubscription":0,"aws:rds/exportTask:ExportTask":1,"aws:rds/globalCluster:GlobalCluster":0,"aws:rds/instance:Instance":0,"aws:rds/instanceAutomatedBackupsReplication:InstanceAutomatedBackupsReplication":0,"aws:rds/instanceDesiredState:InstanceDesiredState":1,"aws:rds/integration:Integration":1,"aws:rds/optionGroup:OptionGroup":0,"aws:rds/parameterGroup:ParameterGroup":0,"aws:rds/proxy:Proxy":0,"aws:rds/proxyDefaultTargetGroup:ProxyDefaultTargetGroup":0,"aws:rds/proxyEndpoint:ProxyEndpoint":0,"aws:rds/proxyTarget:ProxyTarget":0,"aws:rds/reservedInstance:ReservedInstance":0,"aws:rds/roleAssociation:RoleAssociation":0,"aws:rds/shardGroup:ShardGroup":1,"aws:rds/snapshot:Snapshot":0,"aws:rds/snapshotCopy:SnapshotCopy":0,"aws:rds/subnetGroup:SubnetGroup":0,"aws:redshift/authenticationProfile:AuthenticationProfile":0,"aws:redshift/cluster:Cluster":0,"aws:redshift/clusterIamRoles:ClusterIamRoles":0,"aws:redshift/clusterSnapshot:ClusterSnapshot":0,"aws:redshift/dataShareAuthorization:DataShareAuthorization":1,"aws:redshift/dataShareConsumerAssociation:DataShareConsumerAssociation":1,"aws:redshift/endpointAccess:EndpointAccess":0,"aws:redshift/endpointAuthorization:EndpointAuthorization":0,"aws:redshift/eventSubscription:EventSubscription":0,"aws:redshift/hsmClientCertificate:HsmClientCertificate":0,"aws:redshift/hsmConfiguration:HsmConfiguration":0,"aws:redshift/integration:Integration":1,"aws:redshift/logging:Logging":1,"aws:redshift/parameterGroup:ParameterGroup":0,"aws:redshift/partner:Partner":0,"aws:redshift/resourcePolicy:ResourcePolicy":0,"aws:redshift/scheduledAction:ScheduledAction":0,"aws:redshift/snapshotCopy:SnapshotCopy":1,"aws:redshift/snapshotCopyGrant:SnapshotCopyGrant":0,"aws:redshift/snapshotSchedule:SnapshotSchedule":0,"aws:redshift/snapshotScheduleAssociation:SnapshotScheduleAssociation":0,"aws:redshift/subnetGroup:SubnetGroup":0,"aws:redshift/usageLimit:UsageLimit":0,"aws:redshiftdata/statement:Statement":0,"aws:redshiftserverless/customDomainAssociation:CustomDomainAssociation":1,"aws:redshiftserverless/endpointAccess:EndpointAccess":0,"aws:redshiftserverless/namespace:Namespace":0,"aws:redshiftserverless/resourcePolicy:ResourcePolicy":0,"aws:redshiftserverless/snapshot:Snapshot":0,"aws:redshiftserverless/usageLimit:UsageLimit":0,"aws:redshiftserverless/workgroup:Workgroup":0,"aws:rekognition/collection:Collection":1,"aws:rekognition/project:Project":1,"aws:rekognition/streamProcessor:StreamProcessor":1,"aws:resiliencehub/resiliencyPolicy:ResiliencyPolicy":1,"aws:resourceexplorer/index:Index":1,"aws:resourceexplorer/view:View":1,"aws:resourcegroups/group:Group":0,"aws:resourcegroups/resource:Resource":0,"aws:rolesanywhere/profile:Profile":0,"aws:rolesanywhere/trustAnchor:TrustAnchor":0,"aws:route53/cidrCollection:CidrCollection":1,"aws:route53/cidrLocation:CidrLocation":1,"aws:route53/delegationSet:DelegationSet":0,"aws:route53/healthCheck:HealthCheck":0,"aws:route53/hostedZoneDnsSec:HostedZoneDnsSec":0,"aws:route53/keySigningKey:KeySigningKey":0,"aws:route53/profilesAssociation:ProfilesAssociation":1,"aws:route53/profilesProfile:ProfilesProfile":1,"aws:route53/profilesResourceAssociation:ProfilesResourceAssociation":1,"aws:route53/queryLog:QueryLog":0,"aws:route53/record:Record":0,"aws:route53/recordsExclusive:RecordsExclusive":1,"aws:route53/resolverConfig:ResolverConfig":0,"aws:route53/resolverDnsSecConfig:ResolverDnsSecConfig":0,"aws:route53/resolverEndpoint:ResolverEndpoint":0,"aws:route53/resolverFirewallConfig:ResolverFirewallConfig":0,"aws:route53/resolverFirewallDomainList:ResolverFirewallDomainList":0,"aws:route53/resolverFirewallRule:ResolverFirewallRule":0,"aws:route53/resolverFirewallRuleGroup:ResolverFirewallRuleGroup":0,"aws:route53/resolverFirewallRuleGroupAssociation:ResolverFirewallRuleGroupAssociation":0,"aws:route53/resolverQueryLogConfig:ResolverQueryLogConfig":0,"aws:route53/resolverQueryLogConfigAssociation:ResolverQueryLogConfigAssociation":0,"aws:route53/resolverRule:ResolverRule":0,"aws:route53/resolverRuleAssociation:ResolverRuleAssociation":0,"aws:route53/trafficPolicy:TrafficPolicy":0,"aws:route53/trafficPolicyInstance:TrafficPolicyInstance":0,"aws:route53/vpcAssociationAuthorization:VpcAssociationAuthorization":0,"aws:route53/zone:Zone":0,"aws:route53/zoneAssociation:ZoneAssociation":0,"aws:route53domains/delegationSignerRecord:DelegationSignerRecord":1,"aws:route53domains/domain:Domain":1,"aws:route53domains/registeredDomain:RegisteredDomain":0,"aws:route53recoverycontrol/cluster:Cluster":0,"aws:route53recoverycontrol/controlPanel:ControlPanel":0,"aws:route53recoverycontrol/routingControl:RoutingControl":0,"aws:route53recoverycontrol/safetyRule:SafetyRule":0,"aws:route53recoveryreadiness/cell:Cell":0,"aws:route53recoveryreadiness/readinessCheck:ReadinessCheck":0,"aws:route53recoveryreadiness/recoveryGroup:RecoveryGroup":0,"aws:route53recoveryreadiness/resourceSet:ResourceSet":0,"aws:rum/appMonitor:AppMonitor":0,"aws:rum/metricsDestination:MetricsDestination":0,"aws:s3/accessPoint:AccessPoint":0,"aws:s3/accountPublicAccessBlock:AccountPublicAccessBlock":0,"aws:s3/analyticsConfiguration:AnalyticsConfiguration":0,"aws:s3/bucket:Bucket":0,"aws:s3/bucketAccelerateConfiguration:BucketAccelerateConfiguration":0,"aws:s3/bucketAccelerateConfigurationV2:BucketAccelerateConfigurationV2":0,"aws:s3/bucketAcl:BucketAcl":0,"aws:s3/bucketAclV2:BucketAclV2":0,"aws:s3/bucketCorsConfiguration:BucketCorsConfiguration":0,"aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2":0,"aws:s3/bucketIntelligentTieringConfiguration:BucketIntelligentTieringConfiguration":0,"aws:s3/bucketLifecycleConfiguration:BucketLifecycleConfiguration":1,"aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2":1,"aws:s3/bucketLogging:BucketLogging":0,"aws:s3/bucketLoggingV2:BucketLoggingV2":0,"aws:s3/bucketMetadataConfiguration:BucketMetadataConfiguration":1,"aws:s3/bucketMetric:BucketMetric":0,"aws:s3/bucketNotification:BucketNotification":0,"aws:s3/bucketObject:BucketObject":0,"aws:s3/bucketObjectLockConfiguration:BucketObjectLockConfiguration":0,"aws:s3/bucketObjectLockConfigurationV2:BucketObjectLockConfigurationV2":0,"aws:s3/bucketObjectv2:BucketObjectv2":0,"aws:s3/bucketOwnershipControls:BucketOwnershipControls":0,"aws:s3/bucketPolicy:BucketPolicy":0,"aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock":0,"aws:s3/bucketReplicationConfig:BucketReplicationConfig":0,"aws:s3/bucketRequestPaymentConfiguration:BucketRequestPaymentConfiguration":0,"aws:s3/bucketRequestPaymentConfigurationV2:BucketRequestPaymentConfigurationV2":0,"aws:s3/bucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration":0,"aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2":0,"aws:s3/bucketV2:BucketV2":0,"aws:s3/bucketVersioning:BucketVersioning":0,"aws:s3/bucketVersioningV2:BucketVersioningV2":0,"aws:s3/bucketWebsiteConfiguration:BucketWebsiteConfiguration":0,"aws:s3/bucketWebsiteConfigurationV2:BucketWebsiteConfigurationV2":0,"aws:s3/directoryBucket:DirectoryBucket":1,"aws:s3/inventory:Inventory":0,"aws:s3/objectCopy:ObjectCopy":0,"aws:s3control/accessGrant:AccessGrant":1,"aws:s3control/accessGrantsInstance:AccessGrantsInstance":1,"aws:s3control/accessGrantsInstanceResourcePolicy:AccessGrantsInstanceResourcePolicy":1,"aws:s3control/accessGrantsLocation:AccessGrantsLocation":1,"aws:s3control/accessPointPolicy:AccessPointPolicy":0,"aws:s3control/bucket:Bucket":0,"aws:s3control/bucketLifecycleConfiguration:BucketLifecycleConfiguration":0,"aws:s3control/bucketPolicy:BucketPolicy":0,"aws:s3control/directoryBucketAccessPointScope:DirectoryBucketAccessPointScope":1,"aws:s3control/multiRegionAccessPoint:MultiRegionAccessPoint":0,"aws:s3control/multiRegionAccessPointPolicy:MultiRegionAccessPointPolicy":0,"aws:s3control/objectLambdaAccessPoint:ObjectLambdaAccessPoint":0,"aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy":0,"aws:s3control/storageLensConfiguration:StorageLensConfiguration":0,"aws:s3outposts/endpoint:Endpoint":0,"aws:s3tables/namespace:Namespace":1,"aws:s3tables/table:Table":1,"aws:s3tables/tableBucket:TableBucket":1,"aws:s3tables/tableBucketPolicy:TableBucketPolicy":1,"aws:s3tables/tablePolicy:TablePolicy":1,"aws:sagemaker/app:App":0,"aws:sagemaker/appImageConfig:AppImageConfig":0,"aws:sagemaker/codeRepository:CodeRepository":0,"aws:sagemaker/dataQualityJobDefinition:DataQualityJobDefinition":0,"aws:sagemaker/device:Device":0,"aws:sagemaker/deviceFleet:DeviceFleet":0,"aws:sagemaker/domain:Domain":0,"aws:sagemaker/endpoint:Endpoint":0,"aws:sagemaker/endpointConfiguration:EndpointConfiguration":0,"aws:sagemaker/featureGroup:FeatureGroup":0,"aws:sagemaker/flowDefinition:FlowDefinition":0,"aws:sagemaker/hub:Hub":0,"aws:sagemaker/humanTaskUI:HumanTaskUI":0,"aws:sagemaker/image:Image":0,"aws:sagemaker/imageVersion:ImageVersion":0,"aws:sagemaker/mlflowTrackingServer:MlflowTrackingServer":0,"aws:sagemaker/model:Model":0,"aws:sagemaker/modelPackageGroup:ModelPackageGroup":0,"aws:sagemaker/modelPackageGroupPolicy:ModelPackageGroupPolicy":0,"aws:sagemaker/monitoringSchedule:MonitoringSchedule":0,"aws:sagemaker/notebookInstance:NotebookInstance":0,"aws:sagemaker/notebookInstanceLifecycleConfiguration:NotebookInstanceLifecycleConfiguration":0,"aws:sagemaker/pipeline:Pipeline":0,"aws:sagemaker/project:Project":0,"aws:sagemaker/servicecatalogPortfolioStatus:ServicecatalogPortfolioStatus":0,"aws:sagemaker/space:Space":0,"aws:sagemaker/studioLifecycleConfig:StudioLifecycleConfig":0,"aws:sagemaker/userProfile:UserProfile":0,"aws:sagemaker/workforce:Workforce":0,"aws:sagemaker/workteam:Workteam":0,"aws:scheduler/schedule:Schedule":0,"aws:scheduler/scheduleGroup:ScheduleGroup":0,"aws:schemas/discoverer:Discoverer":0,"aws:schemas/registry:Registry":0,"aws:schemas/registryPolicy:RegistryPolicy":0,"aws:schemas/schema:Schema":0,"aws:secretsmanager/secret:Secret":0,"aws:secretsmanager/secretPolicy:SecretPolicy":0,"aws:secretsmanager/secretRotation:SecretRotation":0,"aws:secretsmanager/secretVersion:SecretVersion":0,"aws:securityhub/account:Account":0,"aws:securityhub/actionTarget:ActionTarget":0,"aws:securityhub/automationRule:AutomationRule":1,"aws:securityhub/configurationPolicy:ConfigurationPolicy":0,"aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation":0,"aws:securityhub/findingAggregator:FindingAggregator":0,"aws:securityhub/insight:Insight":0,"aws:securityhub/inviteAccepter:InviteAccepter":0,"aws:securityhub/member:Member":0,"aws:securityhub/organizationAdminAccount:OrganizationAdminAccount":0,"aws:securityhub/organizationConfiguration:OrganizationConfiguration":0,"aws:securityhub/productSubscription:ProductSubscription":0,"aws:securityhub/standardsControl:StandardsControl":0,"aws:securityhub/standardsControlAssociation:StandardsControlAssociation":1,"aws:securityhub/standardsSubscription:StandardsSubscription":0,"aws:securitylake/awsLogSource:AwsLogSource":1,"aws:securitylake/customLogSource:CustomLogSource":1,"aws:securitylake/dataLake:DataLake":1,"aws:securitylake/subscriber:Subscriber":1,"aws:securitylake/subscriberNotification:SubscriberNotification":1,"aws:serverlessrepository/cloudFormationStack:CloudFormationStack":0,"aws:servicecatalog/appregistryApplication:AppregistryApplication":1,"aws:servicecatalog/appregistryAttributeGroup:AppregistryAttributeGroup":1,"aws:servicecatalog/appregistryAttributeGroupAssociation:AppregistryAttributeGroupAssociation":1,"aws:servicecatalog/budgetResourceAssociation:BudgetResourceAssociation":0,"aws:servicecatalog/constraint:Constraint":0,"aws:servicecatalog/organizationsAccess:OrganizationsAccess":0,"aws:servicecatalog/portfolio:Portfolio":0,"aws:servicecatalog/portfolioShare:PortfolioShare":0,"aws:servicecatalog/principalPortfolioAssociation:PrincipalPortfolioAssociation":0,"aws:servicecatalog/product:Product":0,"aws:servicecatalog/productPortfolioAssociation:ProductPortfolioAssociation":0,"aws:servicecatalog/provisionedProduct:ProvisionedProduct":0,"aws:servicecatalog/provisioningArtifact:ProvisioningArtifact":0,"aws:servicecatalog/serviceAction:ServiceAction":0,"aws:servicecatalog/tagOption:TagOption":0,"aws:servicecatalog/tagOptionResourceAssociation:TagOptionResourceAssociation":0,"aws:servicediscovery/httpNamespace:HttpNamespace":0,"aws:servicediscovery/instance:Instance":0,"aws:servicediscovery/privateDnsNamespace:PrivateDnsNamespace":0,"aws:servicediscovery/publicDnsNamespace:PublicDnsNamespace":0,"aws:servicediscovery/service:Service":0,"aws:servicequotas/serviceQuota:ServiceQuota":0,"aws:servicequotas/template:Template":1,"aws:servicequotas/templateAssociation:TemplateAssociation":1,"aws:ses/activeReceiptRuleSet:ActiveReceiptRuleSet":0,"aws:ses/configurationSet:ConfigurationSet":0,"aws:ses/domainDkim:DomainDkim":0,"aws:ses/domainIdentity:DomainIdentity":0,"aws:ses/domainIdentityVerification:DomainIdentityVerification":0,"aws:ses/emailIdentity:EmailIdentity":0,"aws:ses/eventDestination:EventDestination":0,"aws:ses/identityNotificationTopic:IdentityNotificationTopic":0,"aws:ses/identityPolicy:IdentityPolicy":0,"aws:ses/mailFrom:MailFrom":0,"aws:ses/receiptFilter:ReceiptFilter":0,"aws:ses/receiptRule:ReceiptRule":0,"aws:ses/receiptRuleSet:ReceiptRuleSet":0,"aws:ses/template:Template":0,"aws:sesv2/accountSuppressionAttributes:AccountSuppressionAttributes":1,"aws:sesv2/accountVdmAttributes:AccountVdmAttributes":0,"aws:sesv2/configurationSet:ConfigurationSet":0,"aws:sesv2/configurationSetEventDestination:ConfigurationSetEventDestination":0,"aws:sesv2/contactList:ContactList":0,"aws:sesv2/dedicatedIpAssignment:DedicatedIpAssignment":0,"aws:sesv2/dedicatedIpPool:DedicatedIpPool":0,"aws:sesv2/emailIdentity:EmailIdentity":0,"aws:sesv2/emailIdentityFeedbackAttributes:EmailIdentityFeedbackAttributes":0,"aws:sesv2/emailIdentityMailFromAttributes:EmailIdentityMailFromAttributes":0,"aws:sesv2/emailIdentityPolicy:EmailIdentityPolicy":0,"aws:sfn/activity:Activity":0,"aws:sfn/alias:Alias":0,"aws:sfn/stateMachine:StateMachine":0,"aws:shield/applicationLayerAutomaticResponse:ApplicationLayerAutomaticResponse":1,"aws:shield/drtAccessLogBucketAssociation:DrtAccessLogBucketAssociation":1,"aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation":1,"aws:shield/proactiveEngagement:ProactiveEngagement":1,"aws:shield/protection:Protection":0,"aws:shield/protectionGroup:ProtectionGroup":0,"aws:shield/protectionHealthCheckAssociation:ProtectionHealthCheckAssociation":0,"aws:shield/subscription:Subscription":1,"aws:signer/signingJob:SigningJob":0,"aws:signer/signingProfile:SigningProfile":0,"aws:signer/signingProfilePermission:SigningProfilePermission":0,"aws:sns/dataProtectionPolicy:DataProtectionPolicy":0,"aws:sns/platformApplication:PlatformApplication":0,"aws:sns/smsPreferences:SmsPreferences":0,"aws:sns/topic:Topic":0,"aws:sns/topicPolicy:TopicPolicy":0,"aws:sns/topicSubscription:TopicSubscription":0,"aws:sqs/queue:Queue":0,"aws:sqs/queuePolicy:QueuePolicy":0,"aws:sqs/redriveAllowPolicy:RedriveAllowPolicy":0,"aws:sqs/redrivePolicy:RedrivePolicy":0,"aws:ssm/activation:Activation":0,"aws:ssm/association:Association":0,"aws:ssm/contactsRotation:ContactsRotation":1,"aws:ssm/defaultPatchBaseline:DefaultPatchBaseline":0,"aws:ssm/document:Document":0,"aws:ssm/maintenanceWindow:MaintenanceWindow":0,"aws:ssm/maintenanceWindowTarget:MaintenanceWindowTarget":0,"aws:ssm/maintenanceWindowTask:MaintenanceWindowTask":0,"aws:ssm/parameter:Parameter":0,"aws:ssm/patchBaseline:PatchBaseline":0,"aws:ssm/patchGroup:PatchGroup":0,"aws:ssm/quicksetupConfigurationManager:QuicksetupConfigurationManager":1,"aws:ssm/resourceDataSync:ResourceDataSync":0,"aws:ssm/serviceSetting:ServiceSetting":0,"aws:ssmcontacts/contact:Contact":0,"aws:ssmcontacts/contactChannel:ContactChannel":0,"aws:ssmcontacts/plan:Plan":0,"aws:ssmincidents/replicationSet:ReplicationSet":0,"aws:ssmincidents/responsePlan:ResponsePlan":0,"aws:ssoadmin/accountAssignment:AccountAssignment":0,"aws:ssoadmin/application:Application":1,"aws:ssoadmin/applicationAccessScope:ApplicationAccessScope":1,"aws:ssoadmin/applicationAssignment:ApplicationAssignment":1,"aws:ssoadmin/applicationAssignmentConfiguration:ApplicationAssignmentConfiguration":1,"aws:ssoadmin/customerManagedPolicyAttachment:CustomerManagedPolicyAttachment":0,"aws:ssoadmin/instanceAccessControlAttributes:InstanceAccessControlAttributes":0,"aws:ssoadmin/managedPolicyAttachment:ManagedPolicyAttachment":0,"aws:ssoadmin/permissionSet:PermissionSet":0,"aws:ssoadmin/permissionSetInlinePolicy:PermissionSetInlinePolicy":0,"aws:ssoadmin/permissionsBoundaryAttachment:PermissionsBoundaryAttachment":0,"aws:ssoadmin/trustedTokenIssuer:TrustedTokenIssuer":1,"aws:storagegateway/cache:Cache":0,"aws:storagegateway/cachesIscsiVolume:CachesIscsiVolume":0,"aws:storagegateway/fileSystemAssociation:FileSystemAssociation":0,"aws:storagegateway/gateway:Gateway":0,"aws:storagegateway/nfsFileShare:NfsFileShare":0,"aws:storagegateway/smbFileShare:SmbFileShare":0,"aws:storagegateway/storedIscsiVolume:StoredIscsiVolume":0,"aws:storagegateway/tapePool:TapePool":0,"aws:storagegateway/uploadBuffer:UploadBuffer":0,"aws:storagegateway/workingStorage:WorkingStorage":0,"aws:swf/domain:Domain":0,"aws:synthetics/canary:Canary":0,"aws:synthetics/group:Group":0,"aws:synthetics/groupAssociation:GroupAssociation":0,"aws:timestreaminfluxdb/dbCluster:DbCluster":1,"aws:timestreaminfluxdb/dbInstance:DbInstance":1,"aws:timestreamquery/scheduledQuery:ScheduledQuery":1,"aws:timestreamwrite/database:Database":0,"aws:timestreamwrite/table:Table":0,"aws:transcribe/languageModel:LanguageModel":0,"aws:transcribe/medicalVocabulary:MedicalVocabulary":0,"aws:transcribe/vocabulary:Vocabulary":0,"aws:transcribe/vocabularyFilter:VocabularyFilter":0,"aws:transfer/access:Access":0,"aws:transfer/agreement:Agreement":0,"aws:transfer/certificate:Certificate":0,"aws:transfer/connector:Connector":0,"aws:transfer/hostKey:HostKey":1,"aws:transfer/profile:Profile":0,"aws:transfer/server:Server":0,"aws:transfer/sshKey:SshKey":0,"aws:transfer/tag:Tag":0,"aws:transfer/user:User":0,"aws:transfer/webApp:WebApp":1,"aws:transfer/webAppCustomization:WebAppCustomization":1,"aws:transfer/workflow:Workflow":0,"aws:verifiedaccess/endpoint:Endpoint":0,"aws:verifiedaccess/group:Group":0,"aws:verifiedaccess/instance:Instance":0,"aws:verifiedaccess/instanceLoggingConfiguration:InstanceLoggingConfiguration":0,"aws:verifiedaccess/instanceTrustProviderAttachment:InstanceTrustProviderAttachment":0,"aws:verifiedaccess/trustProvider:TrustProvider":0,"aws:verifiedpermissions/identitySource:IdentitySource":1,"aws:verifiedpermissions/policy:Policy":1,"aws:verifiedpermissions/policyStore:PolicyStore":1,"aws:verifiedpermissions/policyTemplate:PolicyTemplate":1,"aws:verifiedpermissions/schema:Schema":1,"aws:vpc/endpointPrivateDns:EndpointPrivateDns":1,"aws:vpc/endpointServicePrivateDnsVerification:EndpointServicePrivateDnsVerification":1,"aws:vpc/routeServer:RouteServer":1,"aws:vpc/routeServerEndpoint:RouteServerEndpoint":1,"aws:vpc/routeServerPeer:RouteServerPeer":1,"aws:vpc/routeServerPropagation:RouteServerPropagation":1,"aws:vpc/routeServerVpcAssociation:RouteServerVpcAssociation":1,"aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule":1,"aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule":1,"aws:vpc/securityGroupVpcAssociation:SecurityGroupVpcAssociation":1,"aws:vpclattice/accessLogSubscription:AccessLogSubscription":0,"aws:vpclattice/authPolicy:AuthPolicy":0,"aws:vpclattice/domainVerification:DomainVerification":1,"aws:vpclattice/listener:Listener":0,"aws:vpclattice/listenerRule:ListenerRule":0,"aws:vpclattice/resourceConfiguration:ResourceConfiguration":1,"aws:vpclattice/resourceGateway:ResourceGateway":1,"aws:vpclattice/resourcePolicy:ResourcePolicy":0,"aws:vpclattice/service:Service":0,"aws:vpclattice/serviceNetwork:ServiceNetwork":0,"aws:vpclattice/serviceNetworkResourceAssociation:ServiceNetworkResourceAssociation":1,"aws:vpclattice/serviceNetworkServiceAssociation:ServiceNetworkServiceAssociation":0,"aws:vpclattice/serviceNetworkVpcAssociation:ServiceNetworkVpcAssociation":0,"aws:vpclattice/targetGroup:TargetGroup":0,"aws:vpclattice/targetGroupAttachment:TargetGroupAttachment":0,"aws:waf/byteMatchSet:ByteMatchSet":0,"aws:waf/geoMatchSet:GeoMatchSet":0,"aws:waf/ipSet:IpSet":0,"aws:waf/rateBasedRule:RateBasedRule":0,"aws:waf/regexMatchSet:RegexMatchSet":0,"aws:waf/regexPatternSet:RegexPatternSet":0,"aws:waf/rule:Rule":0,"aws:waf/ruleGroup:RuleGroup":0,"aws:waf/sizeConstraintSet:SizeConstraintSet":0,"aws:waf/sqlInjectionMatchSet:SqlInjectionMatchSet":0,"aws:waf/webAcl:WebAcl":0,"aws:waf/xssMatchSet:XssMatchSet":0,"aws:wafregional/byteMatchSet:ByteMatchSet":0,"aws:wafregional/geoMatchSet:GeoMatchSet":0,"aws:wafregional/ipSet:IpSet":0,"aws:wafregional/rateBasedRule:RateBasedRule":0,"aws:wafregional/regexMatchSet:RegexMatchSet":0,"aws:wafregional/regexPatternSet:RegexPatternSet":0,"aws:wafregional/rule:Rule":0,"aws:wafregional/ruleGroup:RuleGroup":0,"aws:wafregional/sizeConstraintSet:SizeConstraintSet":0,"aws:wafregional/sqlInjectionMatchSet:SqlInjectionMatchSet":0,"aws:wafregional/webAcl:WebAcl":0,"aws:wafregional/webAclAssociation:WebAclAssociation":0,"aws:wafregional/xssMatchSet:XssMatchSet":0,"aws:wafv2/apiKey:ApiKey":1,"aws:wafv2/ipSet:IpSet":0,"aws:wafv2/regexPatternSet:RegexPatternSet":0,"aws:wafv2/ruleGroup:RuleGroup":0,"aws:wafv2/webAcl:WebAcl":0,"aws:wafv2/webAclAssociation:WebAclAssociation":0,"aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration":0,"aws:wafv2/webAclRuleGroupAssociation:WebAclRuleGroupAssociation":1,"aws:workspaces/connectionAlias:ConnectionAlias":1,"aws:workspaces/directory:Directory":0,"aws:workspaces/ipGroup:IpGroup":0,"aws:workspaces/workspace:Workspace":0,"aws:workspacesweb/browserSettings:BrowserSettings":1,"aws:workspacesweb/browserSettingsAssociation:BrowserSettingsAssociation":1,"aws:workspacesweb/dataProtectionSettings:DataProtectionSettings":1,"aws:workspacesweb/dataProtectionSettingsAssociation:DataProtectionSettingsAssociation":1,"aws:workspacesweb/identityProvider:IdentityProvider":1,"aws:workspacesweb/ipAccessSettings:IpAccessSettings":1,"aws:workspacesweb/ipAccessSettingsAssociation:IpAccessSettingsAssociation":1,"aws:workspacesweb/networkSettings:NetworkSettings":1,"aws:workspacesweb/networkSettingsAssociation:NetworkSettingsAssociation":1,"aws:workspacesweb/portal:Portal":1,"aws:workspacesweb/sessionLogger:SessionLogger":1,"aws:workspacesweb/sessionLoggerAssociation:SessionLoggerAssociation":1,"aws:workspacesweb/trustStore:TrustStore":1,"aws:workspacesweb/trustStoreAssociation:TrustStoreAssociation":1,"aws:workspacesweb/userAccessLoggingSettings:UserAccessLoggingSettings":1,"aws:workspacesweb/userAccessLoggingSettingsAssociation:UserAccessLoggingSettingsAssociation":1,"aws:workspacesweb/userSettings:UserSettings":1,"aws:workspacesweb/userSettingsAssociation:UserSettingsAssociation":1,"aws:xray/encryptionConfig:EncryptionConfig":0,"aws:xray/group:Group":0,"aws:xray/resourcePolicy:ResourcePolicy":1,"aws:xray/samplingRule:SamplingRule":0},"functions":{"aws:account/getPrimaryContact:getPrimaryContact":1,"aws:acm/getCertificate:getCertificate":0,"aws:acmpca/getCertificate:getCertificate":0,"aws:acmpca/getCertificateAuthority:getCertificateAuthority":0,"aws:alb/getListener:getListener":0,"aws:alb/getLoadBalancer:getLoadBalancer":0,"aws:alb/getTargetGroup:getTargetGroup":0,"aws:amp/getDefaultScraperConfiguration:getDefaultScraperConfiguration":1,"aws:amp/getWorkspace:getWorkspace":0,"aws:amp/getWorkspaces:getWorkspaces":0,"aws:apigateway/getApiKeys:getApiKeys":1,"aws:apigateway/getAuthorizer:getAuthorizer":0,"aws:apigateway/getAuthorizers:getAuthorizers":0,"aws:apigateway/getDomainName:getDomainName":0,"aws:apigateway/getExport:getExport":0,"aws:apigateway/getKey:getKey":0,"aws:apigateway/getResource:getResource":0,"aws:apigateway/getRestApi:getRestApi":0,"aws:apigateway/getSdk:getSdk":0,"aws:apigateway/getVpcLink:getVpcLink":0,"aws:apigatewayv2/getApi:getApi":0,"aws:apigatewayv2/getApis:getApis":0,"aws:apigatewayv2/getExport:getExport":0,"aws:apigatewayv2/getVpcLink:getVpcLink":0,"aws:appconfig/getApplication:getApplication":1,"aws:appconfig/getConfigurationProfile:getConfigurationProfile":0,"aws:appconfig/getConfigurationProfiles:getConfigurationProfiles":0,"aws:appconfig/getEnvironment:getEnvironment":0,"aws:appconfig/getEnvironments:getEnvironments":0,"aws:appintegrations/getEventIntegration:getEventIntegration":0,"aws:appmesh/getGatewayRoute:getGatewayRoute":0,"aws:appmesh/getMesh:getMesh":0,"aws:appmesh/getRoute:getRoute":0,"aws:appmesh/getVirtualGateway:getVirtualGateway":0,"aws:appmesh/getVirtualNode:getVirtualNode":0,"aws:appmesh/getVirtualRouter:getVirtualRouter":0,"aws:appmesh/getVirtualService:getVirtualService":0,"aws:apprunner/getHostedZoneId:getHostedZoneId":1,"aws:appstream/getImage:getImage":1,"aws:athena/getNamedQuery:getNamedQuery":0,"aws:auditmanager/getControl:getControl":1,"aws:auditmanager/getFramework:getFramework":1,"aws:autoscaling/getAmiIds:getAmiIds":0,"aws:autoscaling/getGroup:getGroup":0,"aws:backup/getFramework:getFramework":0,"aws:backup/getPlan:getPlan":0,"aws:backup/getReportPlan:getReportPlan":0,"aws:backup/getSelection:getSelection":0,"aws:backup/getVault:getVault":0,"aws:batch/getComputeEnvironment:getComputeEnvironment":0,"aws:batch/getJobDefinition:getJobDefinition":1,"aws:batch/getJobQueue:getJobQueue":0,"aws:batch/getSchedulingPolicy:getSchedulingPolicy":0,"aws:bedrock/getAgentAgentVersions:getAgentAgentVersions":1,"aws:bedrock/getCustomModel:getCustomModel":1,"aws:bedrock/getCustomModels:getCustomModels":1,"aws:bedrock/getInferenceProfile:getInferenceProfile":1,"aws:bedrock/getInferenceProfiles:getInferenceProfiles":1,"aws:bedrockfoundation/getModel:getModel":1,"aws:bedrockfoundation/getModels:getModels":1,"aws:billing/getViews:getViews":1,"aws:budgets/getBudget:getBudget":0,"aws:chatbot/getSlackWorkspace:getSlackWorkspace":1,"aws:cloudcontrol/getResource:getResource":0,"aws:cloudformation/getCloudFormationType:getCloudFormationType":0,"aws:cloudformation/getExport:getExport":0,"aws:cloudformation/getStack:getStack":0,"aws:cloudfront/getCachePolicy:getCachePolicy":0,"aws:cloudfront/getDistribution:getDistribution":0,"aws:cloudfront/getFunction:getFunction":0,"aws:cloudfront/getLogDeliveryCanonicalUserId:getLogDeliveryCanonicalUserId":0,"aws:cloudfront/getOriginAccessControl:getOriginAccessControl":1,"aws:cloudfront/getOriginAccessIdentities:getOriginAccessIdentities":0,"aws:cloudfront/getOriginAccessIdentity:getOriginAccessIdentity":0,"aws:cloudfront/getOriginRequestPolicy:getOriginRequestPolicy":0,"aws:cloudfront/getRealtimeLogConfig:getRealtimeLogConfig":0,"aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy":0,"aws:cloudhsmv2/getCluster:getCluster":0,"aws:cloudtrail/getServiceAccount:getServiceAccount":0,"aws:cloudwatch/getContributorManagedInsightRules:getContributorManagedInsightRules":1,"aws:cloudwatch/getEventBus:getEventBus":0,"aws:cloudwatch/getEventBuses:getEventBuses":1,"aws:cloudwatch/getEventConnection:getEventConnection":0,"aws:cloudwatch/getEventSource:getEventSource":0,"aws:cloudwatch/getLogDataProtectionPolicyDocument:getLogDataProtectionPolicyDocument":0,"aws:cloudwatch/getLogGroup:getLogGroup":0,"aws:cloudwatch/getLogGroups:getLogGroups":0,"aws:codeartifact/getAuthorizationToken:getAuthorizationToken":0,"aws:codeartifact/getRepositoryEndpoint:getRepositoryEndpoint":0,"aws:codebuild/getFleet:getFleet":0,"aws:codecatalyst/getDevEnvironment:getDevEnvironment":0,"aws:codecommit/getApprovalRuleTemplate:getApprovalRuleTemplate":0,"aws:codecommit/getRepository:getRepository":0,"aws:codeguruprofiler/getProfilingGroup:getProfilingGroup":1,"aws:codestarconnections/getConnection:getConnection":0,"aws:cognito/getIdentityPool:getIdentityPool":0,"aws:cognito/getUserGroup:getUserGroup":1,"aws:cognito/getUserGroups:getUserGroups":1,"aws:cognito/getUserPool:getUserPool":1,"aws:cognito/getUserPoolClient:getUserPoolClient":0,"aws:cognito/getUserPoolClients:getUserPoolClients":0,"aws:cognito/getUserPoolSigningCertificate:getUserPoolSigningCertificate":0,"aws:cognito/getUserPools:getUserPools":0,"aws:connect/getBotAssociation:getBotAssociation":0,"aws:connect/getContactFlow:getContactFlow":0,"aws:connect/getContactFlowModule:getContactFlowModule":0,"aws:connect/getHoursOfOperation:getHoursOfOperation":0,"aws:connect/getInstance:getInstance":0,"aws:connect/getInstanceStorageConfig:getInstanceStorageConfig":0,"aws:connect/getLambdaFunctionAssociation:getLambdaFunctionAssociation":0,"aws:connect/getPrompt:getPrompt":0,"aws:connect/getQueue:getQueue":0,"aws:connect/getQuickConnect:getQuickConnect":0,"aws:connect/getRoutingProfile:getRoutingProfile":0,"aws:connect/getSecurityProfile:getSecurityProfile":0,"aws:connect/getUser:getUser":0,"aws:connect/getUserHierarchyGroup:getUserHierarchyGroup":0,"aws:connect/getUserHierarchyStructure:getUserHierarchyStructure":0,"aws:connect/getVocabulary:getVocabulary":0,"aws:controltower/getControls:getControls":0,"aws:costexplorer/getCostCategory:getCostCategory":0,"aws:costexplorer/getTags:getTags":0,"aws:cur/getReportDefinition:getReportDefinition":0,"aws:datapipeline/getPipeline:getPipeline":0,"aws:datapipeline/getPipelineDefinition:getPipelineDefinition":0,"aws:datazone/getDomain:getDomain":1,"aws:datazone/getEnvironmentBlueprint:getEnvironmentBlueprint":1,"aws:devopsguru/getNotificationChannel:getNotificationChannel":1,"aws:devopsguru/getResourceCollection:getResourceCollection":1,"aws:directconnect/getConnection:getConnection":0,"aws:directconnect/getGateway:getGateway":0,"aws:directconnect/getLocation:getLocation":0,"aws:directconnect/getLocations:getLocations":0,"aws:directconnect/getRouterConfiguration:getRouterConfiguration":0,"aws:directoryservice/getDirectory:getDirectory":0,"aws:dms/getCertificate:getCertificate":0,"aws:dms/getEndpoint:getEndpoint":0,"aws:dms/getReplicationInstance:getReplicationInstance":0,"aws:dms/getReplicationSubnetGroup:getReplicationSubnetGroup":0,"aws:dms/getReplicationTask:getReplicationTask":0,"aws:docdb/getEngineVersion:getEngineVersion":0,"aws:docdb/getOrderableDbInstance:getOrderableDbInstance":0,"aws:dynamodb/getTable:getTable":0,"aws:dynamodb/getTableItem:getTableItem":0,"aws:dynamodb/getTables:getTables":1,"aws:ebs/getDefaultKmsKey:getDefaultKmsKey":0,"aws:ebs/getEbsVolumes:getEbsVolumes":0,"aws:ebs/getEncryptionByDefault:getEncryptionByDefault":0,"aws:ebs/getSnapshot:getSnapshot":0,"aws:ebs/getSnapshotIds:getSnapshotIds":0,"aws:ebs/getVolume:getVolume":0,"aws:ec2/getAmi:getAmi":0,"aws:ec2/getAmiIds:getAmiIds":0,"aws:ec2/getCapacityBlockOffering:getCapacityBlockOffering":1,"aws:ec2/getCoipPool:getCoipPool":0,"aws:ec2/getCoipPools:getCoipPools":0,"aws:ec2/getCustomerGateway:getCustomerGateway":0,"aws:ec2/getDedicatedHost:getDedicatedHost":0,"aws:ec2/getEips:getEips":0,"aws:ec2/getElasticIp:getElasticIp":0,"aws:ec2/getInstance:getInstance":0,"aws:ec2/getInstanceType:getInstanceType":0,"aws:ec2/getInstanceTypeOffering:getInstanceTypeOffering":0,"aws:ec2/getInstanceTypeOfferings:getInstanceTypeOfferings":0,"aws:ec2/getInstanceTypes:getInstanceTypes":0,"aws:ec2/getInstances:getInstances":0,"aws:ec2/getInternetGateway:getInternetGateway":0,"aws:ec2/getIpamPreviewNextCidr:getIpamPreviewNextCidr":0,"aws:ec2/getKeyPair:getKeyPair":0,"aws:ec2/getLaunchConfiguration:getLaunchConfiguration":0,"aws:ec2/getLaunchTemplate:getLaunchTemplate":0,"aws:ec2/getLocalGateway:getLocalGateway":0,"aws:ec2/getLocalGatewayRouteTable:getLocalGatewayRouteTable":0,"aws:ec2/getLocalGatewayRouteTables:getLocalGatewayRouteTables":0,"aws:ec2/getLocalGatewayVirtualInterface:getLocalGatewayVirtualInterface":0,"aws:ec2/getLocalGatewayVirtualInterfaceGroup:getLocalGatewayVirtualInterfaceGroup":0,"aws:ec2/getLocalGatewayVirtualInterfaceGroups:getLocalGatewayVirtualInterfaceGroups":0,"aws:ec2/getLocalGateways:getLocalGateways":0,"aws:ec2/getManagedPrefixList:getManagedPrefixList":0,"aws:ec2/getManagedPrefixLists:getManagedPrefixLists":0,"aws:ec2/getNatGateway:getNatGateway":0,"aws:ec2/getNatGateways:getNatGateways":0,"aws:ec2/getNetworkAcls:getNetworkAcls":0,"aws:ec2/getNetworkInsightsAnalysis:getNetworkInsightsAnalysis":0,"aws:ec2/getNetworkInsightsPath:getNetworkInsightsPath":0,"aws:ec2/getNetworkInterface:getNetworkInterface":0,"aws:ec2/getNetworkInterfaces:getNetworkInterfaces":0,"aws:ec2/getPrefixList:getPrefixList":0,"aws:ec2/getPublicIpv4Pool:getPublicIpv4Pool":0,"aws:ec2/getPublicIpv4Pools:getPublicIpv4Pools":0,"aws:ec2/getRoute:getRoute":0,"aws:ec2/getRouteTable:getRouteTable":0,"aws:ec2/getRouteTables:getRouteTables":0,"aws:ec2/getSecurityGroup:getSecurityGroup":0,"aws:ec2/getSecurityGroups:getSecurityGroups":0,"aws:ec2/getSerialConsoleAccess:getSerialConsoleAccess":0,"aws:ec2/getSpotDatafeedSubscription:getSpotDatafeedSubscription":1,"aws:ec2/getSpotPrice:getSpotPrice":0,"aws:ec2/getSubnet:getSubnet":0,"aws:ec2/getSubnets:getSubnets":0,"aws:ec2/getTransitGatewayRouteTables:getTransitGatewayRouteTables":0,"aws:ec2/getVpc:getVpc":0,"aws:ec2/getVpcDhcpOptions:getVpcDhcpOptions":0,"aws:ec2/getVpcEndpoint:getVpcEndpoint":0,"aws:ec2/getVpcEndpointService:getVpcEndpointService":0,"aws:ec2/getVpcIpam:getVpcIpam":1,"aws:ec2/getVpcIpamPool:getVpcIpamPool":0,"aws:ec2/getVpcIpamPoolCidrs:getVpcIpamPoolCidrs":0,"aws:ec2/getVpcIpamPools:getVpcIpamPools":0,"aws:ec2/getVpcIpams:getVpcIpams":1,"aws:ec2/getVpcPeeringConnection:getVpcPeeringConnection":0,"aws:ec2/getVpcPeeringConnections:getVpcPeeringConnections":0,"aws:ec2/getVpcs:getVpcs":0,"aws:ec2/getVpnConnection:getVpnConnection":1,"aws:ec2/getVpnGateway:getVpnGateway":0,"aws:ec2clientvpn/getEndpoint:getEndpoint":0,"aws:ec2transitgateway/getAttachment:getAttachment":0,"aws:ec2transitgateway/getAttachments:getAttachments":0,"aws:ec2transitgateway/getConnect:getConnect":0,"aws:ec2transitgateway/getConnectPeer:getConnectPeer":0,"aws:ec2transitgateway/getDirectConnectGatewayAttachment:getDirectConnectGatewayAttachment":0,"aws:ec2transitgateway/getMulticastDomain:getMulticastDomain":0,"aws:ec2transitgateway/getPeeringAttachment:getPeeringAttachment":0,"aws:ec2transitgateway/getPeeringAttachments:getPeeringAttachments":0,"aws:ec2transitgateway/getRouteTable:getRouteTable":0,"aws:ec2transitgateway/getRouteTableAssociations:getRouteTableAssociations":0,"aws:ec2transitgateway/getRouteTablePropagations:getRouteTablePropagations":0,"aws:ec2transitgateway/getRouteTableRoutes:getRouteTableRoutes":0,"aws:ec2transitgateway/getTransitGateway:getTransitGateway":0,"aws:ec2transitgateway/getVpcAttachment:getVpcAttachment":0,"aws:ec2transitgateway/getVpcAttachments:getVpcAttachments":0,"aws:ec2transitgateway/getVpnAttachment:getVpnAttachment":0,"aws:ecr/getAuthorizationToken:getAuthorizationToken":0,"aws:ecr/getImage:getImage":0,"aws:ecr/getImages:getImages":1,"aws:ecr/getLifecyclePolicyDocument:getLifecyclePolicyDocument":1,"aws:ecr/getPullThroughCacheRule:getPullThroughCacheRule":0,"aws:ecr/getRepositories:getRepositories":1,"aws:ecr/getRepository:getRepository":0,"aws:ecr/getRepositoryCreationTemplate:getRepositoryCreationTemplate":0,"aws:ecrpublic/getAuthorizationToken:getAuthorizationToken":0,"aws:ecrpublic/getImages:getImages":1,"aws:ecs/getCluster:getCluster":0,"aws:ecs/getClusters:getClusters":1,"aws:ecs/getContainerDefinition:getContainerDefinition":0,"aws:ecs/getService:getService":0,"aws:ecs/getTaskDefinition:getTaskDefinition":0,"aws:ecs/getTaskExecution:getTaskExecution":0,"aws:efs/getAccessPoint:getAccessPoint":0,"aws:efs/getAccessPoints:getAccessPoints":0,"aws:efs/getFileSystem:getFileSystem":0,"aws:efs/getMountTarget:getMountTarget":0,"aws:eks/getAccessEntry:getAccessEntry":0,"aws:eks/getAddon:getAddon":0,"aws:eks/getAddonVersion:getAddonVersion":0,"aws:eks/getCluster:getCluster":0,"aws:eks/getClusterAuth:getClusterAuth":0,"aws:eks/getClusterVersions:getClusterVersions":1,"aws:eks/getClusters:getClusters":0,"aws:eks/getNodeGroup:getNodeGroup":0,"aws:eks/getNodeGroups:getNodeGroups":0,"aws:elasticache/getCluster:getCluster":0,"aws:elasticache/getReplicationGroup:getReplicationGroup":0,"aws:elasticache/getReservedCacheNodeOffering:getReservedCacheNodeOffering":1,"aws:elasticache/getServerlessCache:getServerlessCache":1,"aws:elasticache/getSubnetGroup:getSubnetGroup":0,"aws:elasticache/getUser:getUser":0,"aws:elasticbeanstalk/getApplication:getApplication":0,"aws:elasticbeanstalk/getHostedZone:getHostedZone":0,"aws:elasticbeanstalk/getSolutionStack:getSolutionStack":0,"aws:elasticsearch/getDomain:getDomain":0,"aws:elb/getHostedZoneId:getHostedZoneId":0,"aws:elb/getLoadBalancer:getLoadBalancer":0,"aws:elb/getServiceAccount:getServiceAccount":0,"aws:emr/getReleaseLabels:getReleaseLabels":0,"aws:emr/getSupportedInstanceTypes:getSupportedInstanceTypes":1,"aws:emrcontainers/getVirtualCluster:getVirtualCluster":0,"aws:fis/getExperimentTemplates:getExperimentTemplates":1,"aws:fsx/getOntapFileSystem:getOntapFileSystem":0,"aws:fsx/getOntapStorageVirtualMachine:getOntapStorageVirtualMachine":0,"aws:fsx/getOntapStorageVirtualMachines:getOntapStorageVirtualMachines":0,"aws:fsx/getOpenZfsSnapshot:getOpenZfsSnapshot":0,"aws:fsx/getWindowsFileSystem:getWindowsFileSystem":0,"aws:globalaccelerator/getAccelerator:getAccelerator":1,"aws:globalaccelerator/getCustomRoutingAccelerator:getCustomRoutingAccelerator":0,"aws:glue/getCatalogTable:getCatalogTable":0,"aws:glue/getConnection:getConnection":0,"aws:glue/getDataCatalogEncryptionSettings:getDataCatalogEncryptionSettings":0,"aws:glue/getRegistry:getRegistry":1,"aws:glue/getScript:getScript":0,"aws:grafana/getWorkspace:getWorkspace":0,"aws:guardduty/getDetector:getDetector":0,"aws:guardduty/getFindingIds:getFindingIds":1,"aws:iam/getAccessKeys:getAccessKeys":0,"aws:iam/getAccountAlias:getAccountAlias":0,"aws:iam/getGroup:getGroup":0,"aws:iam/getInstanceProfile:getInstanceProfile":0,"aws:iam/getInstanceProfiles:getInstanceProfiles":0,"aws:iam/getOpenIdConnectProvider:getOpenIdConnectProvider":0,"aws:iam/getPolicy:getPolicy":0,"aws:iam/getPolicyDocument:getPolicyDocument":0,"aws:iam/getPrincipalPolicySimulation:getPrincipalPolicySimulation":0,"aws:iam/getRole:getRole":0,"aws:iam/getRoles:getRoles":0,"aws:iam/getSamlProvider:getSamlProvider":0,"aws:iam/getServerCertificate:getServerCertificate":0,"aws:iam/getSessionContext:getSessionContext":0,"aws:iam/getUser:getUser":0,"aws:iam/getUserSshKey:getUserSshKey":0,"aws:iam/getUsers:getUsers":0,"aws:identitystore/getGroup:getGroup":0,"aws:identitystore/getGroupMemberships:getGroupMemberships":1,"aws:identitystore/getGroups:getGroups":1,"aws:identitystore/getUser:getUser":0,"aws:identitystore/getUsers:getUsers":1,"aws:imagebuilder/getComponent:getComponent":0,"aws:imagebuilder/getComponents:getComponents":0,"aws:imagebuilder/getContainerRecipe:getContainerRecipe":0,"aws:imagebuilder/getContainerRecipes:getContainerRecipes":0,"aws:imagebuilder/getDistributionConfiguration:getDistributionConfiguration":0,"aws:imagebuilder/getDistributionConfigurations:getDistributionConfigurations":0,"aws:imagebuilder/getImage:getImage":0,"aws:imagebuilder/getImagePipeline:getImagePipeline":0,"aws:imagebuilder/getImagePipelines:getImagePipelines":0,"aws:imagebuilder/getImageRecipe:getImageRecipe":0,"aws:imagebuilder/getImageRecipes:getImageRecipes":0,"aws:imagebuilder/getInfrastructureConfiguration:getInfrastructureConfiguration":0,"aws:imagebuilder/getInfrastructureConfigurations:getInfrastructureConfigurations":0,"aws:index/getArn:getArn":1,"aws:index/getAvailabilityZone:getAvailabilityZone":0,"aws:index/getAvailabilityZones:getAvailabilityZones":0,"aws:index/getBillingServiceAccount:getBillingServiceAccount":1,"aws:index/getCallerIdentity:getCallerIdentity":1,"aws:index/getDefaultTags:getDefaultTags":1,"aws:index/getIpRanges:getIpRanges":1,"aws:index/getPartition:getPartition":1,"aws:index/getRegion:getRegion":1,"aws:index/getRegions:getRegions":1,"aws:index/getService:getService":1,"aws:index/getServicePrincipal:getServicePrincipal":1,"aws:inspector/getRulesPackages:getRulesPackages":0,"aws:iot/getEndpoint:getEndpoint":0,"aws:iot/getRegistrationCode:getRegistrationCode":0,"aws:ivs/getStreamKey:getStreamKey":0,"aws:kendra/getExperience:getExperience":0,"aws:kendra/getFaq:getFaq":0,"aws:kendra/getIndex:getIndex":0,"aws:kendra/getQuerySuggestionsBlockList:getQuerySuggestionsBlockList":0,"aws:kendra/getThesaurus:getThesaurus":0,"aws:kinesis/getFirehoseDeliveryStream:getFirehoseDeliveryStream":0,"aws:kinesis/getStream:getStream":0,"aws:kinesis/getStreamConsumer:getStreamConsumer":0,"aws:kms/getAlias:getAlias":0,"aws:kms/getCipherText:getCipherText":0,"aws:kms/getCustomKeyStore:getCustomKeyStore":0,"aws:kms/getKey:getKey":0,"aws:kms/getPublicKey:getPublicKey":0,"aws:kms/getSecret:getSecret":0,"aws:kms/getSecrets:getSecrets":0,"aws:lakeformation/getDataLakeSettings:getDataLakeSettings":0,"aws:lakeformation/getPermissions:getPermissions":0,"aws:lakeformation/getResource:getResource":0,"aws:lambda/getAlias:getAlias":0,"aws:lambda/getCodeSigningConfig:getCodeSigningConfig":0,"aws:lambda/getFunction:getFunction":0,"aws:lambda/getFunctionUrl:getFunctionUrl":0,"aws:lambda/getFunctions:getFunctions":0,"aws:lambda/getInvocation:getInvocation":0,"aws:lambda/getLayerVersion:getLayerVersion":0,"aws:lb/getHostedZoneId:getHostedZoneId":0,"aws:lb/getLbs:getLbs":0,"aws:lb/getListener:getListener":0,"aws:lb/getListenerRule:getListenerRule":1,"aws:lb/getLoadBalancer:getLoadBalancer":0,"aws:lb/getTargetGroup:getTargetGroup":0,"aws:lb/getTrustStore:getTrustStore":0,"aws:lex/getBot:getBot":0,"aws:lex/getBotAlias:getBotAlias":0,"aws:lex/getIntent:getIntent":0,"aws:lex/getSlotType:getSlotType":0,"aws:licensemanager/getLicenseGrants:getLicenseGrants":0,"aws:licensemanager/getReceivedLicense:getReceivedLicense":0,"aws:licensemanager/getReceivedLicenses:getReceivedLicenses":0,"aws:location/getGeofenceCollection:getGeofenceCollection":0,"aws:location/getMap:getMap":0,"aws:location/getPlaceIndex:getPlaceIndex":0,"aws:location/getRouteCalculator:getRouteCalculator":0,"aws:location/getTracker:getTracker":0,"aws:location/getTrackerAssociation:getTrackerAssociation":0,"aws:location/getTrackerAssociations:getTrackerAssociations":0,"aws:mediaconvert/getQueue:getQueue":0,"aws:medialive/getInput:getInput":1,"aws:memorydb/getAcl:getAcl":0,"aws:memorydb/getCluster:getCluster":0,"aws:memorydb/getParameterGroup:getParameterGroup":0,"aws:memorydb/getSnapshot:getSnapshot":0,"aws:memorydb/getSubnetGroup:getSubnetGroup":0,"aws:memorydb/getUser:getUser":0,"aws:mq/getBroker:getBroker":0,"aws:mq/getBrokerEngineTypes:getBrokerEngineTypes":0,"aws:mq/getInstanceTypeOfferings:getInstanceTypeOfferings":0,"aws:msk/getBootstrapBrokers:getBootstrapBrokers":0,"aws:msk/getBrokerNodes:getBrokerNodes":0,"aws:msk/getCluster:getCluster":0,"aws:msk/getConfiguration:getConfiguration":0,"aws:msk/getKafkaVersion:getKafkaVersion":0,"aws:msk/getVpcConnection:getVpcConnection":0,"aws:mskconnect/getConnector:getConnector":0,"aws:mskconnect/getCustomPlugin:getCustomPlugin":0,"aws:mskconnect/getWorkerConfiguration:getWorkerConfiguration":0,"aws:neptune/getEngineVersion:getEngineVersion":0,"aws:neptune/getOrderableDbInstance:getOrderableDbInstance":0,"aws:networkfirewall/getFirewall:getFirewall":0,"aws:networkfirewall/getFirewallPolicy:getFirewallPolicy":0,"aws:networkfirewall/getResourcePolicy:getResourcePolicy":0,"aws:networkmanager/getConnection:getConnection":0,"aws:networkmanager/getConnections:getConnections":0,"aws:networkmanager/getCoreNetworkPolicyDocument:getCoreNetworkPolicyDocument":0,"aws:networkmanager/getDevice:getDevice":0,"aws:networkmanager/getDevices:getDevices":0,"aws:networkmanager/getGlobalNetwork:getGlobalNetwork":0,"aws:networkmanager/getGlobalNetworks:getGlobalNetworks":0,"aws:networkmanager/getLink:getLink":0,"aws:networkmanager/getLinks:getLinks":0,"aws:networkmanager/getSite:getSite":0,"aws:networkmanager/getSites:getSites":0,"aws:oam/getLink:getLink":0,"aws:oam/getLinks:getLinks":0,"aws:oam/getSink:getSink":0,"aws:oam/getSinks:getSinks":0,"aws:odb/getCloudAutonomousVmCluster:getCloudAutonomousVmCluster":1,"aws:odb/getCloudAutonomousVmClusters:getCloudAutonomousVmClusters":1,"aws:odb/getCloudExadataInfrastructure:getCloudExadataInfrastructure":1,"aws:odb/getCloudExadataInfrastructures:getCloudExadataInfrastructures":1,"aws:odb/getCloudVmCluster:getCloudVmCluster":1,"aws:odb/getCloudVmClusters:getCloudVmClusters":1,"aws:odb/getDbNode:getDbNode":1,"aws:odb/getDbNodes:getDbNodes":1,"aws:odb/getDbServer:getDbServer":1,"aws:odb/getDbServers:getDbServers":1,"aws:odb/getDbSystemShapes:getDbSystemShapes":1,"aws:odb/getGiVersions:getGiVersions":1,"aws:odb/getNetwork:getNetwork":1,"aws:odb/getNetworkPeeringConnection:getNetworkPeeringConnection":1,"aws:odb/getNetworkPeeringConnections:getNetworkPeeringConnections":1,"aws:odb/getNetworks:getNetworks":1,"aws:opensearch/getDomain:getDomain":0,"aws:opensearch/getServerlessAccessPolicy:getServerlessAccessPolicy":1,"aws:opensearch/getServerlessCollection:getServerlessCollection":1,"aws:opensearch/getServerlessLifecyclePolicy:getServerlessLifecyclePolicy":1,"aws:opensearch/getServerlessSecurityConfig:getServerlessSecurityConfig":1,"aws:opensearch/getServerlessSecurityPolicy:getServerlessSecurityPolicy":0,"aws:opensearch/getServerlessVpcEndpoint:getServerlessVpcEndpoint":0,"aws:organizations/getDelegatedAdministrators:getDelegatedAdministrators":0,"aws:organizations/getDelegatedServices:getDelegatedServices":0,"aws:organizations/getOrganization:getOrganization":0,"aws:organizations/getOrganizationalUnit:getOrganizationalUnit":0,"aws:organizations/getOrganizationalUnitChildAccounts:getOrganizationalUnitChildAccounts":0,"aws:organizations/getOrganizationalUnitDescendantAccounts:getOrganizationalUnitDescendantAccounts":0,"aws:organizations/getOrganizationalUnitDescendantOrganizationalUnits:getOrganizationalUnitDescendantOrganizationalUnits":0,"aws:organizations/getOrganizationalUnits:getOrganizationalUnits":0,"aws:organizations/getPolicies:getPolicies":0,"aws:organizations/getPoliciesForTarget:getPoliciesForTarget":0,"aws:organizations/getPolicy:getPolicy":0,"aws:organizations/getResourceTags:getResourceTags":0,"aws:outposts/getAsset:getAsset":0,"aws:outposts/getAssets:getAssets":0,"aws:outposts/getOutpost:getOutpost":0,"aws:outposts/getOutpostInstanceType:getOutpostInstanceType":0,"aws:outposts/getOutpostInstanceTypes:getOutpostInstanceTypes":0,"aws:outposts/getOutposts:getOutposts":0,"aws:outposts/getSite:getSite":0,"aws:outposts/getSites:getSites":0,"aws:polly/getVoices:getVoices":1,"aws:pricing/getProduct:getProduct":0,"aws:qldb/getLedger:getLedger":0,"aws:quicksight/getDataSet:getDataSet":0,"aws:quicksight/getQuicksightAnalysis:getQuicksightAnalysis":0,"aws:quicksight/getQuicksightGroup:getQuicksightGroup":0,"aws:quicksight/getQuicksightUser:getQuicksightUser":0,"aws:quicksight/getTheme:getTheme":0,"aws:ram/getResourceShare:getResourceShare":0,"aws:rds/getCertificate:getCertificate":0,"aws:rds/getCluster:getCluster":0,"aws:rds/getClusterParameterGroup:getClusterParameterGroup":1,"aws:rds/getClusterSnapshot:getClusterSnapshot":0,"aws:rds/getClusters:getClusters":0,"aws:rds/getEngineVersion:getEngineVersion":0,"aws:rds/getEventCategories:getEventCategories":0,"aws:rds/getGlobalCluster:getGlobalCluster":1,"aws:rds/getInstance:getInstance":0,"aws:rds/getInstances:getInstances":0,"aws:rds/getOrderableDbInstance:getOrderableDbInstance":0,"aws:rds/getParameterGroup:getParameterGroup":0,"aws:rds/getProxy:getProxy":0,"aws:rds/getReservedInstanceOffering:getReservedInstanceOffering":0,"aws:rds/getSnapshot:getSnapshot":0,"aws:rds/getSubnetGroup:getSubnetGroup":0,"aws:redshift/getCluster:getCluster":0,"aws:redshift/getClusterCredentials:getClusterCredentials":0,"aws:redshift/getDataShares:getDataShares":1,"aws:redshift/getOrderableCluster:getOrderableCluster":0,"aws:redshift/getProducerDataShares:getProducerDataShares":1,"aws:redshift/getSubnetGroup:getSubnetGroup":0,"aws:redshiftserverless/getCredentials:getCredentials":0,"aws:redshiftserverless/getNamespace:getNamespace":0,"aws:redshiftserverless/getWorkgroup:getWorkgroup":0,"aws:resourceexplorer/search:Search":1,"aws:resourcegroupstaggingapi/getResources:getResources":0,"aws:route53/getDelegationSet:getDelegationSet":0,"aws:route53/getProfilesProfiles:getProfilesProfiles":1,"aws:route53/getQueryLogConfig:getQueryLogConfig":0,"aws:route53/getRecords:getRecords":1,"aws:route53/getResolverEndpoint:getResolverEndpoint":0,"aws:route53/getResolverFirewallConfig:getResolverFirewallConfig":0,"aws:route53/getResolverFirewallDomainList:getResolverFirewallDomainList":0,"aws:route53/getResolverFirewallRuleGroup:getResolverFirewallRuleGroup":0,"aws:route53/getResolverFirewallRuleGroupAssociation:getResolverFirewallRuleGroupAssociation":0,"aws:route53/getResolverFirewallRules:getResolverFirewallRules":0,"aws:route53/getResolverRule:getResolverRule":0,"aws:route53/getResolverRules:getResolverRules":0,"aws:route53/getTrafficPolicyDocument:getTrafficPolicyDocument":0,"aws:route53/getZone:getZone":0,"aws:route53/getZones:getZones":1,"aws:s3/getAccessPoint:getAccessPoint":1,"aws:s3/getAccountPublicAccessBlock:getAccountPublicAccessBlock":0,"aws:s3/getBucket:getBucket":0,"aws:s3/getBucketObject:getBucketObject":0,"aws:s3/getBucketObjects:getBucketObjects":0,"aws:s3/getBucketPolicy:getBucketPolicy":0,"aws:s3/getCanonicalUserId:getCanonicalUserId":0,"aws:s3/getDirectoryBuckets:getDirectoryBuckets":1,"aws:s3/getObject:getObject":0,"aws:s3/getObjects:getObjects":0,"aws:s3control/getMultiRegionAccessPoint:getMultiRegionAccessPoint":0,"aws:sagemaker/getPrebuiltEcrImage:getPrebuiltEcrImage":0,"aws:secretsmanager/getRandomPassword:getRandomPassword":0,"aws:secretsmanager/getSecret:getSecret":0,"aws:secretsmanager/getSecretRotation:getSecretRotation":0,"aws:secretsmanager/getSecretVersion:getSecretVersion":0,"aws:secretsmanager/getSecretVersions:getSecretVersions":1,"aws:secretsmanager/getSecrets:getSecrets":0,"aws:securityhub/getStandardsControlAssociations:getStandardsControlAssociations":1,"aws:serverlessrepository/getApplication:getApplication":0,"aws:servicecatalog/getAppregistryApplication:getAppregistryApplication":1,"aws:servicecatalog/getAppregistryAttributeGroup:getAppregistryAttributeGroup":1,"aws:servicecatalog/getAppregistryAttributeGroupAssociations:getAppregistryAttributeGroupAssociations":1,"aws:servicecatalog/getConstraint:getConstraint":0,"aws:servicecatalog/getLaunchPaths:getLaunchPaths":0,"aws:servicecatalog/getPortfolio:getPortfolio":0,"aws:servicecatalog/getPortfolioConstraints:getPortfolioConstraints":0,"aws:servicecatalog/getProduct:getProduct":0,"aws:servicecatalog/getProvisioningArtifacts:getProvisioningArtifacts":0,"aws:servicediscovery/getDnsNamespace:getDnsNamespace":0,"aws:servicediscovery/getHttpNamespace:getHttpNamespace":0,"aws:servicediscovery/getService:getService":0,"aws:servicequotas/getService:getService":0,"aws:servicequotas/getServiceQuota:getServiceQuota":0,"aws:servicequotas/getTemplates:getTemplates":1,"aws:ses/getActiveReceiptRuleSet:getActiveReceiptRuleSet":0,"aws:ses/getDomainIdentity:getDomainIdentity":0,"aws:ses/getEmailIdentity:getEmailIdentity":0,"aws:sesv2/getConfigurationSet:getConfigurationSet":0,"aws:sesv2/getDedicatedIpPool:getDedicatedIpPool":0,"aws:sesv2/getEmailIdentity:getEmailIdentity":0,"aws:sesv2/getEmailIdentityMailFromAttributes:getEmailIdentityMailFromAttributes":0,"aws:sfn/getActivity:getActivity":0,"aws:sfn/getAlias:getAlias":0,"aws:sfn/getStateMachine:getStateMachine":0,"aws:sfn/getStateMachineVersions:getStateMachineVersions":0,"aws:shield/getProtection:getProtection":1,"aws:signer/getSigningJob:getSigningJob":0,"aws:signer/getSigningProfile:getSigningProfile":0,"aws:sns/getTopic:getTopic":0,"aws:sqs/getQueue:getQueue":0,"aws:sqs/getQueues:getQueues":0,"aws:ssm/getContactsRotation:getContactsRotation":1,"aws:ssm/getDocument:getDocument":0,"aws:ssm/getInstances:getInstances":0,"aws:ssm/getMaintenanceWindows:getMaintenanceWindows":0,"aws:ssm/getParameter:getParameter":0,"aws:ssm/getParametersByPath:getParametersByPath":0,"aws:ssm/getPatchBaseline:getPatchBaseline":0,"aws:ssm/getPatchBaselines:getPatchBaselines":1,"aws:ssmcontacts/getContact:getContact":0,"aws:ssmcontacts/getContactChannel:getContactChannel":0,"aws:ssmcontacts/getPlan:getPlan":0,"aws:ssmincidents/getReplicationSet:getReplicationSet":0,"aws:ssmincidents/getResponsePlan:getResponsePlan":0,"aws:ssoadmin/getApplication:getApplication":1,"aws:ssoadmin/getApplicationAssignments:getApplicationAssignments":1,"aws:ssoadmin/getApplicationProviders:getApplicationProviders":1,"aws:ssoadmin/getInstances:getInstances":0,"aws:ssoadmin/getPermissionSet:getPermissionSet":0,"aws:ssoadmin/getPermissionSets:getPermissionSets":1,"aws:ssoadmin/getPrincipalApplicationAssignments:getPrincipalApplicationAssignments":1,"aws:storagegateway/getLocalDisk:getLocalDisk":0,"aws:synthetics/getRuntimeVersion:getRuntimeVersion":1,"aws:synthetics/getRuntimeVersions:getRuntimeVersions":1,"aws:timestreamwrite/getDatabase:getDatabase":1,"aws:timestreamwrite/getTable:getTable":1,"aws:transfer/getConnector:getConnector":1,"aws:transfer/getServer:getServer":0,"aws:verifiedpermissions/getPolicyStore:getPolicyStore":1,"aws:vpc/getEndpointAssociations:getEndpointAssociations":1,"aws:vpc/getSecurityGroupRule:getSecurityGroupRule":1,"aws:vpc/getSecurityGroupRules:getSecurityGroupRules":1,"aws:vpclattice/getAuthPolicy:getAuthPolicy":0,"aws:vpclattice/getListener:getListener":0,"aws:vpclattice/getResourcePolicy:getResourcePolicy":0,"aws:vpclattice/getService:getService":0,"aws:vpclattice/getServiceNetwork:getServiceNetwork":0,"aws:vpn/getConnection:getConnection":1,"aws:waf/getIpset:getIpset":0,"aws:waf/getRateBasedRule:getRateBasedRule":0,"aws:waf/getRule:getRule":0,"aws:waf/getSubscribedRuleGroup:getSubscribedRuleGroup":0,"aws:waf/getWebAcl:getWebAcl":0,"aws:wafregional/getIpset:getIpset":0,"aws:wafregional/getRateBasedMod:getRateBasedMod":0,"aws:wafregional/getRule:getRule":0,"aws:wafregional/getSubscribedRuleGroup:getSubscribedRuleGroup":0,"aws:wafregional/getWebAcl:getWebAcl":0,"aws:wafv2/getIpSet:getIpSet":0,"aws:wafv2/getRegexPatternSet:getRegexPatternSet":0,"aws:wafv2/getRuleGroup:getRuleGroup":0,"aws:wafv2/getWebAcl:getWebAcl":0,"aws:workspaces/getBundle:getBundle":0,"aws:workspaces/getDirectory:getDirectory":0,"aws:workspaces/getImage:getImage":0,"aws:workspaces/getWorkspace:getWorkspace":0}}} \ No newline at end of file diff --git a/provider/cmd/pulumi-resource-aws/schema.json b/provider/cmd/pulumi-resource-aws/schema.json index dc6fac70391..1f68748fb1c 100644 --- a/provider/cmd/pulumi-resource-aws/schema.json +++ b/provider/cmd/pulumi-resource-aws/schema.json @@ -423,6 +423,10 @@ "type": "string", "description": "The region where AWS STS operations will take place. Examples\nare us-east-1 and us-west-2." }, + "tagPolicyCompliance": { + "type": "string", + "description": "The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are \"error\", \"warning\", and \"disabled\". When unset or \"disabled\", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable." + }, "token": { "type": "string", "description": "session token. A session token is only required if you are\nusing temporary security credentials.", @@ -1004,6 +1008,10 @@ "$ref": "#/types/aws:alb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups. Specify only if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e. See below.\n" }, + "jwtValidation": { + "$ref": "#/types/aws:alb/ListenerDefaultActionJwtValidation:ListenerDefaultActionJwtValidation", + "description": "Configuration block for creating a JWT validation action. Required if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is `jwt-validation`.\n" + }, "order": { "type": "integer", "description": "Order for the action. The action with the lowest value for order is performed first. Valid values are between \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`50000`\" pulumi-lang-dotnet=\"`50000`\" pulumi-lang-go=\"`50000`\" pulumi-lang-python=\"`50000`\" pulumi-lang-yaml=\"`50000`\" pulumi-lang-java=\"`50000`\"\u003e`50000`\u003c/span\u003e. Defaults to the position in the list of actions.\n" @@ -1018,7 +1026,7 @@ }, "type": { "type": "string", - "description": "Type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n\nThe following arguments are optional:\n" + "description": "Type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.\n\nThe following arguments are optional:\n" } }, "type": "object", @@ -1248,6 +1256,55 @@ "arn" ] }, + "aws:alb/ListenerDefaultActionJwtValidation:ListenerDefaultActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:alb/ListenerDefaultActionJwtValidationAdditionalClaim:ListenerDefaultActionJwtValidationAdditionalClaim" + }, + "description": "Repeatable configuration block for additional claims to validate.\n" + }, + "issuer": { + "type": "string", + "description": "Issuer of the JWT.\n" + }, + "jwksEndpoint": { + "type": "string", + "description": "JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.\n\nThe following arguments are optional:\n" + } + }, + "type": "object", + "required": [ + "issuer", + "jwksEndpoint" + ] + }, + "aws:alb/ListenerDefaultActionJwtValidationAdditionalClaim:ListenerDefaultActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string", + "description": "Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.\n" + }, + "name": { + "type": "string", + "description": "Name of the claim to validate. \u003cspan pulumi-lang-nodejs=\"`exp`\" pulumi-lang-dotnet=\"`Exp`\" pulumi-lang-go=\"`exp`\" pulumi-lang-python=\"`exp`\" pulumi-lang-yaml=\"`exp`\" pulumi-lang-java=\"`exp`\"\u003e`exp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nbf`\" pulumi-lang-dotnet=\"`Nbf`\" pulumi-lang-go=\"`nbf`\" pulumi-lang-python=\"`nbf`\" pulumi-lang-yaml=\"`nbf`\" pulumi-lang-java=\"`nbf`\"\u003e`nbf`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`iat`\" pulumi-lang-dotnet=\"`Iat`\" pulumi-lang-go=\"`iat`\" pulumi-lang-python=\"`iat`\" pulumi-lang-yaml=\"`iat`\" pulumi-lang-java=\"`iat`\"\u003e`iat`\u003c/span\u003e cannot be specified because they are validated by default.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of expected values of the claim.\n" + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ] + }, "aws:alb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { @@ -1330,6 +1387,10 @@ "$ref": "#/types/aws:alb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e.\nCannot be specified with \u003cspan pulumi-lang-nodejs=\"`targetGroupArn`\" pulumi-lang-dotnet=\"`TargetGroupArn`\" pulumi-lang-go=\"`targetGroupArn`\" pulumi-lang-python=\"`target_group_arn`\" pulumi-lang-yaml=\"`targetGroupArn`\" pulumi-lang-java=\"`targetGroupArn`\"\u003e`target_group_arn`\u003c/span\u003e.\n" }, + "jwtValidation": { + "$ref": "#/types/aws:alb/ListenerRuleActionJwtValidation:ListenerRuleActionJwtValidation", + "description": "Information for creating a JWT validation action. Required if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is `jwt-validation`.\n" + }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`50000`\" pulumi-lang-dotnet=\"`50000`\" pulumi-lang-go=\"`50000`\" pulumi-lang-python=\"`50000`\" pulumi-lang-yaml=\"`50000`\" pulumi-lang-java=\"`50000`\"\u003e`50000`\u003c/span\u003e.\nDefaults to the position in the list of actions.\n" @@ -1344,7 +1405,7 @@ }, "type": { "type": "string", - "description": "The type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n" + "description": "The type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.\n" } }, "type": "object", @@ -1568,6 +1629,55 @@ "arn" ] }, + "aws:alb/ListenerRuleActionJwtValidation:ListenerRuleActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:alb/ListenerRuleActionJwtValidationAdditionalClaim:ListenerRuleActionJwtValidationAdditionalClaim" + }, + "description": "Repeatable configuration block for additional claims to validate.\n" + }, + "issuer": { + "type": "string", + "description": "Issuer of the JWT.\n" + }, + "jwksEndpoint": { + "type": "string", + "description": "JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.\n" + } + }, + "type": "object", + "required": [ + "issuer", + "jwksEndpoint" + ] + }, + "aws:alb/ListenerRuleActionJwtValidationAdditionalClaim:ListenerRuleActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string", + "description": "Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.\n" + }, + "name": { + "type": "string", + "description": "Name of the claim to validate. \u003cspan pulumi-lang-nodejs=\"`exp`\" pulumi-lang-dotnet=\"`Exp`\" pulumi-lang-go=\"`exp`\" pulumi-lang-python=\"`exp`\" pulumi-lang-yaml=\"`exp`\" pulumi-lang-java=\"`exp`\"\u003e`exp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nbf`\" pulumi-lang-dotnet=\"`Nbf`\" pulumi-lang-go=\"`nbf`\" pulumi-lang-python=\"`nbf`\" pulumi-lang-yaml=\"`nbf`\" pulumi-lang-java=\"`nbf`\"\u003e`nbf`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`iat`\" pulumi-lang-dotnet=\"`Iat`\" pulumi-lang-go=\"`iat`\" pulumi-lang-python=\"`iat`\" pulumi-lang-yaml=\"`iat`\" pulumi-lang-java=\"`iat`\"\u003e`iat`\u003c/span\u003e cannot be specified because they are validated by default.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of expected values of the claim.\n" + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ] + }, "aws:alb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { @@ -2096,6 +2206,12 @@ "$ref": "#/types/aws:alb/getListenerDefaultActionForward:getListenerDefaultActionForward" } }, + "jwtValidations": { + "type": "array", + "items": { + "$ref": "#/types/aws:alb/getListenerDefaultActionJwtValidation:getListenerDefaultActionJwtValidation" + } + }, "order": { "type": "integer" }, @@ -2118,6 +2234,7 @@ "authenticateOidcs", "fixedResponses", "forwards", + "jwtValidations", "order", "redirects", "targetGroupArn", @@ -2327,6 +2444,60 @@ } } }, + "aws:alb/getListenerDefaultActionJwtValidation:getListenerDefaultActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:alb/getListenerDefaultActionJwtValidationAdditionalClaim:getListenerDefaultActionJwtValidationAdditionalClaim" + } + }, + "issuer": { + "type": "string" + }, + "jwksEndpoint": { + "type": "string" + } + }, + "type": "object", + "required": [ + "additionalClaims", + "issuer", + "jwksEndpoint" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "aws:alb/getListenerDefaultActionJwtValidationAdditionalClaim:getListenerDefaultActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string" + }, + "name": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "aws:alb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { @@ -2581,7 +2752,7 @@ "properties": { "logGroupArn": { "type": "string", - "description": "The ARN of the CloudWatch log group to which query logs will be sent.\n" + "description": "The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`\n" } }, "type": "object", @@ -2778,7 +2949,7 @@ "properties": { "logGroupArn": { "type": "string", - "description": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.\n" + "description": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`\n" } }, "type": "object", @@ -25453,6 +25624,10 @@ }, "aws:bedrock/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping:AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping": { "properties": { + "customMetadataField": { + "type": "string", + "description": "Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.\n" + }, "metadataField": { "type": "string", "description": "Name of the field in which Amazon Bedrock stores metadata about the vector store.\n" @@ -25922,13 +26097,71 @@ }, "aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifact:AgentcoreAgentRuntimeAgentRuntimeArtifact": { "properties": { + "codeConfiguration": { + "$ref": "#/types/aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration", + "description": "Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of \u003cspan pulumi-lang-nodejs=\"`codeConfiguration`\" pulumi-lang-dotnet=\"`CodeConfiguration`\" pulumi-lang-go=\"`codeConfiguration`\" pulumi-lang-python=\"`code_configuration`\" pulumi-lang-yaml=\"`codeConfiguration`\" pulumi-lang-java=\"`codeConfiguration`\"\u003e`code_configuration`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`containerConfiguration`\" pulumi-lang-dotnet=\"`ContainerConfiguration`\" pulumi-lang-go=\"`containerConfiguration`\" pulumi-lang-python=\"`container_configuration`\" pulumi-lang-yaml=\"`containerConfiguration`\" pulumi-lang-java=\"`containerConfiguration`\"\u003e`container_configuration`\u003c/span\u003e must be specified. See \u003cspan pulumi-lang-nodejs=\"`codeConfiguration`\" pulumi-lang-dotnet=\"`CodeConfiguration`\" pulumi-lang-go=\"`codeConfiguration`\" pulumi-lang-python=\"`code_configuration`\" pulumi-lang-yaml=\"`codeConfiguration`\" pulumi-lang-java=\"`codeConfiguration`\"\u003e`code_configuration`\u003c/span\u003e below.\n" + }, "containerConfiguration": { "$ref": "#/types/aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration:AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration", - "description": "Container configuration block. See \u003cspan pulumi-lang-nodejs=\"`containerConfiguration`\" pulumi-lang-dotnet=\"`ContainerConfiguration`\" pulumi-lang-go=\"`containerConfiguration`\" pulumi-lang-python=\"`container_configuration`\" pulumi-lang-yaml=\"`containerConfiguration`\" pulumi-lang-java=\"`containerConfiguration`\"\u003e`container_configuration`\u003c/span\u003e below.\n" + "description": "Container configuration block for the agent artifact. Exactly one of \u003cspan pulumi-lang-nodejs=\"`codeConfiguration`\" pulumi-lang-dotnet=\"`CodeConfiguration`\" pulumi-lang-go=\"`codeConfiguration`\" pulumi-lang-python=\"`code_configuration`\" pulumi-lang-yaml=\"`codeConfiguration`\" pulumi-lang-java=\"`codeConfiguration`\"\u003e`code_configuration`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`containerConfiguration`\" pulumi-lang-dotnet=\"`ContainerConfiguration`\" pulumi-lang-go=\"`containerConfiguration`\" pulumi-lang-python=\"`container_configuration`\" pulumi-lang-yaml=\"`containerConfiguration`\" pulumi-lang-java=\"`containerConfiguration`\"\u003e`container_configuration`\u003c/span\u003e must be specified. See \u003cspan pulumi-lang-nodejs=\"`containerConfiguration`\" pulumi-lang-dotnet=\"`ContainerConfiguration`\" pulumi-lang-go=\"`containerConfiguration`\" pulumi-lang-python=\"`container_configuration`\" pulumi-lang-yaml=\"`containerConfiguration`\" pulumi-lang-java=\"`containerConfiguration`\"\u003e`container_configuration`\u003c/span\u003e below.\n" } }, "type": "object" }, + "aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration": { + "properties": { + "code": { + "$ref": "#/types/aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode", + "description": "Configuration block for the source code location and configuration details. See \u003cspan pulumi-lang-nodejs=\"`code`\" pulumi-lang-dotnet=\"`Code`\" pulumi-lang-go=\"`code`\" pulumi-lang-python=\"`code`\" pulumi-lang-yaml=\"`code`\" pulumi-lang-java=\"`code`\"\u003e`code`\u003c/span\u003e below.\n" + }, + "entryPoints": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `[\"main.py\"]`, `[\"opentelemetry-instrument\", \"main.py\"]`.\n" + }, + "runtime": { + "type": "string", + "description": "Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.\n" + } + }, + "type": "object", + "required": [ + "entryPoints", + "runtime" + ] + }, + "aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode": { + "properties": { + "s3": { + "$ref": "#/types/aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3", + "description": "Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See \u003cspan pulumi-lang-nodejs=\"`s3`\" pulumi-lang-dotnet=\"`S3`\" pulumi-lang-go=\"`s3`\" pulumi-lang-python=\"`s3`\" pulumi-lang-yaml=\"`s3`\" pulumi-lang-java=\"`s3`\"\u003e`s3`\u003c/span\u003e below.\n" + } + }, + "type": "object" + }, + "aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3:AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3": { + "properties": { + "bucket": { + "type": "string", + "description": "Name of the Amazon S3 bucket.\n" + }, + "prefix": { + "type": "string", + "description": "Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.\n" + }, + "versionId": { + "type": "string", + "description": "Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.\n" + } + }, + "type": "object", + "required": [ + "bucket", + "prefix" + ] + }, "aws:bedrock/AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration:AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration": { "properties": { "containerUri": { @@ -28006,13 +28239,43 @@ }, "aws:bedrock/GuardrailContentPolicyConfigFiltersConfig:GuardrailContentPolicyConfigFiltersConfig": { "properties": { + "inputAction": { + "type": "string", + "description": "Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.\n" + }, + "inputEnabled": { + "type": "boolean", + "description": "Toggles guardrail evaluation on input.\n" + }, + "inputModalities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of selected input modalities. Valid values: `IMAGE`, `TEXT`.\n" + }, "inputStrength": { "type": "string", - "description": "Strength for filters.\n" + "description": "Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.\n" + }, + "outputAction": { + "type": "string", + "description": "Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.\n" + }, + "outputEnabled": { + "type": "boolean", + "description": "Toggles guardrail evaluation on output.\n" + }, + "outputModalities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of selected output modalities. Valid values: `IMAGE`, `TEXT`.\n" }, "outputStrength": { "type": "string", - "description": "Strength for filters.\n" + "description": "Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.\n" }, "type": { "type": "string", @@ -28878,6 +29141,99 @@ }, "type": "object" }, + "aws:billing/ViewDataFilterExpression:ViewDataFilterExpression": { + "properties": { + "dimensions": { + "$ref": "#/types/aws:billing/ViewDataFilterExpressionDimensions:ViewDataFilterExpressionDimensions", + "description": "Dimension to use for \u003cspan pulumi-lang-nodejs=\"`expression`\" pulumi-lang-dotnet=\"`Expression`\" pulumi-lang-go=\"`expression`\" pulumi-lang-python=\"`expression`\" pulumi-lang-yaml=\"`expression`\" pulumi-lang-java=\"`expression`\"\u003e`expression`\u003c/span\u003e. Refer to #dimensions for more details.\n" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws:billing/ViewDataFilterExpressionTag:ViewDataFilterExpressionTag" + }, + "description": "List of key value map specifying tags associated to the billing view being created.\n" + }, + "timeRange": { + "$ref": "#/types/aws:billing/ViewDataFilterExpressionTimeRange:ViewDataFilterExpressionTimeRange", + "description": "Time range to use for \u003cspan pulumi-lang-nodejs=\"`expression`\" pulumi-lang-dotnet=\"`Expression`\" pulumi-lang-go=\"`expression`\" pulumi-lang-python=\"`expression`\" pulumi-lang-yaml=\"`expression`\" pulumi-lang-java=\"`expression`\"\u003e`expression`\u003c/span\u003e. Refer to #time-range for more details.\n" + } + }, + "type": "object" + }, + "aws:billing/ViewDataFilterExpressionDimensions:ViewDataFilterExpressionDimensions": { + "properties": { + "key": { + "type": "string", + "description": "Key of the dimension. Possible values are `LINKED_ACCOUNT`.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of metadata values that you can use to filter and group your results.\n" + } + }, + "type": "object", + "required": [ + "key", + "values" + ] + }, + "aws:billing/ViewDataFilterExpressionTag:ViewDataFilterExpressionTag": { + "properties": { + "key": { + "type": "string", + "description": "Key of the tag.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of values for the tag.\n" + } + }, + "type": "object", + "required": [ + "key", + "values" + ] + }, + "aws:billing/ViewDataFilterExpressionTimeRange:ViewDataFilterExpressionTimeRange": { + "properties": { + "beginDateInclusive": { + "type": "string", + "description": "Inclusive end date of the time range.\n" + }, + "endDateInclusive": { + "type": "string" + } + }, + "type": "object", + "required": [ + "beginDateInclusive", + "endDateInclusive" + ] + }, + "aws:billing/ViewTimeouts:ViewTimeouts": { + "properties": { + "create": { + "type": "string", + "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" + }, + "delete": { + "type": "string", + "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.\n" + }, + "update": { + "type": "string", + "description": "A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as \"30s\" or \"2h45m\". Valid time units are \"s\" (seconds), \"m\" (minutes), \"h\" (hours).\n" + } + }, + "type": "object" + }, "aws:billing/getViewsBillingView:getViewsBillingView": { "properties": { "arn": { @@ -38133,7 +38489,7 @@ "properties": { "address": { "type": "string", - "description": "The ARN of notification rule target. For example, a SNS Topic ARN.\n" + "description": "The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.\n" }, "status": { "type": "string", @@ -38141,7 +38497,7 @@ }, "type": { "type": "string", - "description": "The type of the notification target. Default value is `SNS`.\n" + "description": "The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.\n" } }, "type": "object", @@ -51697,6 +52053,22 @@ } } }, + "aws:dynamodb/TableGlobalTableWitness:TableGlobalTableWitness": { + "properties": { + "regionName": { + "type": "string", + "description": "Name of the AWS Region that serves as a witness for the MRSC global table.\n" + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "regionName" + ] + } + } + }, "aws:dynamodb/TableImportTable:TableImportTable": { "properties": { "inputCompressionType": { @@ -79264,7 +79636,7 @@ "properties": { "key": { "type": "string", - "description": "Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.\n" + "description": "Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.\n" }, "value": { "type": "string", @@ -79381,7 +79753,7 @@ "properties": { "logGroupArn": { "type": "string", - "description": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.\n" + "description": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`\n" } }, "type": "object", @@ -105843,6 +106215,10 @@ "$ref": "#/types/aws:lb/ListenerDefaultActionForward:ListenerDefaultActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups. Specify only if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e. See below.\n" }, + "jwtValidation": { + "$ref": "#/types/aws:lb/ListenerDefaultActionJwtValidation:ListenerDefaultActionJwtValidation", + "description": "Configuration block for creating a JWT validation action. Required if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is `jwt-validation`.\n" + }, "order": { "type": "integer", "description": "Order for the action. The action with the lowest value for order is performed first. Valid values are between \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`50000`\" pulumi-lang-dotnet=\"`50000`\" pulumi-lang-go=\"`50000`\" pulumi-lang-python=\"`50000`\" pulumi-lang-yaml=\"`50000`\" pulumi-lang-java=\"`50000`\"\u003e`50000`\u003c/span\u003e. Defaults to the position in the list of actions.\n" @@ -105857,7 +106233,7 @@ }, "type": { "type": "string", - "description": "Type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n\nThe following arguments are optional:\n" + "description": "Type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.\n\nThe following arguments are optional:\n" } }, "type": "object", @@ -106087,6 +106463,55 @@ "arn" ] }, + "aws:lb/ListenerDefaultActionJwtValidation:ListenerDefaultActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/ListenerDefaultActionJwtValidationAdditionalClaim:ListenerDefaultActionJwtValidationAdditionalClaim" + }, + "description": "Repeatable configuration block for additional claims to validate.\n" + }, + "issuer": { + "type": "string", + "description": "Issuer of the JWT.\n" + }, + "jwksEndpoint": { + "type": "string", + "description": "JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.\n\nThe following arguments are optional:\n" + } + }, + "type": "object", + "required": [ + "issuer", + "jwksEndpoint" + ] + }, + "aws:lb/ListenerDefaultActionJwtValidationAdditionalClaim:ListenerDefaultActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string", + "description": "Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.\n" + }, + "name": { + "type": "string", + "description": "Name of the claim to validate. \u003cspan pulumi-lang-nodejs=\"`exp`\" pulumi-lang-dotnet=\"`Exp`\" pulumi-lang-go=\"`exp`\" pulumi-lang-python=\"`exp`\" pulumi-lang-yaml=\"`exp`\" pulumi-lang-java=\"`exp`\"\u003e`exp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nbf`\" pulumi-lang-dotnet=\"`Nbf`\" pulumi-lang-go=\"`nbf`\" pulumi-lang-python=\"`nbf`\" pulumi-lang-yaml=\"`nbf`\" pulumi-lang-java=\"`nbf`\"\u003e`nbf`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`iat`\" pulumi-lang-dotnet=\"`Iat`\" pulumi-lang-go=\"`iat`\" pulumi-lang-python=\"`iat`\" pulumi-lang-yaml=\"`iat`\" pulumi-lang-java=\"`iat`\"\u003e`iat`\u003c/span\u003e cannot be specified because they are validated by default.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of expected values of the claim.\n" + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ] + }, "aws:lb/ListenerDefaultActionRedirect:ListenerDefaultActionRedirect": { "properties": { "host": { @@ -106169,6 +106594,10 @@ "$ref": "#/types/aws:lb/ListenerRuleActionForward:ListenerRuleActionForward", "description": "Configuration block for creating an action that distributes requests among one or more target groups.\nSpecify only if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e.\nCannot be specified with \u003cspan pulumi-lang-nodejs=\"`targetGroupArn`\" pulumi-lang-dotnet=\"`TargetGroupArn`\" pulumi-lang-go=\"`targetGroupArn`\" pulumi-lang-python=\"`target_group_arn`\" pulumi-lang-yaml=\"`targetGroupArn`\" pulumi-lang-java=\"`targetGroupArn`\"\u003e`target_group_arn`\u003c/span\u003e.\n" }, + "jwtValidation": { + "$ref": "#/types/aws:lb/ListenerRuleActionJwtValidation:ListenerRuleActionJwtValidation", + "description": "Information for creating a JWT validation action. Required if \u003cspan pulumi-lang-nodejs=\"`type`\" pulumi-lang-dotnet=\"`Type`\" pulumi-lang-go=\"`type`\" pulumi-lang-python=\"`type`\" pulumi-lang-yaml=\"`type`\" pulumi-lang-java=\"`type`\"\u003e`type`\u003c/span\u003e is `jwt-validation`.\n" + }, "order": { "type": "integer", "description": "Order for the action.\nThe action with the lowest value for order is performed first.\nValid values are between \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`50000`\" pulumi-lang-dotnet=\"`50000`\" pulumi-lang-go=\"`50000`\" pulumi-lang-python=\"`50000`\" pulumi-lang-yaml=\"`50000`\" pulumi-lang-java=\"`50000`\"\u003e`50000`\u003c/span\u003e.\nDefaults to the position in the list of actions.\n" @@ -106183,7 +106612,7 @@ }, "type": { "type": "string", - "description": "The type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.\n" + "description": "The type of routing action. Valid values are \u003cspan pulumi-lang-nodejs=\"`forward`\" pulumi-lang-dotnet=\"`Forward`\" pulumi-lang-go=\"`forward`\" pulumi-lang-python=\"`forward`\" pulumi-lang-yaml=\"`forward`\" pulumi-lang-java=\"`forward`\"\u003e`forward`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`redirect`\" pulumi-lang-dotnet=\"`Redirect`\" pulumi-lang-go=\"`redirect`\" pulumi-lang-python=\"`redirect`\" pulumi-lang-yaml=\"`redirect`\" pulumi-lang-java=\"`redirect`\"\u003e`redirect`\u003c/span\u003e, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.\n" } }, "type": "object", @@ -106407,6 +106836,55 @@ "arn" ] }, + "aws:lb/ListenerRuleActionJwtValidation:ListenerRuleActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/ListenerRuleActionJwtValidationAdditionalClaim:ListenerRuleActionJwtValidationAdditionalClaim" + }, + "description": "Repeatable configuration block for additional claims to validate.\n" + }, + "issuer": { + "type": "string", + "description": "Issuer of the JWT.\n" + }, + "jwksEndpoint": { + "type": "string", + "description": "JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.\n" + } + }, + "type": "object", + "required": [ + "issuer", + "jwksEndpoint" + ] + }, + "aws:lb/ListenerRuleActionJwtValidationAdditionalClaim:ListenerRuleActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string", + "description": "Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.\n" + }, + "name": { + "type": "string", + "description": "Name of the claim to validate. \u003cspan pulumi-lang-nodejs=\"`exp`\" pulumi-lang-dotnet=\"`Exp`\" pulumi-lang-go=\"`exp`\" pulumi-lang-python=\"`exp`\" pulumi-lang-yaml=\"`exp`\" pulumi-lang-java=\"`exp`\"\u003e`exp`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`iss`\" pulumi-lang-dotnet=\"`Iss`\" pulumi-lang-go=\"`iss`\" pulumi-lang-python=\"`iss`\" pulumi-lang-yaml=\"`iss`\" pulumi-lang-java=\"`iss`\"\u003e`iss`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`nbf`\" pulumi-lang-dotnet=\"`Nbf`\" pulumi-lang-go=\"`nbf`\" pulumi-lang-python=\"`nbf`\" pulumi-lang-yaml=\"`nbf`\" pulumi-lang-java=\"`nbf`\"\u003e`nbf`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`iat`\" pulumi-lang-dotnet=\"`Iat`\" pulumi-lang-go=\"`iat`\" pulumi-lang-python=\"`iat`\" pulumi-lang-yaml=\"`iat`\" pulumi-lang-java=\"`iat`\"\u003e`iat`\u003c/span\u003e cannot be specified because they are validated by default.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of expected values of the claim.\n" + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ] + }, "aws:lb/ListenerRuleActionRedirect:ListenerRuleActionRedirect": { "properties": { "host": { @@ -106922,6 +107400,12 @@ "$ref": "#/types/aws:lb/getListenerDefaultActionForward:getListenerDefaultActionForward" } }, + "jwtValidations": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/getListenerDefaultActionJwtValidation:getListenerDefaultActionJwtValidation" + } + }, "order": { "type": "integer" }, @@ -106944,6 +107428,7 @@ "authenticateOidcs", "fixedResponses", "forwards", + "jwtValidations", "order", "redirects", "targetGroupArn", @@ -107153,6 +107638,60 @@ } } }, + "aws:lb/getListenerDefaultActionJwtValidation:getListenerDefaultActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/getListenerDefaultActionJwtValidationAdditionalClaim:getListenerDefaultActionJwtValidationAdditionalClaim" + } + }, + "issuer": { + "type": "string" + }, + "jwksEndpoint": { + "type": "string" + } + }, + "type": "object", + "required": [ + "additionalClaims", + "issuer", + "jwksEndpoint" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "aws:lb/getListenerDefaultActionJwtValidationAdditionalClaim:getListenerDefaultActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string" + }, + "name": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "aws:lb/getListenerDefaultActionRedirect:getListenerDefaultActionRedirect": { "properties": { "host": { @@ -107248,6 +107787,13 @@ }, "description": "An action to forward the request.\nDetailed below.\n" }, + "jwtValidations": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/getListenerRuleActionJwtValidation:getListenerRuleActionJwtValidation" + }, + "description": "An action to validate using JWT.\nDetailed below.\n" + }, "order": { "type": "integer", "description": "The evaluation order of the action.\n" @@ -107349,7 +107895,7 @@ }, "issuer": { "type": "string", - "description": "OIDC issuer identifier of the IdP.\n" + "description": "Issuer of the JWT.\n" }, "onUnauthenticatedRequest": { "type": "string", @@ -107485,6 +108031,65 @@ } } }, + "aws:lb/getListenerRuleActionJwtValidation:getListenerRuleActionJwtValidation": { + "properties": { + "additionalClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws:lb/getListenerRuleActionJwtValidationAdditionalClaim:getListenerRuleActionJwtValidationAdditionalClaim" + }, + "description": "Additional claims to validate.\n" + }, + "issuer": { + "type": "string", + "description": "Issuer of the JWT.\n" + }, + "jwksEndpoint": { + "type": "string", + "description": "JSON Web Key Set (JWKS) endpoint.\n" + } + }, + "type": "object", + "required": [ + "issuer", + "jwksEndpoint" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "aws:lb/getListenerRuleActionJwtValidationAdditionalClaim:getListenerRuleActionJwtValidationAdditionalClaim": { + "properties": { + "format": { + "type": "string", + "description": "Format of the claim value.\n" + }, + "name": { + "type": "string", + "description": "Name of the claim to validate.\n" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Set of \u003cspan pulumi-lang-nodejs=\"`key`\" pulumi-lang-dotnet=\"`Key`\" pulumi-lang-go=\"`key`\" pulumi-lang-python=\"`key`\" pulumi-lang-yaml=\"`key`\" pulumi-lang-java=\"`key`\"\u003e`key`\u003c/span\u003e-\u003cspan pulumi-lang-nodejs=\"`value`\" pulumi-lang-dotnet=\"`Value`\" pulumi-lang-go=\"`value`\" pulumi-lang-python=\"`value`\" pulumi-lang-yaml=\"`value`\" pulumi-lang-java=\"`value`\"\u003e`value`\u003c/span\u003e pairs indicating the query string parameters to match.\n" + } + }, + "type": "object", + "required": [ + "format", + "name", + "values" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "aws:lb/getListenerRuleActionRedirect:getListenerRuleActionRedirect": { "properties": { "host": { @@ -140011,7 +140616,8 @@ "description": "The ID of the Exadata infrastructure that hosts the database server.\n" }, "id": { - "type": "string" + "type": "string", + "description": "The unique identifier of the database server.\n" }, "maxCpuCount": { "type": "integer", @@ -154732,6 +155338,13 @@ "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault", "description": "Single object for setting server-side encryption by default. See below.\n" }, + "blockedEncryptionTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.\n" + }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" @@ -154761,6 +155374,13 @@ "$ref": "#/types/aws:s3/BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault:BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault", "description": "Single object for setting server-side encryption by default. See below.\n" }, + "blockedEncryptionTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.\n" + }, "bucketKeyEnabled": { "type": "boolean", "description": "Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.\n" @@ -159821,9 +160441,16 @@ }, "aws:sagemaker/ModelContainer:ModelContainer": { "properties": { + "additionalModelDataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws:sagemaker/ModelContainerAdditionalModelDataSource:ModelContainerAdditionalModelDataSource" + }, + "description": "Additional data sources that are available to the model in addition to those specified in \u003cspan pulumi-lang-nodejs=\"`modelDataSource`\" pulumi-lang-dotnet=\"`ModelDataSource`\" pulumi-lang-go=\"`modelDataSource`\" pulumi-lang-python=\"`model_data_source`\" pulumi-lang-yaml=\"`modelDataSource`\" pulumi-lang-java=\"`modelDataSource`\"\u003e`model_data_source`\u003c/span\u003e. See Additional Model Data Source.\n" + }, "containerHostname": { "type": "string", - "description": "The DNS host name for the container.\n", + "description": "DNS host name for the container.\n", "willReplaceOnChanges": true }, "environment": { @@ -159831,12 +160458,12 @@ "additionalProperties": { "type": "string" }, - "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", + "description": "Environment variables for the Docker container.\n", "willReplaceOnChanges": true }, "image": { "type": "string", - "description": "The registry path where the inference code image is stored in Amazon ECR.\n", + "description": "Registry path where the inference code image is stored in Amazon ECR.\n", "willReplaceOnChanges": true }, "imageConfig": { @@ -159845,26 +160472,26 @@ }, "inferenceSpecificationName": { "type": "string", - "description": "The inference specification name in the model package version.\n", + "description": "Inference specification name in the model package version.\n", "willReplaceOnChanges": true }, "mode": { "type": "string", - "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n", + "description": "Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.\n", "willReplaceOnChanges": true }, "modelDataSource": { "$ref": "#/types/aws:sagemaker/ModelContainerModelDataSource:ModelContainerModelDataSource", - "description": "The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.\n" + "description": "Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.\n" }, "modelDataUrl": { "type": "string", - "description": "The URL for the S3 location where model artifacts are stored.\n", + "description": "URL for the S3 location where model artifacts are stored.\n", "willReplaceOnChanges": true }, "modelPackageName": { "type": "string", - "description": "The Amazon Resource Name (ARN) of the model package to use to create the model.\n", + "description": "Amazon Resource Name (ARN) of the model package to use to create the model.\nA list of key value pairs.\n", "willReplaceOnChanges": true }, "multiModelConfig": { @@ -159877,11 +160504,76 @@ "language": { "nodejs": { "requiredOutputs": [ + "additionalModelDataSources", "modelDataSource" ] } } }, + "aws:sagemaker/ModelContainerAdditionalModelDataSource:ModelContainerAdditionalModelDataSource": { + "properties": { + "channelName": { + "type": "string", + "description": "Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/\u003cchannel_name\u003e/`.\n", + "willReplaceOnChanges": true + }, + "s3DataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws:sagemaker/ModelContainerAdditionalModelDataSourceS3DataSource:ModelContainerAdditionalModelDataSourceS3DataSource" + }, + "description": "S3 location of model data to deploy. See S3 Data Source.\n" + } + }, + "type": "object", + "required": [ + "channelName", + "s3DataSources" + ] + }, + "aws:sagemaker/ModelContainerAdditionalModelDataSourceS3DataSource:ModelContainerAdditionalModelDataSourceS3DataSource": { + "properties": { + "compressionType": { + "type": "string", + "description": "How the model data is prepared. Allowed values are: `None` and `Gzip`.\n", + "willReplaceOnChanges": true + }, + "modelAccessConfig": { + "$ref": "#/types/aws:sagemaker/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig:ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig", + "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. See Model Access Config.\n", + "willReplaceOnChanges": true + }, + "s3DataType": { + "type": "string", + "description": "Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", + "willReplaceOnChanges": true + }, + "s3Uri": { + "type": "string", + "description": "The S3 path of model data to deploy.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "compressionType", + "s3DataType", + "s3Uri" + ] + }, + "aws:sagemaker/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig:ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig": { + "properties": { + "acceptEula": { + "type": "boolean", + "description": "Specifies agreement to the model end-user license agreement (EULA). The value must be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "acceptEula" + ] + }, "aws:sagemaker/ModelContainerImageConfig:ModelContainerImageConfig": { "properties": { "repositoryAccessMode": { @@ -159903,7 +160595,7 @@ "properties": { "repositoryCredentialsProviderArn": { "type": "string", - "description": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", + "description": "Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", "willReplaceOnChanges": true } }, @@ -159919,7 +160611,7 @@ "items": { "$ref": "#/types/aws:sagemaker/ModelContainerModelDataSourceS3DataSource:ModelContainerModelDataSourceS3DataSource" }, - "description": "The S3 location of model data to deploy.\n" + "description": "S3 location of model data to deploy. See S3 Data Source.\n" } }, "type": "object", @@ -159936,11 +160628,11 @@ }, "modelAccessConfig": { "$ref": "#/types/aws:sagemaker/ModelContainerModelDataSourceS3DataSourceModelAccessConfig:ModelContainerModelDataSourceS3DataSourceModelAccessConfig", - "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. see Model Access Config.\n" + "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. See Model Access Config.\n" }, "s3DataType": { "type": "string", - "description": "The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", + "description": "Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", "willReplaceOnChanges": true }, "s3Uri": { @@ -159960,7 +160652,7 @@ "properties": { "acceptEula": { "type": "boolean", - "description": "Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", + "description": "Specifies agreement to the model end-user license agreement (EULA). The value must be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", "willReplaceOnChanges": true } }, @@ -159983,7 +160675,7 @@ "properties": { "mode": { "type": "string", - "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n" + "description": "How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.\n" } }, "type": "object", @@ -159993,9 +160685,16 @@ }, "aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer": { "properties": { + "additionalModelDataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSource:ModelPrimaryContainerAdditionalModelDataSource" + }, + "description": "Additional data sources that are available to the model in addition to those specified in \u003cspan pulumi-lang-nodejs=\"`modelDataSource`\" pulumi-lang-dotnet=\"`ModelDataSource`\" pulumi-lang-go=\"`modelDataSource`\" pulumi-lang-python=\"`model_data_source`\" pulumi-lang-yaml=\"`modelDataSource`\" pulumi-lang-java=\"`modelDataSource`\"\u003e`model_data_source`\u003c/span\u003e. See Additional Model Data Source.\n" + }, "containerHostname": { "type": "string", - "description": "The DNS host name for the container.\n", + "description": "DNS host name for the container.\n", "willReplaceOnChanges": true }, "environment": { @@ -160003,12 +160702,12 @@ "additionalProperties": { "type": "string" }, - "description": "Environment variables for the Docker container.\nA list of key value pairs.\n", + "description": "Environment variables for the Docker container.\n", "willReplaceOnChanges": true }, "image": { "type": "string", - "description": "The registry path where the inference code image is stored in Amazon ECR.\n", + "description": "Registry path where the inference code image is stored in Amazon ECR.\n", "willReplaceOnChanges": true }, "imageConfig": { @@ -160017,26 +160716,25 @@ }, "inferenceSpecificationName": { "type": "string", - "description": "The inference specification name in the model package version.\n", + "description": "Inference specification name in the model package version.\n", "willReplaceOnChanges": true }, "mode": { "type": "string", - "description": "The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.\n", "willReplaceOnChanges": true }, "modelDataSource": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerModelDataSource:ModelPrimaryContainerModelDataSource", - "description": "The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.\n" + "description": "Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.\n" }, "modelDataUrl": { "type": "string", - "description": "The URL for the S3 location where model artifacts are stored.\n", + "description": "URL for the S3 location where model artifacts are stored.\n", "willReplaceOnChanges": true }, "modelPackageName": { "type": "string", - "description": "The Amazon Resource Name (ARN) of the model package to use to create the model.\n", + "description": "Amazon Resource Name (ARN) of the model package to use to create the model.\nA list of key value pairs.\n", "willReplaceOnChanges": true }, "multiModelConfig": { @@ -160049,11 +160747,76 @@ "language": { "nodejs": { "requiredOutputs": [ + "additionalModelDataSources", "modelDataSource" ] } } }, + "aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSource:ModelPrimaryContainerAdditionalModelDataSource": { + "properties": { + "channelName": { + "type": "string", + "description": "Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/\u003cchannel_name\u003e/`.\n", + "willReplaceOnChanges": true + }, + "s3DataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource:ModelPrimaryContainerAdditionalModelDataSourceS3DataSource" + }, + "description": "S3 location of model data to deploy. See S3 Data Source.\n" + } + }, + "type": "object", + "required": [ + "channelName", + "s3DataSources" + ] + }, + "aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource:ModelPrimaryContainerAdditionalModelDataSourceS3DataSource": { + "properties": { + "compressionType": { + "type": "string", + "description": "How the model data is prepared. Allowed values are: `None` and `Gzip`.\n", + "willReplaceOnChanges": true + }, + "modelAccessConfig": { + "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig:ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig", + "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. See Model Access Config.\n", + "willReplaceOnChanges": true + }, + "s3DataType": { + "type": "string", + "description": "Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", + "willReplaceOnChanges": true + }, + "s3Uri": { + "type": "string", + "description": "The S3 path of model data to deploy.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "compressionType", + "s3DataType", + "s3Uri" + ] + }, + "aws:sagemaker/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig:ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig": { + "properties": { + "acceptEula": { + "type": "boolean", + "description": "Specifies agreement to the model end-user license agreement (EULA). The value must be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "acceptEula" + ] + }, "aws:sagemaker/ModelPrimaryContainerImageConfig:ModelPrimaryContainerImageConfig": { "properties": { "repositoryAccessMode": { @@ -160075,7 +160838,7 @@ "properties": { "repositoryCredentialsProviderArn": { "type": "string", - "description": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", + "description": "Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.\n", "willReplaceOnChanges": true } }, @@ -160091,7 +160854,7 @@ "items": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerModelDataSourceS3DataSource:ModelPrimaryContainerModelDataSourceS3DataSource" }, - "description": "The S3 location of model data to deploy.\n" + "description": "S3 location of model data to deploy. See S3 Data Source.\n" } }, "type": "object", @@ -160108,12 +160871,12 @@ }, "modelAccessConfig": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig:ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig", - "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. see Model Access Config.\n", + "description": "Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [\u003cspan pulumi-lang-nodejs=\"`modelAccessConfig`\" pulumi-lang-dotnet=\"`ModelAccessConfig`\" pulumi-lang-go=\"`modelAccessConfig`\" pulumi-lang-python=\"`model_access_config`\" pulumi-lang-yaml=\"`modelAccessConfig`\" pulumi-lang-java=\"`modelAccessConfig`\"\u003e`model_access_config`\u003c/span\u003e configuration block]. See Model Access Config.\n", "willReplaceOnChanges": true }, "s3DataType": { "type": "string", - "description": "The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", + "description": "Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.\n", "willReplaceOnChanges": true }, "s3Uri": { @@ -160133,7 +160896,7 @@ "properties": { "acceptEula": { "type": "boolean", - "description": "Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", + "description": "Specifies agreement to the model end-user license agreement (EULA). The value must be set to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.\n", "willReplaceOnChanges": true } }, @@ -160158,13 +160921,15 @@ "type": "array", "items": { "type": "string" - } + }, + "description": "List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.\n" }, "subnets": { "type": "array", "items": { "type": "string" - } + }, + "description": "List of subnet IDs in the VPC to which you want to connect your training job or model.\n" } }, "type": "object", @@ -191288,6 +192053,10 @@ "type": "string", "description": "The region where AWS STS operations will take place. Examples\nare us-east-1 and us-west-2." }, + "tagPolicyCompliance": { + "type": "string", + "description": "The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are \"error\", \"warning\", and \"disabled\". When unset or \"disabled\", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable." + }, "token": { "type": "string", "description": "session token. A session token is only required if you are\nusing temporary security credentials.", @@ -191446,6 +192215,10 @@ "type": "string", "description": "The region where AWS STS operations will take place. Examples\nare us-east-1 and us-west-2." }, + "tagPolicyCompliance": { + "type": "string", + "description": "The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are \"error\", \"warning\", and \"disabled\". When unset or \"disabled\", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable." + }, "token": { "type": "string", "description": "session token. A session token is only required if you are\nusing temporary security credentials.", @@ -193056,7 +193829,7 @@ } }, "aws:alb/listener:Listener": { - "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.Listener`\" pulumi-lang-dotnet=\"`aws.alb.Listener`\" pulumi-lang-go=\"`alb.Listener`\" pulumi-lang-python=\"`alb.Listener`\" pulumi-lang-yaml=\"`aws.alb.Listener`\" pulumi-lang-java=\"`aws.alb.Listener`\"\u003e`aws.alb.Listener`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.Listener`\" pulumi-lang-dotnet=\"`aws.lb.Listener`\" pulumi-lang-go=\"`lb.Listener`\" pulumi-lang-python=\"`lb.Listener`\" pulumi-lang-yaml=\"`aws.lb.Listener`\" pulumi-lang-java=\"`aws.lb.Listener`\"\u003e`aws.lb.Listener`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith weighted target groups:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndBlue = new aws.lb.TargetGroup(\"front_end_blue\", {});\nconst frontEndGreen = new aws.lb.TargetGroup(\"front_end_green\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: frontEndBlue.arn,\n weight: 100,\n },\n {\n arn: frontEndGreen.arn,\n weight: 0,\n },\n ],\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_blue = aws.lb.TargetGroup(\"front_end_blue\")\nfront_end_green = aws.lb.TargetGroup(\"front_end_green\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": front_end_blue.arn,\n \"weight\": 100,\n },\n {\n \"arn\": front_end_green.arn,\n \"weight\": 0,\n },\n ],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndBlue = new Aws.LB.TargetGroup(\"front_end_blue\");\n\n var frontEndGreen = new Aws.LB.TargetGroup(\"front_end_green\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndBlue.Arn,\n Weight = 100,\n },\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndGreen.Arn,\n Weight = 0,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndBlue, err := lb.NewTargetGroup(ctx, \"front_end_blue\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndGreen, err := lb.NewTargetGroup(ctx, \"front_end_green\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndBlue.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndGreen.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(0),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionForwardArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndBlue = new TargetGroup(\"frontEndBlue\");\n\n var frontEndGreen = new TargetGroup(\"frontEndGreen\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndBlue.arn())\n .weight(100)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndGreen.arn())\n .weight(0)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndBlue:\n type: aws:lb:TargetGroup\n name: front_end_blue\n frontEndGreen:\n type: aws:lb:TargetGroup\n name: front_end_green\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${frontEndBlue.arn}\n weight: 100\n - arn: ${frontEndGreen.arn}\n weight: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(443)\n .protocol(\"TLS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(\"80\")\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener.\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n\n", + "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.Listener`\" pulumi-lang-dotnet=\"`aws.alb.Listener`\" pulumi-lang-go=\"`alb.Listener`\" pulumi-lang-python=\"`alb.Listener`\" pulumi-lang-yaml=\"`aws.alb.Listener`\" pulumi-lang-java=\"`aws.alb.Listener`\"\u003e`aws.alb.Listener`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.Listener`\" pulumi-lang-dotnet=\"`aws.lb.Listener`\" pulumi-lang-go=\"`lb.Listener`\" pulumi-lang-python=\"`lb.Listener`\" pulumi-lang-yaml=\"`aws.lb.Listener`\" pulumi-lang-java=\"`aws.lb.Listener`\"\u003e`aws.lb.Listener`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith weighted target groups:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndBlue = new aws.lb.TargetGroup(\"front_end_blue\", {});\nconst frontEndGreen = new aws.lb.TargetGroup(\"front_end_green\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: frontEndBlue.arn,\n weight: 100,\n },\n {\n arn: frontEndGreen.arn,\n weight: 0,\n },\n ],\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_blue = aws.lb.TargetGroup(\"front_end_blue\")\nfront_end_green = aws.lb.TargetGroup(\"front_end_green\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": front_end_blue.arn,\n \"weight\": 100,\n },\n {\n \"arn\": front_end_green.arn,\n \"weight\": 0,\n },\n ],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndBlue = new Aws.LB.TargetGroup(\"front_end_blue\");\n\n var frontEndGreen = new Aws.LB.TargetGroup(\"front_end_green\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndBlue.Arn,\n Weight = 100,\n },\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndGreen.Arn,\n Weight = 0,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndBlue, err := lb.NewTargetGroup(ctx, \"front_end_blue\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndGreen, err := lb.NewTargetGroup(ctx, \"front_end_green\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndBlue.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndGreen.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(0),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionForwardArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndBlue = new TargetGroup(\"frontEndBlue\");\n\n var frontEndGreen = new TargetGroup(\"frontEndGreen\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndBlue.arn())\n .weight(100)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndGreen.arn())\n .weight(0)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndBlue:\n type: aws:lb:TargetGroup\n name: front_end_blue\n frontEndGreen:\n type: aws:lb:TargetGroup\n name: front_end_green\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${frontEndBlue.arn}\n weight: 100\n - arn: ${frontEndGreen.arn}\n weight: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(443)\n .protocol(\"TLS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JWT Validation Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.Listener(\"test\", {\n loadBalancerArn: testAwsLb.id,\n protocol: \"HTTPS\",\n port: 443,\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: testAwsIamServerCertificate.arn,\n defaultActions: [\n {\n type: \"jwt-validation\",\n jwtValidation: {\n issuer: \"https://example.com\",\n jwksEndpoint: \"https://example.com/.well-known/jwks.json\",\n additionalClaims: [\n {\n format: \"string-array\",\n name: \"claim_name1\",\n values: [\n \"value1\",\n \"value2\",\n ],\n },\n {\n format: \"single-string\",\n name: \"claim_name2\",\n values: [\"value1\"],\n },\n ],\n },\n },\n {\n targetGroupArn: testAwsLbTargetGroup.id,\n type: \"forward\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.Listener(\"test\",\n load_balancer_arn=test_aws_lb[\"id\"],\n protocol=\"HTTPS\",\n port=443,\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=test_aws_iam_server_certificate[\"arn\"],\n default_actions=[\n {\n \"type\": \"jwt-validation\",\n \"jwt_validation\": {\n \"issuer\": \"https://example.com\",\n \"jwks_endpoint\": \"https://example.com/.well-known/jwks.json\",\n \"additional_claims\": [\n {\n \"format\": \"string-array\",\n \"name\": \"claim_name1\",\n \"values\": [\n \"value1\",\n \"value2\",\n ],\n },\n {\n \"format\": \"single-string\",\n \"name\": \"claim_name2\",\n \"values\": [\"value1\"],\n },\n ],\n },\n },\n {\n \"target_group_arn\": test_aws_lb_target_group[\"id\"],\n \"type\": \"forward\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.Listener(\"test\", new()\n {\n LoadBalancerArn = testAwsLb.Id,\n Protocol = \"HTTPS\",\n Port = 443,\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = testAwsIamServerCertificate.Arn,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"jwt-validation\",\n JwtValidation = new Aws.LB.Inputs.ListenerDefaultActionJwtValidationArgs\n {\n Issuer = \"https://example.com\",\n JwksEndpoint = \"https://example.com/.well-known/jwks.json\",\n AdditionalClaims = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs\n {\n Format = \"string-array\",\n Name = \"claim_name1\",\n Values = new[]\n {\n \"value1\",\n \"value2\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs\n {\n Format = \"single-string\",\n Name = \"claim_name2\",\n Values = new[]\n {\n \"value1\",\n },\n },\n },\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = testAwsLbTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"test\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(testAwsLb.Id),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.Any(testAwsIamServerCertificate.Arn),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"jwt-validation\"),\n\t\t\t\t\tJwtValidation: \u0026lb.ListenerDefaultActionJwtValidationArgs{\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tJwksEndpoint: pulumi.String(\"https://example.com/.well-known/jwks.json\"),\n\t\t\t\t\t\tAdditionalClaims: lb.ListenerDefaultActionJwtValidationAdditionalClaimArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{\n\t\t\t\t\t\t\t\tFormat: pulumi.String(\"string-array\"),\n\t\t\t\t\t\t\t\tName: pulumi.String(\"claim_name1\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value2\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{\n\t\t\t\t\t\t\t\tFormat: pulumi.String(\"single-string\"),\n\t\t\t\t\t\t\t\tName: pulumi.String(\"claim_name2\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(testAwsLbTargetGroup.Id),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Listener(\"test\", ListenerArgs.builder()\n .loadBalancerArn(testAwsLb.id())\n .protocol(\"HTTPS\")\n .port(443)\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(testAwsIamServerCertificate.arn())\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"jwt-validation\")\n .jwtValidation(ListenerDefaultActionJwtValidationArgs.builder()\n .issuer(\"https://example.com\")\n .jwksEndpoint(\"https://example.com/.well-known/jwks.json\")\n .additionalClaims( \n ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()\n .format(\"string-array\")\n .name(\"claim_name1\")\n .values( \n \"value1\",\n \"value2\")\n .build(),\n ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()\n .format(\"single-string\")\n .name(\"claim_name2\")\n .values(\"value1\")\n .build())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .targetGroupArn(testAwsLbTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${testAwsLb.id}\n protocol: HTTPS\n port: '443'\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: ${testAwsIamServerCertificate.arn}\n defaultActions:\n - type: jwt-validation\n jwtValidation:\n issuer: https://example.com\n jwksEndpoint: https://example.com/.well-known/jwks.json\n additionalClaims:\n - format: string-array\n name: claim_name1\n values:\n - value1\n - value2\n - format: single-string\n name: claim_name2\n values:\n - value1\n - targetGroupArn: ${testAwsLbTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(\"80\")\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener.\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n\n", "properties": { "alpnPolicy": { "type": "string", @@ -193577,7 +194350,7 @@ ] }, "aws:alb/listenerRule:ListenerRule": { - "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.alb.ListenerRule`\" pulumi-lang-go=\"`alb.ListenerRule`\" pulumi-lang-python=\"`alb.ListenerRule`\" pulumi-lang-yaml=\"`aws.alb.ListenerRule`\" pulumi-lang-java=\"`aws.alb.ListenerRule`\"\u003e`aws.alb.ListenerRule`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.lb.ListenerRule`\" pulumi-lang-go=\"`lb.ListenerRule`\" pulumi-lang-python=\"`lb.ListenerRule`\" pulumi-lang-yaml=\"`aws.lb.ListenerRule`\" pulumi-lang-java=\"`aws.lb.ListenerRule`\"\u003e`aws.lb.ListenerRule`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n listenerArn: frontEndListener.arn,\n priority: 100,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n});\n// Forward action\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Weighted Forward action\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: main.arn,\n weight: 80,\n },\n {\n arn: canary.arn,\n weight: 20,\n },\n ],\n stickiness: {\n enabled: true,\n duration: 600,\n },\n },\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Redirect action\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n});\n// Fixed-response action\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n});\n// Authenticate-cognito Action\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// Authenticate-oidc Action\nconst oidc = new aws.lb.ListenerRule(\"oidc\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// With transform\nconst transform = new aws.lb.ListenerRule(\"transform\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n pathPattern: {\n values: [\"*\"],\n },\n }],\n transforms: [\n {\n type: \"host-header-rewrite\",\n hostHeaderRewriteConfig: {\n rewrite: {\n regex: \"^mywebsite-(.+).com$\",\n replace: \"internal.dev.$1.myweb.com\",\n },\n },\n },\n {\n type: \"url-rewrite\",\n urlRewriteConfig: {\n rewrite: {\n regex: \"^/dp/([A-Za-z0-9]+)/?$\",\n replace: \"/product.php?id=$1\",\n },\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nstatic = aws.lb.ListenerRule(\"static\",\n listener_arn=front_end_listener.arn,\n priority=100,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[\n {\n \"path_pattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"host_header\": {\n \"values\": [\"example.com\"],\n },\n },\n ])\n# Forward action\nhost_based_weighted_routing = aws.lb.ListenerRule(\"host_based_weighted_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Weighted Forward action\nhost_based_routing = aws.lb.ListenerRule(\"host_based_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": main[\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": canary[\"arn\"],\n \"weight\": 20,\n },\n ],\n \"stickiness\": {\n \"enabled\": True,\n \"duration\": 600,\n },\n },\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Redirect action\nredirect_http_to_https = aws.lb.ListenerRule(\"redirect_http_to_https\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }],\n conditions=[{\n \"http_header\": {\n \"http_header_name\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }])\n# Fixed-response action\nhealth_check = aws.lb.ListenerRule(\"health_check\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n }],\n conditions=[{\n \"query_strings\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }])\n# Authenticate-cognito Action\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# Authenticate-oidc Action\noidc = aws.lb.ListenerRule(\"oidc\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# With transform\ntransform = aws.lb.ListenerRule(\"transform\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"path_pattern\": {\n \"values\": [\"*\"],\n },\n }],\n transforms=[\n {\n \"type\": \"host-header-rewrite\",\n \"host_header_rewrite_config\": {\n \"rewrite\": {\n \"regex\": \"^mywebsite-(.+).com$\",\n \"replace\": \"internal.dev.$1.myweb.com\",\n },\n },\n },\n {\n \"type\": \"url-rewrite\",\n \"url_rewrite_config\": {\n \"rewrite\": {\n \"regex\": \"^/dp/([A-Za-z0-9]+)/?$\",\n \"replace\": \"/product.php?id=$1\",\n },\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var @static = new Aws.LB.ListenerRule(\"static\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"example.com\",\n },\n },\n },\n },\n });\n\n // Forward action\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"host_based_weighted_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Weighted Forward action\n var hostBasedRouting = new Aws.LB.ListenerRule(\"host_based_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = main.Arn,\n Weight = 80,\n },\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = canary.Arn,\n Weight = 20,\n },\n },\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Enabled = true,\n Duration = 600,\n },\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Redirect action\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirect_http_to_https\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = new[]\n {\n \"192.168.1.*\",\n },\n },\n },\n },\n });\n\n // Fixed-response action\n var healthCheck = new Aws.LB.ListenerRule(\"health_check\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryStrings = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Key = \"health\",\n Value = \"check\",\n },\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Value = \"bar\",\n },\n },\n },\n },\n });\n\n // Authenticate-cognito Action\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var admin = new Aws.LB.ListenerRule(\"admin\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // Authenticate-oidc Action\n var oidc = new Aws.LB.ListenerRule(\"oidc\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // With transform\n var transform = new Aws.LB.ListenerRule(\"transform\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"*\",\n },\n },\n },\n },\n Transforms = new[]\n {\n new Aws.LB.Inputs.ListenerRuleTransformArgs\n {\n Type = \"host-header-rewrite\",\n HostHeaderRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs\n {\n Rewrite = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs\n {\n Regex = \"^mywebsite-(.+).com$\",\n Replace = \"internal.dev.$1.myweb.com\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleTransformArgs\n {\n Type = \"url-rewrite\",\n UrlRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigArgs\n {\n Rewrite = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs\n {\n Regex = \"^/dp/([A-Za-z0-9]+)/?$\",\n Replace = \"/product.php?id=$1\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_weighted_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Weighted Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(main.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(canary.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Redirect action\n\t\t_, err = lb.NewListenerRule(ctx, \"redirect_http_to_https\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Fixed-response action\n\t\t_, err = lb.NewListenerRule(ctx, \"health_check\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryStrings: lb.ListenerRuleConditionQueryStringArray{\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"health\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-cognito Action\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerRuleActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-oidc Action\n\t\t_, err = lb.NewListenerRule(ctx, \"oidc\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// With transform\n\t\t_, err = lb.NewListenerRule(ctx, \"transform\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTransforms: lb.ListenerRuleTransformArray{\n\t\t\t\t\u0026lb.ListenerRuleTransformArgs{\n\t\t\t\t\tType: pulumi.String(\"host-header-rewrite\"),\n\t\t\t\t\tHostHeaderRewriteConfig: \u0026lb.ListenerRuleTransformHostHeaderRewriteConfigArgs{\n\t\t\t\t\t\tRewrite: \u0026lb.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs{\n\t\t\t\t\t\t\tRegex: pulumi.String(\"^mywebsite-(.+).com$\"),\n\t\t\t\t\t\t\tReplace: pulumi.String(\"internal.dev.$1.myweb.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleTransformArgs{\n\t\t\t\t\tType: pulumi.String(\"url-rewrite\"),\n\t\t\t\t\tUrlRewriteConfig: \u0026lb.ListenerRuleTransformUrlRewriteConfigArgs{\n\t\t\t\t\t\tRewrite: \u0026lb.ListenerRuleTransformUrlRewriteConfigRewriteArgs{\n\t\t\t\t\t\t\tRegex: pulumi.String(\"^/dp/([A-Za-z0-9]+)/?$\"),\n\t\t\t\t\t\t\tReplace: pulumi.String(\"/product.php?id=$1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerRule;\nimport com.pulumi.aws.lb.ListenerRuleArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var static_ = new ListenerRule(\"static\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(100)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions( \n ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"/static/*\")\n .build())\n .build(),\n ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"example.com\")\n .build())\n .build())\n .build());\n\n // Forward action\n var hostBasedWeightedRouting = new ListenerRule(\"hostBasedWeightedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Weighted Forward action\n var hostBasedRouting = new ListenerRule(\"hostBasedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerRuleActionForwardArgs.builder()\n .targetGroups( \n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(main.arn())\n .weight(80)\n .build(),\n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(canary.arn())\n .weight(20)\n .build())\n .stickiness(ListenerRuleActionForwardStickinessArgs.builder()\n .enabled(true)\n .duration(600)\n .build())\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Redirect action\n var redirectHttpToHttps = new ListenerRule(\"redirectHttpToHttps\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerRuleActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()\n .httpHeaderName(\"X-Forwarded-For\")\n .values(\"192.168.1.*\")\n .build())\n .build())\n .build());\n\n // Fixed-response action\n var healthCheck = new ListenerRule(\"healthCheck\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"HEALTHY\")\n .statusCode(\"200\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .queryStrings( \n ListenerRuleConditionQueryStringArgs.builder()\n .key(\"health\")\n .value(\"check\")\n .build(),\n ListenerRuleConditionQueryStringArgs.builder()\n .value(\"bar\")\n .build())\n .build())\n .build());\n\n // Authenticate-cognito Action\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var admin = new ListenerRule(\"admin\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // Authenticate-oidc Action\n var oidc = new ListenerRule(\"oidc\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // With transform\n var transform = new ListenerRule(\"transform\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"*\")\n .build())\n .build())\n .transforms( \n ListenerRuleTransformArgs.builder()\n .type(\"host-header-rewrite\")\n .hostHeaderRewriteConfig(ListenerRuleTransformHostHeaderRewriteConfigArgs.builder()\n .rewrite(ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs.builder()\n .regex(\"^mywebsite-(.+).com$\")\n .replace(\"internal.dev.$1.myweb.com\")\n .build())\n .build())\n .build(),\n ListenerRuleTransformArgs.builder()\n .type(\"url-rewrite\")\n .urlRewriteConfig(ListenerRuleTransformUrlRewriteConfigArgs.builder()\n .rewrite(ListenerRuleTransformUrlRewriteConfigRewriteArgs.builder()\n .regex(\"^/dp/([A-Za-z0-9]+)/?$\")\n .replace(\"/product.php?id=$1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n static:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 100\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - /static/*\n - hostHeader:\n values:\n - example.com\n # Forward action\n hostBasedWeightedRouting:\n type: aws:lb:ListenerRule\n name: host_based_weighted_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Weighted Forward action\n hostBasedRouting:\n type: aws:lb:ListenerRule\n name: host_based_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${main.arn}\n weight: 80\n - arn: ${canary.arn}\n weight: 20\n stickiness:\n enabled: true\n duration: 600\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Redirect action\n redirectHttpToHttps:\n type: aws:lb:ListenerRule\n name: redirect_http_to_https\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n conditions:\n - httpHeader:\n httpHeaderName: X-Forwarded-For\n values:\n - 192.168.1.*\n # Fixed-response action\n healthCheck:\n type: aws:lb:ListenerRule\n name: health_check\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: HEALTHY\n statusCode: '200'\n conditions:\n - queryStrings:\n - key: health\n value: check\n - value: bar\n # Authenticate-cognito Action\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n admin:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # Authenticate-oidc Action\n oidc:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # With transform\n transform:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - '*'\n transforms:\n - type: host-header-rewrite\n hostHeaderRewriteConfig:\n rewrite:\n regex: ^mywebsite-(.+).com$\n replace: internal.dev.$1.myweb.com\n - type: url-rewrite\n urlRewriteConfig:\n rewrite:\n regex: ^/dp/([A-Za-z0-9]+)/?$\n replace: /product.php?id=$1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.\n\nUsing `pulumi import`, import rules using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b\n\n", + "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.alb.ListenerRule`\" pulumi-lang-go=\"`alb.ListenerRule`\" pulumi-lang-python=\"`alb.ListenerRule`\" pulumi-lang-yaml=\"`aws.alb.ListenerRule`\" pulumi-lang-java=\"`aws.alb.ListenerRule`\"\u003e`aws.alb.ListenerRule`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.lb.ListenerRule`\" pulumi-lang-go=\"`lb.ListenerRule`\" pulumi-lang-python=\"`lb.ListenerRule`\" pulumi-lang-yaml=\"`aws.lb.ListenerRule`\" pulumi-lang-java=\"`aws.lb.ListenerRule`\"\u003e`aws.lb.ListenerRule`\u003c/span\u003e. The functionality is identical.\n\n", "properties": { "actions": { "type": "array", @@ -214410,6 +215183,10 @@ "type": "string", "description": "The ARN of the Logically Air Gapped Backup Vault.\n" }, + "encryptionKeyArn": { + "type": "string", + "description": "The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.\n" + }, "maxRetentionDays": { "type": "integer", "description": "Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.\n" @@ -214446,6 +215223,7 @@ }, "required": [ "arn", + "encryptionKeyArn", "maxRetentionDays", "minRetentionDays", "name", @@ -214453,6 +215231,10 @@ "tagsAll" ], "inputProperties": { + "encryptionKeyArn": { + "type": "string", + "description": "The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.\n" + }, "maxRetentionDays": { "type": "integer", "description": "Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.\n" @@ -214491,6 +215273,10 @@ "type": "string", "description": "The ARN of the Logically Air Gapped Backup Vault.\n" }, + "encryptionKeyArn": { + "type": "string", + "description": "The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.\n" + }, "maxRetentionDays": { "type": "integer", "description": "Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.\n" @@ -218159,7 +218945,7 @@ } }, "aws:bedrock/agentcoreAgentRuntime:AgentcoreAgentRuntime": { - "description": "Manages an AWS Bedrock AgentCore Agent Runtime. Agent Runtime provides a containerized execution environment for AI agents.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"bedrock-agentcore.amazonaws.com\"],\n }],\n }],\n});\nconst ecrPermissions = aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ecr:GetAuthorizationToken\"],\n effect: \"Allow\",\n resources: [\"*\"],\n },\n {\n actions: [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n effect: \"Allow\",\n resources: [exampleAwsEcrRepository.arn],\n },\n ],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"bedrock-agentcore-runtime-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n role: example.id,\n policy: ecrPermissions.then(ecrPermissions =\u003e ecrPermissions.json),\n});\nconst exampleAgentcoreAgentRuntime = new aws.bedrock.AgentcoreAgentRuntime(\"example\", {\n agentRuntimeName: \"example_agent_runtime\",\n roleArn: example.arn,\n agentRuntimeArtifact: {\n containerConfiguration: {\n containerUri: `${exampleAwsEcrRepository.repositoryUrl}:latest`,\n },\n },\n networkConfiguration: {\n networkMode: \"PUBLIC\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"bedrock-agentcore.amazonaws.com\"],\n }],\n}])\necr_permissions = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ecr:GetAuthorizationToken\"],\n \"effect\": \"Allow\",\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n \"effect\": \"Allow\",\n \"resources\": [example_aws_ecr_repository[\"arn\"]],\n },\n])\nexample = aws.iam.Role(\"example\",\n name=\"bedrock-agentcore-runtime-role\",\n assume_role_policy=assume_role.json)\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n role=example.id,\n policy=ecr_permissions.json)\nexample_agentcore_agent_runtime = aws.bedrock.AgentcoreAgentRuntime(\"example\",\n agent_runtime_name=\"example_agent_runtime\",\n role_arn=example.arn,\n agent_runtime_artifact={\n \"container_configuration\": {\n \"container_uri\": f\"{example_aws_ecr_repository['repositoryUrl']}:latest\",\n },\n },\n network_configuration={\n \"network_mode\": \"PUBLIC\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"bedrock-agentcore.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var ecrPermissions = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ecr:GetAuthorizationToken\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n exampleAwsEcrRepository.Arn,\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"bedrock-agentcore-runtime-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Role = example.Id,\n Policy = ecrPermissions.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleAgentcoreAgentRuntime = new Aws.Bedrock.AgentcoreAgentRuntime(\"example\", new()\n {\n AgentRuntimeName = \"example_agent_runtime\",\n RoleArn = example.Arn,\n AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs\n {\n ContainerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs\n {\n ContainerUri = $\"{exampleAwsEcrRepository.RepositoryUrl}:latest\",\n },\n },\n NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs\n {\n NetworkMode = \"PUBLIC\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"sts:AssumeRole\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"bedrock-agentcore.amazonaws.com\",\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\necrPermissions, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"ecr:GetAuthorizationToken\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nResources: []string{\n\"*\",\n},\n},\n{\nActions: []string{\n\"ecr:BatchGetImage\",\n\"ecr:GetDownloadUrlForLayer\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nResources: interface{}{\nexampleAwsEcrRepository.Arn,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"bedrock-agentcore-runtime-role\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nRole: example.ID(),\nPolicy: pulumi.String(ecrPermissions.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = bedrock.NewAgentcoreAgentRuntime(ctx, \"example\", \u0026bedrock.AgentcoreAgentRuntimeArgs{\nAgentRuntimeName: pulumi.String(\"example_agent_runtime\"),\nRoleArn: example.Arn,\nAgentRuntimeArtifact: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{\nContainerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{\nContainerUri: pulumi.Sprintf(\"%v:latest\", exampleAwsEcrRepository.RepositoryUrl),\n},\n},\nNetworkConfiguration: \u0026bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{\nNetworkMode: pulumi.String(\"PUBLIC\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntime;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"bedrock-agentcore.amazonaws.com\")\n .build())\n .build())\n .build());\n\n final var ecrPermissions = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"ecr:GetAuthorizationToken\")\n .effect(\"Allow\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\")\n .effect(\"Allow\")\n .resources(exampleAwsEcrRepository.arn())\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"bedrock-agentcore-runtime-role\")\n .assumeRolePolicy(assumeRole.json())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .role(example.id())\n .policy(ecrPermissions.json())\n .build());\n\n var exampleAgentcoreAgentRuntime = new AgentcoreAgentRuntime(\"exampleAgentcoreAgentRuntime\", AgentcoreAgentRuntimeArgs.builder()\n .agentRuntimeName(\"example_agent_runtime\")\n .roleArn(example.arn())\n .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()\n .containerConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs.builder()\n .containerUri(String.format(\"%s:latest\", exampleAwsEcrRepository.repositoryUrl()))\n .build())\n .build())\n .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()\n .networkMode(\"PUBLIC\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: bedrock-agentcore-runtime-role\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n role: ${example.id}\n policy: ${ecrPermissions.json}\n exampleAgentcoreAgentRuntime:\n type: aws:bedrock:AgentcoreAgentRuntime\n name: example\n properties:\n agentRuntimeName: example_agent_runtime\n roleArn: ${example.arn}\n agentRuntimeArtifact:\n containerConfiguration:\n containerUri: ${exampleAwsEcrRepository.repositoryUrl}:latest\n networkConfiguration:\n networkMode: PUBLIC\nvariables:\n assumeRole:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - effect: Allow\n actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - bedrock-agentcore.amazonaws.com\n ecrPermissions:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - ecr:GetAuthorizationToken\n effect: Allow\n resources:\n - '*'\n - actions:\n - ecr:BatchGetImage\n - ecr:GetDownloadUrlForLayer\n effect: Allow\n resources:\n - ${exampleAwsEcrRepository.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MCP Server With Custom JWT Authorizer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentcoreAgentRuntime(\"example\", {\n agentRuntimeName: \"example_agent_runtime\",\n description: \"Agent runtime with JWT authorization\",\n roleArn: exampleAwsIamRole.arn,\n agentRuntimeArtifact: {\n containerConfiguration: {\n containerUri: `${exampleAwsEcrRepository.repositoryUrl}:v1.0`,\n },\n },\n environmentVariables: {\n LOG_LEVEL: \"INFO\",\n ENV: \"production\",\n },\n authorizerConfiguration: {\n customJwtAuthorizer: {\n discoveryUrl: \"https://accounts.google.com/.well-known/openid-configuration\",\n allowedAudiences: [\n \"my-app\",\n \"mobile-app\",\n ],\n allowedClients: [\n \"client-123\",\n \"client-456\",\n ],\n },\n },\n networkConfiguration: {\n networkMode: \"PUBLIC\",\n },\n protocolConfiguration: {\n serverProtocol: \"MCP\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentcoreAgentRuntime(\"example\",\n agent_runtime_name=\"example_agent_runtime\",\n description=\"Agent runtime with JWT authorization\",\n role_arn=example_aws_iam_role[\"arn\"],\n agent_runtime_artifact={\n \"container_configuration\": {\n \"container_uri\": f\"{example_aws_ecr_repository['repositoryUrl']}:v1.0\",\n },\n },\n environment_variables={\n \"LOG_LEVEL\": \"INFO\",\n \"ENV\": \"production\",\n },\n authorizer_configuration={\n \"custom_jwt_authorizer\": {\n \"discovery_url\": \"https://accounts.google.com/.well-known/openid-configuration\",\n \"allowed_audiences\": [\n \"my-app\",\n \"mobile-app\",\n ],\n \"allowed_clients\": [\n \"client-123\",\n \"client-456\",\n ],\n },\n },\n network_configuration={\n \"network_mode\": \"PUBLIC\",\n },\n protocol_configuration={\n \"server_protocol\": \"MCP\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentcoreAgentRuntime(\"example\", new()\n {\n AgentRuntimeName = \"example_agent_runtime\",\n Description = \"Agent runtime with JWT authorization\",\n RoleArn = exampleAwsIamRole.Arn,\n AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs\n {\n ContainerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs\n {\n ContainerUri = $\"{exampleAwsEcrRepository.RepositoryUrl}:v1.0\",\n },\n },\n EnvironmentVariables = \n {\n { \"LOG_LEVEL\", \"INFO\" },\n { \"ENV\", \"production\" },\n },\n AuthorizerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAuthorizerConfigurationArgs\n {\n CustomJwtAuthorizer = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs\n {\n DiscoveryUrl = \"https://accounts.google.com/.well-known/openid-configuration\",\n AllowedAudiences = new[]\n {\n \"my-app\",\n \"mobile-app\",\n },\n AllowedClients = new[]\n {\n \"client-123\",\n \"client-456\",\n },\n },\n },\n NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs\n {\n NetworkMode = \"PUBLIC\",\n },\n ProtocolConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeProtocolConfigurationArgs\n {\n ServerProtocol = \"MCP\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentcoreAgentRuntime(ctx, \"example\", \u0026bedrock.AgentcoreAgentRuntimeArgs{\n\t\t\tAgentRuntimeName: pulumi.String(\"example_agent_runtime\"),\n\t\t\tDescription: pulumi.String(\"Agent runtime with JWT authorization\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tAgentRuntimeArtifact: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{\n\t\t\t\tContainerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{\n\t\t\t\t\tContainerUri: pulumi.Sprintf(\"%v:v1.0\", exampleAwsEcrRepository.RepositoryUrl),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\"LOG_LEVEL\": pulumi.String(\"INFO\"),\n\t\t\t\t\"ENV\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t\tAuthorizerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAuthorizerConfigurationArgs{\n\t\t\t\tCustomJwtAuthorizer: \u0026bedrock.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs{\n\t\t\t\t\tDiscoveryUrl: pulumi.String(\"https://accounts.google.com/.well-known/openid-configuration\"),\n\t\t\t\t\tAllowedAudiences: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my-app\"),\n\t\t\t\t\t\tpulumi.String(\"mobile-app\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedClients: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"client-123\"),\n\t\t\t\t\t\tpulumi.String(\"client-456\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkConfiguration: \u0026bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{\n\t\t\t\tNetworkMode: pulumi.String(\"PUBLIC\"),\n\t\t\t},\n\t\t\tProtocolConfiguration: \u0026bedrock.AgentcoreAgentRuntimeProtocolConfigurationArgs{\n\t\t\t\tServerProtocol: pulumi.String(\"MCP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntime;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAuthorizerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeProtocolConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentcoreAgentRuntime(\"example\", AgentcoreAgentRuntimeArgs.builder()\n .agentRuntimeName(\"example_agent_runtime\")\n .description(\"Agent runtime with JWT authorization\")\n .roleArn(exampleAwsIamRole.arn())\n .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()\n .containerConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs.builder()\n .containerUri(String.format(\"%s:v1.0\", exampleAwsEcrRepository.repositoryUrl()))\n .build())\n .build())\n .environmentVariables(Map.ofEntries(\n Map.entry(\"LOG_LEVEL\", \"INFO\"),\n Map.entry(\"ENV\", \"production\")\n ))\n .authorizerConfiguration(AgentcoreAgentRuntimeAuthorizerConfigurationArgs.builder()\n .customJwtAuthorizer(AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs.builder()\n .discoveryUrl(\"https://accounts.google.com/.well-known/openid-configuration\")\n .allowedAudiences( \n \"my-app\",\n \"mobile-app\")\n .allowedClients( \n \"client-123\",\n \"client-456\")\n .build())\n .build())\n .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()\n .networkMode(\"PUBLIC\")\n .build())\n .protocolConfiguration(AgentcoreAgentRuntimeProtocolConfigurationArgs.builder()\n .serverProtocol(\"MCP\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentcoreAgentRuntime\n properties:\n agentRuntimeName: example_agent_runtime\n description: Agent runtime with JWT authorization\n roleArn: ${exampleAwsIamRole.arn}\n agentRuntimeArtifact:\n containerConfiguration:\n containerUri: ${exampleAwsEcrRepository.repositoryUrl}:v1.0\n environmentVariables:\n LOG_LEVEL: INFO\n ENV: production\n authorizerConfiguration:\n customJwtAuthorizer:\n discoveryUrl: https://accounts.google.com/.well-known/openid-configuration\n allowedAudiences:\n - my-app\n - mobile-app\n allowedClients:\n - client-123\n - client-456\n networkConfiguration:\n networkMode: PUBLIC\n protocolConfiguration:\n serverProtocol: MCP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentcoreAgentRuntime:AgentcoreAgentRuntime example agent-runtime-12345\n```\n", + "description": "Manages an AWS Bedrock AgentCore Agent Runtime. Agent Runtime provides a containerized execution environment for AI agents.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"bedrock-agentcore.amazonaws.com\"],\n }],\n }],\n});\nconst ecrPermissions = aws.iam.getPolicyDocument({\n statements: [\n {\n actions: [\"ecr:GetAuthorizationToken\"],\n effect: \"Allow\",\n resources: [\"*\"],\n },\n {\n actions: [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n effect: \"Allow\",\n resources: [exampleAwsEcrRepository.arn],\n },\n ],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"bedrock-agentcore-runtime-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n role: example.id,\n policy: ecrPermissions.then(ecrPermissions =\u003e ecrPermissions.json),\n});\nconst exampleAgentcoreAgentRuntime = new aws.bedrock.AgentcoreAgentRuntime(\"example\", {\n agentRuntimeName: \"example_agent_runtime\",\n roleArn: example.arn,\n agentRuntimeArtifact: {\n containerConfiguration: {\n containerUri: `${exampleAwsEcrRepository.repositoryUrl}:latest`,\n },\n },\n networkConfiguration: {\n networkMode: \"PUBLIC\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"effect\": \"Allow\",\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"bedrock-agentcore.amazonaws.com\"],\n }],\n}])\necr_permissions = aws.iam.get_policy_document(statements=[\n {\n \"actions\": [\"ecr:GetAuthorizationToken\"],\n \"effect\": \"Allow\",\n \"resources\": [\"*\"],\n },\n {\n \"actions\": [\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n ],\n \"effect\": \"Allow\",\n \"resources\": [example_aws_ecr_repository[\"arn\"]],\n },\n])\nexample = aws.iam.Role(\"example\",\n name=\"bedrock-agentcore-runtime-role\",\n assume_role_policy=assume_role.json)\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n role=example.id,\n policy=ecr_permissions.json)\nexample_agentcore_agent_runtime = aws.bedrock.AgentcoreAgentRuntime(\"example\",\n agent_runtime_name=\"example_agent_runtime\",\n role_arn=example.arn,\n agent_runtime_artifact={\n \"container_configuration\": {\n \"container_uri\": f\"{example_aws_ecr_repository['repositoryUrl']}:latest\",\n },\n },\n network_configuration={\n \"network_mode\": \"PUBLIC\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"bedrock-agentcore.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var ecrPermissions = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ecr:GetAuthorizationToken\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n exampleAwsEcrRepository.Arn,\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"bedrock-agentcore-runtime-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Role = example.Id,\n Policy = ecrPermissions.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleAgentcoreAgentRuntime = new Aws.Bedrock.AgentcoreAgentRuntime(\"example\", new()\n {\n AgentRuntimeName = \"example_agent_runtime\",\n RoleArn = example.Arn,\n AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs\n {\n ContainerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs\n {\n ContainerUri = $\"{exampleAwsEcrRepository.RepositoryUrl}:latest\",\n },\n },\n NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs\n {\n NetworkMode = \"PUBLIC\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"sts:AssumeRole\",\n},\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"bedrock-agentcore.amazonaws.com\",\n},\n},\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\necrPermissions, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nActions: []string{\n\"ecr:GetAuthorizationToken\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nResources: []string{\n\"*\",\n},\n},\n{\nActions: []string{\n\"ecr:BatchGetImage\",\n\"ecr:GetDownloadUrlForLayer\",\n},\nEffect: pulumi.StringRef(\"Allow\"),\nResources: interface{}{\nexampleAwsEcrRepository.Arn,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"bedrock-agentcore-runtime-role\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nRole: example.ID(),\nPolicy: pulumi.String(ecrPermissions.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = bedrock.NewAgentcoreAgentRuntime(ctx, \"example\", \u0026bedrock.AgentcoreAgentRuntimeArgs{\nAgentRuntimeName: pulumi.String(\"example_agent_runtime\"),\nRoleArn: example.Arn,\nAgentRuntimeArtifact: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{\nContainerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{\nContainerUri: pulumi.Sprintf(\"%v:latest\", exampleAwsEcrRepository.RepositoryUrl),\n},\n},\nNetworkConfiguration: \u0026bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{\nNetworkMode: pulumi.String(\"PUBLIC\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntime;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"bedrock-agentcore.amazonaws.com\")\n .build())\n .build())\n .build());\n\n final var ecrPermissions = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"ecr:GetAuthorizationToken\")\n .effect(\"Allow\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"ecr:BatchGetImage\",\n \"ecr:GetDownloadUrlForLayer\")\n .effect(\"Allow\")\n .resources(exampleAwsEcrRepository.arn())\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder()\n .name(\"bedrock-agentcore-runtime-role\")\n .assumeRolePolicy(assumeRole.json())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder()\n .role(example.id())\n .policy(ecrPermissions.json())\n .build());\n\n var exampleAgentcoreAgentRuntime = new AgentcoreAgentRuntime(\"exampleAgentcoreAgentRuntime\", AgentcoreAgentRuntimeArgs.builder()\n .agentRuntimeName(\"example_agent_runtime\")\n .roleArn(example.arn())\n .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()\n .containerConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs.builder()\n .containerUri(String.format(\"%s:latest\", exampleAwsEcrRepository.repositoryUrl()))\n .build())\n .build())\n .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()\n .networkMode(\"PUBLIC\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: bedrock-agentcore-runtime-role\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n role: ${example.id}\n policy: ${ecrPermissions.json}\n exampleAgentcoreAgentRuntime:\n type: aws:bedrock:AgentcoreAgentRuntime\n name: example\n properties:\n agentRuntimeName: example_agent_runtime\n roleArn: ${example.arn}\n agentRuntimeArtifact:\n containerConfiguration:\n containerUri: ${exampleAwsEcrRepository.repositoryUrl}:latest\n networkConfiguration:\n networkMode: PUBLIC\nvariables:\n assumeRole:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - effect: Allow\n actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - bedrock-agentcore.amazonaws.com\n ecrPermissions:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - ecr:GetAuthorizationToken\n effect: Allow\n resources:\n - '*'\n - actions:\n - ecr:BatchGetImage\n - ecr:GetDownloadUrlForLayer\n effect: Allow\n resources:\n - ${exampleAwsEcrRepository.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MCP Server With Custom JWT Authorizer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentcoreAgentRuntime(\"example\", {\n agentRuntimeName: \"example_agent_runtime\",\n description: \"Agent runtime with JWT authorization\",\n roleArn: exampleAwsIamRole.arn,\n agentRuntimeArtifact: {\n containerConfiguration: {\n containerUri: `${exampleAwsEcrRepository.repositoryUrl}:v1.0`,\n },\n },\n environmentVariables: {\n LOG_LEVEL: \"INFO\",\n ENV: \"production\",\n },\n authorizerConfiguration: {\n customJwtAuthorizer: {\n discoveryUrl: \"https://accounts.google.com/.well-known/openid-configuration\",\n allowedAudiences: [\n \"my-app\",\n \"mobile-app\",\n ],\n allowedClients: [\n \"client-123\",\n \"client-456\",\n ],\n },\n },\n networkConfiguration: {\n networkMode: \"PUBLIC\",\n },\n protocolConfiguration: {\n serverProtocol: \"MCP\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentcoreAgentRuntime(\"example\",\n agent_runtime_name=\"example_agent_runtime\",\n description=\"Agent runtime with JWT authorization\",\n role_arn=example_aws_iam_role[\"arn\"],\n agent_runtime_artifact={\n \"container_configuration\": {\n \"container_uri\": f\"{example_aws_ecr_repository['repositoryUrl']}:v1.0\",\n },\n },\n environment_variables={\n \"LOG_LEVEL\": \"INFO\",\n \"ENV\": \"production\",\n },\n authorizer_configuration={\n \"custom_jwt_authorizer\": {\n \"discovery_url\": \"https://accounts.google.com/.well-known/openid-configuration\",\n \"allowed_audiences\": [\n \"my-app\",\n \"mobile-app\",\n ],\n \"allowed_clients\": [\n \"client-123\",\n \"client-456\",\n ],\n },\n },\n network_configuration={\n \"network_mode\": \"PUBLIC\",\n },\n protocol_configuration={\n \"server_protocol\": \"MCP\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentcoreAgentRuntime(\"example\", new()\n {\n AgentRuntimeName = \"example_agent_runtime\",\n Description = \"Agent runtime with JWT authorization\",\n RoleArn = exampleAwsIamRole.Arn,\n AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs\n {\n ContainerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs\n {\n ContainerUri = $\"{exampleAwsEcrRepository.RepositoryUrl}:v1.0\",\n },\n },\n EnvironmentVariables = \n {\n { \"LOG_LEVEL\", \"INFO\" },\n { \"ENV\", \"production\" },\n },\n AuthorizerConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAuthorizerConfigurationArgs\n {\n CustomJwtAuthorizer = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs\n {\n DiscoveryUrl = \"https://accounts.google.com/.well-known/openid-configuration\",\n AllowedAudiences = new[]\n {\n \"my-app\",\n \"mobile-app\",\n },\n AllowedClients = new[]\n {\n \"client-123\",\n \"client-456\",\n },\n },\n },\n NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs\n {\n NetworkMode = \"PUBLIC\",\n },\n ProtocolConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeProtocolConfigurationArgs\n {\n ServerProtocol = \"MCP\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentcoreAgentRuntime(ctx, \"example\", \u0026bedrock.AgentcoreAgentRuntimeArgs{\n\t\t\tAgentRuntimeName: pulumi.String(\"example_agent_runtime\"),\n\t\t\tDescription: pulumi.String(\"Agent runtime with JWT authorization\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tAgentRuntimeArtifact: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{\n\t\t\t\tContainerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{\n\t\t\t\t\tContainerUri: pulumi.Sprintf(\"%v:v1.0\", exampleAwsEcrRepository.RepositoryUrl),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\"LOG_LEVEL\": pulumi.String(\"INFO\"),\n\t\t\t\t\"ENV\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t\tAuthorizerConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAuthorizerConfigurationArgs{\n\t\t\t\tCustomJwtAuthorizer: \u0026bedrock.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs{\n\t\t\t\t\tDiscoveryUrl: pulumi.String(\"https://accounts.google.com/.well-known/openid-configuration\"),\n\t\t\t\t\tAllowedAudiences: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my-app\"),\n\t\t\t\t\t\tpulumi.String(\"mobile-app\"),\n\t\t\t\t\t},\n\t\t\t\t\tAllowedClients: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"client-123\"),\n\t\t\t\t\t\tpulumi.String(\"client-456\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkConfiguration: \u0026bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{\n\t\t\t\tNetworkMode: pulumi.String(\"PUBLIC\"),\n\t\t\t},\n\t\t\tProtocolConfiguration: \u0026bedrock.AgentcoreAgentRuntimeProtocolConfigurationArgs{\n\t\t\t\tServerProtocol: pulumi.String(\"MCP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntime;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAuthorizerConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeProtocolConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentcoreAgentRuntime(\"example\", AgentcoreAgentRuntimeArgs.builder()\n .agentRuntimeName(\"example_agent_runtime\")\n .description(\"Agent runtime with JWT authorization\")\n .roleArn(exampleAwsIamRole.arn())\n .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()\n .containerConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs.builder()\n .containerUri(String.format(\"%s:v1.0\", exampleAwsEcrRepository.repositoryUrl()))\n .build())\n .build())\n .environmentVariables(Map.ofEntries(\n Map.entry(\"LOG_LEVEL\", \"INFO\"),\n Map.entry(\"ENV\", \"production\")\n ))\n .authorizerConfiguration(AgentcoreAgentRuntimeAuthorizerConfigurationArgs.builder()\n .customJwtAuthorizer(AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizerArgs.builder()\n .discoveryUrl(\"https://accounts.google.com/.well-known/openid-configuration\")\n .allowedAudiences( \n \"my-app\",\n \"mobile-app\")\n .allowedClients( \n \"client-123\",\n \"client-456\")\n .build())\n .build())\n .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()\n .networkMode(\"PUBLIC\")\n .build())\n .protocolConfiguration(AgentcoreAgentRuntimeProtocolConfigurationArgs.builder()\n .serverProtocol(\"MCP\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentcoreAgentRuntime\n properties:\n agentRuntimeName: example_agent_runtime\n description: Agent runtime with JWT authorization\n roleArn: ${exampleAwsIamRole.arn}\n agentRuntimeArtifact:\n containerConfiguration:\n containerUri: ${exampleAwsEcrRepository.repositoryUrl}:v1.0\n environmentVariables:\n LOG_LEVEL: INFO\n ENV: production\n authorizerConfiguration:\n customJwtAuthorizer:\n discoveryUrl: https://accounts.google.com/.well-known/openid-configuration\n allowedAudiences:\n - my-app\n - mobile-app\n allowedClients:\n - client-123\n - client-456\n networkConfiguration:\n networkMode: PUBLIC\n protocolConfiguration:\n serverProtocol: MCP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Agent runtime artifact from S3 with Code Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.bedrock.AgentcoreAgentRuntime(\"example\", {\n agentRuntimeName: \"example_agent_runtime\",\n roleArn: exampleAwsIamRole.arn,\n agentRuntimeArtifact: {\n codeConfiguration: {\n entryPoints: [\"main.py\"],\n runtime: \"PYTHON_3_13\",\n code: {\n s3: {\n bucket: \"example-bucket\",\n prefix: \"example-agent-runtime-code.zip\",\n },\n },\n },\n },\n networkConfiguration: {\n networkMode: \"PUBLIC\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.bedrock.AgentcoreAgentRuntime(\"example\",\n agent_runtime_name=\"example_agent_runtime\",\n role_arn=example_aws_iam_role[\"arn\"],\n agent_runtime_artifact={\n \"code_configuration\": {\n \"entry_points\": [\"main.py\"],\n \"runtime\": \"PYTHON_3_13\",\n \"code\": {\n \"s3\": {\n \"bucket\": \"example-bucket\",\n \"prefix\": \"example-agent-runtime-code.zip\",\n },\n },\n },\n },\n network_configuration={\n \"network_mode\": \"PUBLIC\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Bedrock.AgentcoreAgentRuntime(\"example\", new()\n {\n AgentRuntimeName = \"example_agent_runtime\",\n RoleArn = exampleAwsIamRole.Arn,\n AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs\n {\n CodeConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs\n {\n EntryPoints = new[]\n {\n \"main.py\",\n },\n Runtime = \"PYTHON_3_13\",\n Code = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs\n {\n S3 = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args\n {\n Bucket = \"example-bucket\",\n Prefix = \"example-agent-runtime-code.zip\",\n },\n },\n },\n },\n NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs\n {\n NetworkMode = \"PUBLIC\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := bedrock.NewAgentcoreAgentRuntime(ctx, \"example\", \u0026bedrock.AgentcoreAgentRuntimeArgs{\n\t\t\tAgentRuntimeName: pulumi.String(\"example_agent_runtime\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tAgentRuntimeArtifact: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{\n\t\t\t\tCodeConfiguration: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{\n\t\t\t\t\tEntryPoints: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"main.py\"),\n\t\t\t\t\t},\n\t\t\t\t\tRuntime: pulumi.String(\"PYTHON_3_13\"),\n\t\t\t\t\tCode: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{\n\t\t\t\t\t\tS3: \u0026bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{\n\t\t\t\t\t\t\tBucket: pulumi.String(\"example-bucket\"),\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"example-agent-runtime-code.zip\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkConfiguration: \u0026bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{\n\t\t\t\tNetworkMode: pulumi.String(\"PUBLIC\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntime;\nimport com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args;\nimport com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AgentcoreAgentRuntime(\"example\", AgentcoreAgentRuntimeArgs.builder()\n .agentRuntimeName(\"example_agent_runtime\")\n .roleArn(exampleAwsIamRole.arn())\n .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()\n .codeConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs.builder()\n .entryPoints(\"main.py\")\n .runtime(\"PYTHON_3_13\")\n .code(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.builder()\n .s3(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.builder()\n .bucket(\"example-bucket\")\n .prefix(\"example-agent-runtime-code.zip\")\n .build())\n .build())\n .build())\n .build())\n .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()\n .networkMode(\"PUBLIC\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:bedrock:AgentcoreAgentRuntime\n properties:\n agentRuntimeName: example_agent_runtime\n roleArn: ${exampleAwsIamRole.arn}\n agentRuntimeArtifact:\n codeConfiguration:\n entryPoints:\n - main.py\n runtime: PYTHON_3_13\n code:\n s3:\n bucket: example-bucket\n prefix: example-agent-runtime-code.zip\n networkConfiguration:\n networkMode: PUBLIC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example:\n\n```sh\n$ pulumi import aws:bedrock/agentcoreAgentRuntime:AgentcoreAgentRuntime example agent-runtime-12345\n```\n", "properties": { "agentRuntimeArn": { "type": "string", @@ -220781,6 +221567,205 @@ "type": "object" } }, + "aws:billing/view:View": { + "description": "Manages an AWS Billing View.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.billing.View(\"example\", {\n name: \"example\",\n description: \"example description\",\n sourceViews: [\"arn:aws:billing::123456789012:billingview/example\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.billing.View(\"example\",\n name=\"example\",\n description=\"example description\",\n source_views=[\"arn:aws:billing::123456789012:billingview/example\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Billing.View(\"example\", new()\n {\n Name = \"example\",\n Description = \"example description\",\n SourceViews = new[]\n {\n \"arn:aws:billing::123456789012:billingview/example\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/billing\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := billing.NewView(ctx, \"example\", \u0026billing.ViewArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example description\"),\n\t\t\tSourceViews: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:billing::123456789012:billingview/example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.billing.View;\nimport com.pulumi.aws.billing.ViewArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new View(\"example\", ViewArgs.builder()\n .name(\"example\")\n .description(\"example description\")\n .sourceViews(\"arn:aws:billing::123456789012:billingview/example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:billing:View\n properties:\n name: example\n description: example description\n sourceViews:\n - arn:aws:billing::123456789012:billingview/example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Billing View using the `arn`. For example:\n\n```sh\n$ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example\n```\n", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the View.\n" + }, + "billingViewType": { + "type": "string", + "description": "Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.\n" + }, + "createdAt": { + "type": "string", + "description": "Timestamp when the billing view was created.\n" + }, + "dataFilterExpression": { + "$ref": "#/types/aws:billing/ViewDataFilterExpression:ViewDataFilterExpression", + "description": "Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.\n" + }, + "derivedViewCount": { + "type": "integer", + "description": "Number of billing views that use this billing view as a source.\n" + }, + "description": { + "type": "string", + "description": "Description of the custom billing view.\n" + }, + "name": { + "type": "string", + "description": "Name of the custom billing view to be created.\n" + }, + "ownerAccountId": { + "type": "string", + "description": "Account owner of the billing view.\n" + }, + "sourceAccountId": { + "type": "string", + "description": "AWS account ID that owns the source billing view, if this is a derived billing view.\n" + }, + "sourceViewCount": { + "type": "integer", + "description": "Number of source views associated with this billing view.\n" + }, + "sourceViews": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of ARNs of the source data views for the custom billing view.\n\nThe following arguments are optional:\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key value map specifying tags associated to the billing view being created.\n" + }, + "tagsAll": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key value map specifying tags associated to the billing view.\n" + }, + "timeouts": { + "$ref": "#/types/aws:billing/ViewTimeouts:ViewTimeouts" + }, + "updatedAt": { + "type": "string", + "description": "Time when the billing view was last updated.\n" + }, + "viewDefinitionLastUpdatedAt": { + "type": "string", + "description": "Timestamp of when the billing view definition was last updated.\n" + } + }, + "required": [ + "arn", + "billingViewType", + "createdAt", + "derivedViewCount", + "name", + "ownerAccountId", + "sourceAccountId", + "sourceViewCount", + "tagsAll", + "updatedAt", + "viewDefinitionLastUpdatedAt" + ], + "inputProperties": { + "dataFilterExpression": { + "$ref": "#/types/aws:billing/ViewDataFilterExpression:ViewDataFilterExpression", + "description": "Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.\n" + }, + "description": { + "type": "string", + "description": "Description of the custom billing view.\n" + }, + "name": { + "type": "string", + "description": "Name of the custom billing view to be created.\n" + }, + "sourceViews": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of ARNs of the source data views for the custom billing view.\n\nThe following arguments are optional:\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key value map specifying tags associated to the billing view being created.\n" + }, + "timeouts": { + "$ref": "#/types/aws:billing/ViewTimeouts:ViewTimeouts" + } + }, + "stateInputs": { + "description": "Input properties used for looking up and filtering View resources.\n", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the View.\n" + }, + "billingViewType": { + "type": "string", + "description": "Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.\n" + }, + "createdAt": { + "type": "string", + "description": "Timestamp when the billing view was created.\n" + }, + "dataFilterExpression": { + "$ref": "#/types/aws:billing/ViewDataFilterExpression:ViewDataFilterExpression", + "description": "Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.\n" + }, + "derivedViewCount": { + "type": "integer", + "description": "Number of billing views that use this billing view as a source.\n" + }, + "description": { + "type": "string", + "description": "Description of the custom billing view.\n" + }, + "name": { + "type": "string", + "description": "Name of the custom billing view to be created.\n" + }, + "ownerAccountId": { + "type": "string", + "description": "Account owner of the billing view.\n" + }, + "sourceAccountId": { + "type": "string", + "description": "AWS account ID that owns the source billing view, if this is a derived billing view.\n" + }, + "sourceViewCount": { + "type": "integer", + "description": "Number of source views associated with this billing view.\n" + }, + "sourceViews": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of ARNs of the source data views for the custom billing view.\n\nThe following arguments are optional:\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key value map specifying tags associated to the billing view being created.\n" + }, + "tagsAll": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key value map specifying tags associated to the billing view.\n" + }, + "timeouts": { + "$ref": "#/types/aws:billing/ViewTimeouts:ViewTimeouts" + }, + "updatedAt": { + "type": "string", + "description": "Time when the billing view was last updated.\n" + }, + "viewDefinitionLastUpdatedAt": { + "type": "string", + "description": "Timestamp of when the billing view definition was last updated.\n" + } + }, + "type": "object" + } + }, "aws:budgets/budget:Budget": { "description": "Provides a budgets budget resource. Budgets use the cost visualization provided by Cost Explorer to show you the status of your budgets, to provide forecasts of your estimated costs, and to track your AWS usage, including your free tier usage.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2 = new aws.budgets.Budget(\"ec2\", {\n name: \"budget-ec2-monthly\",\n budgetType: \"COST\",\n limitAmount: \"1200\",\n limitUnit: \"USD\",\n timePeriodEnd: \"2087-06-15_00:00\",\n timePeriodStart: \"2017-07-01_00:00\",\n timeUnit: \"MONTHLY\",\n costFilters: [{\n name: \"Service\",\n values: [\"Amazon Elastic Compute Cloud - Compute\"],\n }],\n notifications: [{\n comparisonOperator: \"GREATER_THAN\",\n threshold: 100,\n thresholdType: \"PERCENTAGE\",\n notificationType: \"FORECASTED\",\n subscriberEmailAddresses: [\"test@example.com\"],\n }],\n tags: {\n Tag1: \"Value1\",\n Tag2: \"Value2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2 = aws.budgets.Budget(\"ec2\",\n name=\"budget-ec2-monthly\",\n budget_type=\"COST\",\n limit_amount=\"1200\",\n limit_unit=\"USD\",\n time_period_end=\"2087-06-15_00:00\",\n time_period_start=\"2017-07-01_00:00\",\n time_unit=\"MONTHLY\",\n cost_filters=[{\n \"name\": \"Service\",\n \"values\": [\"Amazon Elastic Compute Cloud - Compute\"],\n }],\n notifications=[{\n \"comparison_operator\": \"GREATER_THAN\",\n \"threshold\": 100,\n \"threshold_type\": \"PERCENTAGE\",\n \"notification_type\": \"FORECASTED\",\n \"subscriber_email_addresses\": [\"test@example.com\"],\n }],\n tags={\n \"Tag1\": \"Value1\",\n \"Tag2\": \"Value2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2 = new Aws.Budgets.Budget(\"ec2\", new()\n {\n Name = \"budget-ec2-monthly\",\n BudgetType = \"COST\",\n LimitAmount = \"1200\",\n LimitUnit = \"USD\",\n TimePeriodEnd = \"2087-06-15_00:00\",\n TimePeriodStart = \"2017-07-01_00:00\",\n TimeUnit = \"MONTHLY\",\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"Service\",\n Values = new[]\n {\n \"Amazon Elastic Compute Cloud - Compute\",\n },\n },\n },\n Notifications = new[]\n {\n new Aws.Budgets.Inputs.BudgetNotificationArgs\n {\n ComparisonOperator = \"GREATER_THAN\",\n Threshold = 100,\n ThresholdType = \"PERCENTAGE\",\n NotificationType = \"FORECASTED\",\n SubscriberEmailAddresses = new[]\n {\n \"test@example.com\",\n },\n },\n },\n Tags = \n {\n { \"Tag1\", \"Value1\" },\n { \"Tag2\", \"Value2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"ec2\", \u0026budgets.BudgetArgs{\n\t\t\tName: pulumi.String(\"budget-ec2-monthly\"),\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tLimitAmount: pulumi.String(\"1200\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t\tTimePeriodEnd: pulumi.String(\"2087-06-15_00:00\"),\n\t\t\tTimePeriodStart: pulumi.String(\"2017-07-01_00:00\"),\n\t\t\tTimeUnit: pulumi.String(\"MONTHLY\"),\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"Service\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Amazon Elastic Compute Cloud - Compute\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tNotifications: budgets.BudgetNotificationArray{\n\t\t\t\t\u0026budgets.BudgetNotificationArgs{\n\t\t\t\t\tComparisonOperator: pulumi.String(\"GREATER_THAN\"),\n\t\t\t\t\tThreshold: pulumi.Float64(100),\n\t\t\t\t\tThresholdType: pulumi.String(\"PERCENTAGE\"),\n\t\t\t\t\tNotificationType: pulumi.String(\"FORECASTED\"),\n\t\t\t\t\tSubscriberEmailAddresses: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"test@example.com\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Tag1\": pulumi.String(\"Value1\"),\n\t\t\t\t\"Tag2\": pulumi.String(\"Value2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ec2 = new Budget(\"ec2\", BudgetArgs.builder()\n .name(\"budget-ec2-monthly\")\n .budgetType(\"COST\")\n .limitAmount(\"1200\")\n .limitUnit(\"USD\")\n .timePeriodEnd(\"2087-06-15_00:00\")\n .timePeriodStart(\"2017-07-01_00:00\")\n .timeUnit(\"MONTHLY\")\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"Service\")\n .values(\"Amazon Elastic Compute Cloud - Compute\")\n .build())\n .notifications(BudgetNotificationArgs.builder()\n .comparisonOperator(\"GREATER_THAN\")\n .threshold(100.0)\n .thresholdType(\"PERCENTAGE\")\n .notificationType(\"FORECASTED\")\n .subscriberEmailAddresses(\"test@example.com\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Tag1\", \"Value1\"),\n Map.entry(\"Tag2\", \"Value2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ec2:\n type: aws:budgets:Budget\n properties:\n name: budget-ec2-monthly\n budgetType: COST\n limitAmount: '1200'\n limitUnit: USD\n timePeriodEnd: 2087-06-15_00:00\n timePeriodStart: 2017-07-01_00:00\n timeUnit: MONTHLY\n costFilters:\n - name: Service\n values:\n - Amazon Elastic Compute Cloud - Compute\n notifications:\n - comparisonOperator: GREATER_THAN\n threshold: 100\n thresholdType: PERCENTAGE\n notificationType: FORECASTED\n subscriberEmailAddresses:\n - test@example.com\n tags:\n Tag1: Value1\n Tag2: Value2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget for *$100*.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {\n budgetType: \"COST\",\n limitAmount: \"100\",\n limitUnit: \"USD\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\",\n budget_type=\"COST\",\n limit_amount=\"100\",\n limit_unit=\"USD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n BudgetType = \"COST\",\n LimitAmount = \"100\",\n LimitUnit = \"USD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"COST\"),\n\t\t\tLimitAmount: pulumi.String(\"100\"),\n\t\t\tLimitUnit: pulumi.String(\"USD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .budgetType(\"COST\")\n .limitAmount(\"100\")\n .limitUnit(\"USD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n budgetType: COST\n limitAmount: '100'\n limitUnit: USD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget with planned budget limits.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {plannedLimits: [\n {\n startTime: \"2017-07-01_00:00\",\n amount: \"100\",\n unit: \"USD\",\n },\n {\n startTime: \"2017-08-01_00:00\",\n amount: \"200\",\n unit: \"USD\",\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", planned_limits=[\n {\n \"start_time\": \"2017-07-01_00:00\",\n \"amount\": \"100\",\n \"unit\": \"USD\",\n },\n {\n \"start_time\": \"2017-08-01_00:00\",\n \"amount\": \"200\",\n \"unit\": \"USD\",\n },\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n PlannedLimits = new[]\n {\n new Aws.Budgets.Inputs.BudgetPlannedLimitArgs\n {\n StartTime = \"2017-07-01_00:00\",\n Amount = \"100\",\n Unit = \"USD\",\n },\n new Aws.Budgets.Inputs.BudgetPlannedLimitArgs\n {\n StartTime = \"2017-08-01_00:00\",\n Amount = \"200\",\n Unit = \"USD\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tPlannedLimits: budgets.BudgetPlannedLimitArray{\n\t\t\t\t\u0026budgets.BudgetPlannedLimitArgs{\n\t\t\t\t\tStartTime: pulumi.String(\"2017-07-01_00:00\"),\n\t\t\t\t\tAmount: pulumi.String(\"100\"),\n\t\t\t\t\tUnit: pulumi.String(\"USD\"),\n\t\t\t\t},\n\t\t\t\t\u0026budgets.BudgetPlannedLimitArgs{\n\t\t\t\t\tStartTime: pulumi.String(\"2017-08-01_00:00\"),\n\t\t\t\t\tAmount: pulumi.String(\"200\"),\n\t\t\t\t\tUnit: pulumi.String(\"USD\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetPlannedLimitArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .plannedLimits( \n BudgetPlannedLimitArgs.builder()\n .startTime(\"2017-07-01_00:00\")\n .amount(\"100\")\n .unit(\"USD\")\n .build(),\n BudgetPlannedLimitArgs.builder()\n .startTime(\"2017-08-01_00:00\")\n .amount(\"200\")\n .unit(\"USD\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n plannedLimits:\n - startTime: 2017-07-01_00:00\n amount: '100'\n unit: USD\n - startTime: 2017-08-01_00:00\n amount: '200'\n unit: USD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a budget for s3 with a limit of *3 GB* of storage.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst s3 = new aws.budgets.Budget(\"s3\", {\n budgetType: \"USAGE\",\n limitAmount: \"3\",\n limitUnit: \"GB\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ns3 = aws.budgets.Budget(\"s3\",\n budget_type=\"USAGE\",\n limit_amount=\"3\",\n limit_unit=\"GB\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var s3 = new Aws.Budgets.Budget(\"s3\", new()\n {\n BudgetType = \"USAGE\",\n LimitAmount = \"3\",\n LimitUnit = \"GB\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"s3\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"USAGE\"),\n\t\t\tLimitAmount: pulumi.String(\"3\"),\n\t\t\tLimitUnit: pulumi.String(\"GB\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var s3 = new Budget(\"s3\", BudgetArgs.builder()\n .budgetType(\"USAGE\")\n .limitAmount(\"3\")\n .limitUnit(\"GB\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n s3:\n type: aws:budgets:Budget\n properties:\n budgetType: USAGE\n limitAmount: '3'\n limitUnit: GB\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a Savings Plan Utilization Budget\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst savingsPlanUtilization = new aws.budgets.Budget(\"savings_plan_utilization\", {\n budgetType: \"SAVINGS_PLANS_UTILIZATION\",\n limitAmount: \"100.0\",\n limitUnit: \"PERCENTAGE\",\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsavings_plan_utilization = aws.budgets.Budget(\"savings_plan_utilization\",\n budget_type=\"SAVINGS_PLANS_UTILIZATION\",\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\",\n cost_types={\n \"include_credit\": False,\n \"include_discount\": False,\n \"include_other_subscription\": False,\n \"include_recurring\": False,\n \"include_refund\": False,\n \"include_subscription\": True,\n \"include_support\": False,\n \"include_tax\": False,\n \"include_upfront\": False,\n \"use_blended\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var savingsPlanUtilization = new Aws.Budgets.Budget(\"savings_plan_utilization\", new()\n {\n BudgetType = \"SAVINGS_PLANS_UTILIZATION\",\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"savings_plan_utilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"SAVINGS_PLANS_UTILIZATION\"),\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostTypesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var savingsPlanUtilization = new Budget(\"savingsPlanUtilization\", BudgetArgs.builder()\n .budgetType(\"SAVINGS_PLANS_UTILIZATION\")\n .limitAmount(\"100.0\")\n .limitUnit(\"PERCENTAGE\")\n .costTypes(BudgetCostTypesArgs.builder()\n .includeCredit(false)\n .includeDiscount(false)\n .includeOtherSubscription(false)\n .includeRecurring(false)\n .includeRefund(false)\n .includeSubscription(true)\n .includeSupport(false)\n .includeTax(false)\n .includeUpfront(false)\n .useBlended(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n savingsPlanUtilization:\n type: aws:budgets:Budget\n name: savings_plan_utilization\n properties:\n budgetType: SAVINGS_PLANS_UTILIZATION\n limitAmount: '100.0'\n limitUnit: PERCENTAGE\n costTypes:\n includeCredit: false\n includeDiscount: false\n includeOtherSubscription: false\n includeRecurring: false\n includeRefund: false\n includeSubscription: true\n includeSupport: false\n includeTax: false\n includeUpfront: false\n useBlended: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a RI Utilization Budget\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst riUtilization = new aws.budgets.Budget(\"ri_utilization\", {\n budgetType: \"RI_UTILIZATION\",\n limitAmount: \"100.0\",\n limitUnit: \"PERCENTAGE\",\n costTypes: {\n includeCredit: false,\n includeDiscount: false,\n includeOtherSubscription: false,\n includeRecurring: false,\n includeRefund: false,\n includeSubscription: true,\n includeSupport: false,\n includeTax: false,\n includeUpfront: false,\n useBlended: false,\n },\n costFilters: [{\n name: \"Service\",\n values: [\"Amazon Relational Database Service\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nri_utilization = aws.budgets.Budget(\"ri_utilization\",\n budget_type=\"RI_UTILIZATION\",\n limit_amount=\"100.0\",\n limit_unit=\"PERCENTAGE\",\n cost_types={\n \"include_credit\": False,\n \"include_discount\": False,\n \"include_other_subscription\": False,\n \"include_recurring\": False,\n \"include_refund\": False,\n \"include_subscription\": True,\n \"include_support\": False,\n \"include_tax\": False,\n \"include_upfront\": False,\n \"use_blended\": False,\n },\n cost_filters=[{\n \"name\": \"Service\",\n \"values\": [\"Amazon Relational Database Service\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var riUtilization = new Aws.Budgets.Budget(\"ri_utilization\", new()\n {\n BudgetType = \"RI_UTILIZATION\",\n LimitAmount = \"100.0\",\n LimitUnit = \"PERCENTAGE\",\n CostTypes = new Aws.Budgets.Inputs.BudgetCostTypesArgs\n {\n IncludeCredit = false,\n IncludeDiscount = false,\n IncludeOtherSubscription = false,\n IncludeRecurring = false,\n IncludeRefund = false,\n IncludeSubscription = true,\n IncludeSupport = false,\n IncludeTax = false,\n IncludeUpfront = false,\n UseBlended = false,\n },\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"Service\",\n Values = new[]\n {\n \"Amazon Relational Database Service\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"ri_utilization\", \u0026budgets.BudgetArgs{\n\t\t\tBudgetType: pulumi.String(\"RI_UTILIZATION\"),\n\t\t\tLimitAmount: pulumi.String(\"100.0\"),\n\t\t\tLimitUnit: pulumi.String(\"PERCENTAGE\"),\n\t\t\tCostTypes: \u0026budgets.BudgetCostTypesArgs{\n\t\t\t\tIncludeCredit: pulumi.Bool(false),\n\t\t\t\tIncludeDiscount: pulumi.Bool(false),\n\t\t\t\tIncludeOtherSubscription: pulumi.Bool(false),\n\t\t\t\tIncludeRecurring: pulumi.Bool(false),\n\t\t\t\tIncludeRefund: pulumi.Bool(false),\n\t\t\t\tIncludeSubscription: pulumi.Bool(true),\n\t\t\t\tIncludeSupport: pulumi.Bool(false),\n\t\t\t\tIncludeTax: pulumi.Bool(false),\n\t\t\t\tIncludeUpfront: pulumi.Bool(false),\n\t\t\t\tUseBlended: pulumi.Bool(false),\n\t\t\t},\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"Service\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Amazon Relational Database Service\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostTypesArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var riUtilization = new Budget(\"riUtilization\", BudgetArgs.builder()\n .budgetType(\"RI_UTILIZATION\")\n .limitAmount(\"100.0\")\n .limitUnit(\"PERCENTAGE\")\n .costTypes(BudgetCostTypesArgs.builder()\n .includeCredit(false)\n .includeDiscount(false)\n .includeOtherSubscription(false)\n .includeRecurring(false)\n .includeRefund(false)\n .includeSubscription(true)\n .includeSupport(false)\n .includeTax(false)\n .includeUpfront(false)\n .useBlended(false)\n .build())\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"Service\")\n .values(\"Amazon Relational Database Service\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n riUtilization:\n type: aws:budgets:Budget\n name: ri_utilization\n properties:\n budgetType: RI_UTILIZATION\n limitAmount: '100.0'\n limitUnit: PERCENTAGE\n costTypes:\n includeCredit: false\n includeDiscount: false\n includeOtherSubscription: false\n includeRecurring: false\n includeRefund: false\n includeSubscription: true\n includeSupport: false\n includeTax: false\n includeUpfront: false\n useBlended: false\n costFilters:\n - name: Service\n values:\n - Amazon Relational Database Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a cost filter using resource tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {costFilters: [{\n name: \"TagKeyValue\",\n values: [\n \"aws:createdBy$Pulumi\",\n \"user:business-unit$human_resources\",\n ],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", cost_filters=[{\n \"name\": \"TagKeyValue\",\n \"values\": [\n \"aws:createdBy$Pulumi\",\n \"user:business-unit$human_resources\",\n ],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"TagKeyValue\",\n Values = new[]\n {\n \"aws:createdBy$Pulumi\",\n \"user:business-unit$human_resources\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"TagKeyValue\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"aws:createdBy$Pulumi\"),\n\t\t\t\t\t\tpulumi.String(\"user:business-unit$human_resources\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"TagKeyValue\")\n .values( \n \"aws:createdBy$Pulumi\",\n \"user:business-unit$human_resources\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n costFilters:\n - name: TagKeyValue\n values:\n - aws:createdBy$Pulumi\n - user:business-unit$human_resources\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nCreate a cost filter using resource tags, obtaining the tag value from a variable\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst cost = new aws.budgets.Budget(\"cost\", {costFilters: [{\n name: \"TagKeyValue\",\n values: [`TagKey${\"$\"}${tagValue}`],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost = aws.budgets.Budget(\"cost\", cost_filters=[{\n \"name\": \"TagKeyValue\",\n \"values\": [f\"TagKey{'$'}{tag_value}\"],\n}])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var cost = new Aws.Budgets.Budget(\"cost\", new()\n {\n CostFilters = new[]\n {\n new Aws.Budgets.Inputs.BudgetCostFilterArgs\n {\n Name = \"TagKeyValue\",\n Values = new[]\n {\n $\"TagKey{\"$\"}{tagValue}\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/budgets\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := budgets.NewBudget(ctx, \"cost\", \u0026budgets.BudgetArgs{\n\t\t\tCostFilters: budgets.BudgetCostFilterArray{\n\t\t\t\t\u0026budgets.BudgetCostFilterArgs{\n\t\t\t\t\tName: pulumi.String(\"TagKeyValue\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.Sprintf(\"TagKey%v%v\", \"$\", tagValue),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.budgets.Budget;\nimport com.pulumi.aws.budgets.BudgetArgs;\nimport com.pulumi.aws.budgets.inputs.BudgetCostFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var cost = new Budget(\"cost\", BudgetArgs.builder()\n .costFilters(BudgetCostFilterArgs.builder()\n .name(\"TagKeyValue\")\n .values(String.format(\"TagKey%s%s\", \"$\",tagValue))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n cost:\n type: aws:budgets:Budget\n properties:\n costFilters:\n - name: TagKeyValue\n values:\n - TagKey$${tagValue}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import budgets using `AccountID:BudgetName`. For example:\n\n```sh\n$ pulumi import aws:budgets/budget:Budget myBudget 123456789012:myBudget\n```\n", "properties": { @@ -262601,7 +263586,7 @@ } }, "aws:dynamodb/table:Table": { - "description": "Provides a DynamoDB table resource.\n\n\u003e **Note:** It is recommended to use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) for \u003cspan pulumi-lang-nodejs=\"`readCapacity`\" pulumi-lang-dotnet=\"`ReadCapacity`\" pulumi-lang-go=\"`readCapacity`\" pulumi-lang-python=\"`read_capacity`\" pulumi-lang-yaml=\"`readCapacity`\" pulumi-lang-java=\"`readCapacity`\"\u003e`read_capacity`\u003c/span\u003e and/or \u003cspan pulumi-lang-nodejs=\"`writeCapacity`\" pulumi-lang-dotnet=\"`WriteCapacity`\" pulumi-lang-go=\"`writeCapacity`\" pulumi-lang-python=\"`write_capacity`\" pulumi-lang-yaml=\"`writeCapacity`\" pulumi-lang-java=\"`writeCapacity`\"\u003e`write_capacity`\u003c/span\u003e if there's `autoscaling policy` attached to the table.\n\n\u003e **Note:** When using\u003cspan pulumi-lang-nodejs=\" aws.dynamodb.TableReplica \" pulumi-lang-dotnet=\" aws.dynamodb.TableReplica \" pulumi-lang-go=\" dynamodb.TableReplica \" pulumi-lang-python=\" dynamodb.TableReplica \" pulumi-lang-yaml=\" aws.dynamodb.TableReplica \" pulumi-lang-java=\" aws.dynamodb.TableReplica \"\u003e aws.dynamodb.TableReplica \u003c/span\u003ewith this resource, use \u003cspan pulumi-lang-nodejs=\"`lifecycle`\" pulumi-lang-dotnet=\"`Lifecycle`\" pulumi-lang-go=\"`lifecycle`\" pulumi-lang-python=\"`lifecycle`\" pulumi-lang-yaml=\"`lifecycle`\" pulumi-lang-java=\"`lifecycle`\"\u003e`lifecycle`\u003c/span\u003e \u003cspan pulumi-lang-nodejs=\"`ignoreChanges`\" pulumi-lang-dotnet=\"`IgnoreChanges`\" pulumi-lang-go=\"`ignoreChanges`\" pulumi-lang-python=\"`ignore_changes`\" pulumi-lang-yaml=\"`ignoreChanges`\" pulumi-lang-java=\"`ignoreChanges`\"\u003e`ignore_changes`\u003c/span\u003e for \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e, _e.g._, `lifecycle {\u003cspan pulumi-lang-nodejs=\" ignoreChanges \" pulumi-lang-dotnet=\" IgnoreChanges \" pulumi-lang-go=\" ignoreChanges \" pulumi-lang-python=\" ignore_changes \" pulumi-lang-yaml=\" ignoreChanges \" pulumi-lang-java=\" ignoreChanges \"\u003e ignore_changes \u003c/span\u003e= [replica] }`.\n\n## DynamoDB Table attributes\n\nOnly define attributes on the table object that are going to be used as:\n\n* Table hash key or range key\n* LSI or GSI hash key or range key\n\nThe DynamoDB API expects attribute structure (name and type) to be passed along when creating or updating GSI/LSIs or creating the initial table. In these cases it expects the Hash / Range keys to be provided. Because these get re-used in numerous places (i.e the table's range key could be a part of one or more GSIs), they are stored on the table object to prevent duplication and increase consistency. If you add attributes here that are not used in these scenarios it can cause an infinite loop in planning.\n\n## Example Usage\n\n### Basic Example\n\nThe following dynamodb table description models the table and GSI shown in the [AWS SDK example documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst basic_dynamodb_table = new aws.dynamodb.Table(\"basic-dynamodb-table\", {\n name: \"GameScores\",\n billingMode: \"PROVISIONED\",\n readCapacity: 20,\n writeCapacity: 20,\n hashKey: \"UserId\",\n rangeKey: \"GameTitle\",\n attributes: [\n {\n name: \"UserId\",\n type: \"S\",\n },\n {\n name: \"GameTitle\",\n type: \"S\",\n },\n {\n name: \"TopScore\",\n type: \"N\",\n },\n ],\n ttl: {\n attributeName: \"TimeToExist\",\n enabled: true,\n },\n globalSecondaryIndexes: [{\n name: \"GameTitleIndex\",\n hashKey: \"GameTitle\",\n rangeKey: \"TopScore\",\n writeCapacity: 10,\n readCapacity: 10,\n projectionType: \"INCLUDE\",\n nonKeyAttributes: [\"UserId\"],\n }],\n tags: {\n Name: \"dynamodb-table-1\",\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbasic_dynamodb_table = aws.dynamodb.Table(\"basic-dynamodb-table\",\n name=\"GameScores\",\n billing_mode=\"PROVISIONED\",\n read_capacity=20,\n write_capacity=20,\n hash_key=\"UserId\",\n range_key=\"GameTitle\",\n attributes=[\n {\n \"name\": \"UserId\",\n \"type\": \"S\",\n },\n {\n \"name\": \"GameTitle\",\n \"type\": \"S\",\n },\n {\n \"name\": \"TopScore\",\n \"type\": \"N\",\n },\n ],\n ttl={\n \"attribute_name\": \"TimeToExist\",\n \"enabled\": True,\n },\n global_secondary_indexes=[{\n \"name\": \"GameTitleIndex\",\n \"hash_key\": \"GameTitle\",\n \"range_key\": \"TopScore\",\n \"write_capacity\": 10,\n \"read_capacity\": 10,\n \"projection_type\": \"INCLUDE\",\n \"non_key_attributes\": [\"UserId\"],\n }],\n tags={\n \"Name\": \"dynamodb-table-1\",\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic_dynamodb_table = new Aws.DynamoDB.Table(\"basic-dynamodb-table\", new()\n {\n Name = \"GameScores\",\n BillingMode = \"PROVISIONED\",\n ReadCapacity = 20,\n WriteCapacity = 20,\n HashKey = \"UserId\",\n RangeKey = \"GameTitle\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"GameTitle\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TopScore\",\n Type = \"N\",\n },\n },\n Ttl = new Aws.DynamoDB.Inputs.TableTtlArgs\n {\n AttributeName = \"TimeToExist\",\n Enabled = true,\n },\n GlobalSecondaryIndexes = new[]\n {\n new Aws.DynamoDB.Inputs.TableGlobalSecondaryIndexArgs\n {\n Name = \"GameTitleIndex\",\n HashKey = \"GameTitle\",\n RangeKey = \"TopScore\",\n WriteCapacity = 10,\n ReadCapacity = 10,\n ProjectionType = \"INCLUDE\",\n NonKeyAttributes = new[]\n {\n \"UserId\",\n },\n },\n },\n Tags = \n {\n { \"Name\", \"dynamodb-table-1\" },\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"basic-dynamodb-table\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"GameScores\"),\n\t\t\tBillingMode: pulumi.String(\"PROVISIONED\"),\n\t\t\tReadCapacity: pulumi.Int(20),\n\t\t\tWriteCapacity: pulumi.Int(20),\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tRangeKey: pulumi.String(\"GameTitle\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TopScore\"),\n\t\t\t\t\tType: pulumi.String(\"N\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTtl: \u0026dynamodb.TableTtlArgs{\n\t\t\t\tAttributeName: pulumi.String(\"TimeToExist\"),\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tGlobalSecondaryIndexes: dynamodb.TableGlobalSecondaryIndexArray{\n\t\t\t\t\u0026dynamodb.TableGlobalSecondaryIndexArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitleIndex\"),\n\t\t\t\t\tHashKey: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tRangeKey: pulumi.String(\"TopScore\"),\n\t\t\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\t\t\tProjectionType: pulumi.String(\"INCLUDE\"),\n\t\t\t\t\tNonKeyAttributes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"UserId\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"dynamodb-table-1\"),\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableTtlArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableGlobalSecondaryIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic_dynamodb_table = new Table(\"basic-dynamodb-table\", TableArgs.builder()\n .name(\"GameScores\")\n .billingMode(\"PROVISIONED\")\n .readCapacity(20)\n .writeCapacity(20)\n .hashKey(\"UserId\")\n .rangeKey(\"GameTitle\")\n .attributes( \n TableAttributeArgs.builder()\n .name(\"UserId\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"GameTitle\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"TopScore\")\n .type(\"N\")\n .build())\n .ttl(TableTtlArgs.builder()\n .attributeName(\"TimeToExist\")\n .enabled(true)\n .build())\n .globalSecondaryIndexes(TableGlobalSecondaryIndexArgs.builder()\n .name(\"GameTitleIndex\")\n .hashKey(\"GameTitle\")\n .rangeKey(\"TopScore\")\n .writeCapacity(10)\n .readCapacity(10)\n .projectionType(\"INCLUDE\")\n .nonKeyAttributes(\"UserId\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"dynamodb-table-1\"),\n Map.entry(\"Environment\", \"production\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basic-dynamodb-table:\n type: aws:dynamodb:Table\n properties:\n name: GameScores\n billingMode: PROVISIONED\n readCapacity: 20\n writeCapacity: 20\n hashKey: UserId\n rangeKey: GameTitle\n attributes:\n - name: UserId\n type: S\n - name: GameTitle\n type: S\n - name: TopScore\n type: N\n ttl:\n attributeName: TimeToExist\n enabled: true\n globalSecondaryIndexes:\n - name: GameTitleIndex\n hashKey: GameTitle\n rangeKey: TopScore\n writeCapacity: 10\n readCapacity: 10\n projectionType: INCLUDE\n nonKeyAttributes:\n - UserId\n tags:\n Name: dynamodb-table-1\n Environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Tables\n\nThis resource implements support for [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) via \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e configuration blocks. For working with [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html), see the \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-dotnet=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-go=\"`dynamodb.GlobalTable`\" pulumi-lang-python=\"`dynamodb.GlobalTable`\" pulumi-lang-yaml=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-java=\"`aws.dynamodb.GlobalTable`\"\u003e`aws.dynamodb.GlobalTable`\u003c/span\u003e resource.\n\n\u003e **Note:**\u003cspan pulumi-lang-nodejs=\" aws.dynamodb.TableReplica \" pulumi-lang-dotnet=\" aws.dynamodb.TableReplica \" pulumi-lang-go=\" dynamodb.TableReplica \" pulumi-lang-python=\" dynamodb.TableReplica \" pulumi-lang-yaml=\" aws.dynamodb.TableReplica \" pulumi-lang-java=\" aws.dynamodb.TableReplica \"\u003e aws.dynamodb.TableReplica \u003c/span\u003eis an alternate way of configuring Global Tables. Do not use \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e configuration blocks of \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.Table`\" pulumi-lang-dotnet=\"`aws.dynamodb.Table`\" pulumi-lang-go=\"`dynamodb.Table`\" pulumi-lang-python=\"`dynamodb.Table`\" pulumi-lang-yaml=\"`aws.dynamodb.Table`\" pulumi-lang-java=\"`aws.dynamodb.Table`\"\u003e`aws.dynamodb.Table`\u003c/span\u003e together with aws_dynamodb_table_replica.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: \"us-east-2\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": \"us-east-2\",\n },\n {\n \"region_name\": \"us-west-2\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .build(),\n TableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n - regionName: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Tables with Multi-Region Strong Consistency\n\nA global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read.\n\n**Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html).\n\nConsistency Mode (\u003cspan pulumi-lang-nodejs=\"`consistencyMode`\" pulumi-lang-dotnet=\"`ConsistencyMode`\" pulumi-lang-go=\"`consistencyMode`\" pulumi-lang-python=\"`consistency_mode`\" pulumi-lang-yaml=\"`consistencyMode`\" pulumi-lang-java=\"`consistencyMode`\"\u003e`consistency_mode`\u003c/span\u003e) is a new argument on the embedded \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e that allows you to configure consistency mode for Global Tables.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: \"us-east-2\",\n consistencyMode: \"STRONG\",\n },\n {\n regionName: \"us-west-2\",\n consistencyMode: \"STRONG\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": \"us-east-2\",\n \"consistency_mode\": \"STRONG\",\n },\n {\n \"region_name\": \"us-west-2\",\n \"consistency_mode\": \"STRONG\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n ConsistencyMode = \"STRONG\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n ConsistencyMode = \"STRONG\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t\tConsistencyMode: pulumi.String(\"STRONG\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t\tConsistencyMode: pulumi.String(\"STRONG\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .consistencyMode(\"STRONG\")\n .build(),\n TableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .consistencyMode(\"STRONG\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n consistencyMode: STRONG\n - regionName: us-west-2\n consistencyMode: STRONG\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Replica Tagging\n\nYou can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.Tag`\" pulumi-lang-dotnet=\"`aws.dynamodb.Tag`\" pulumi-lang-go=\"`dynamodb.Tag`\" pulumi-lang-python=\"`dynamodb.Tag`\" pulumi-lang-yaml=\"`aws.dynamodb.Tag`\" pulumi-lang-java=\"`aws.dynamodb.Tag`\"\u003e`aws.dynamodb.Tag`\u003c/span\u003e resource for the other.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst current = aws.getRegion({});\nconst alternate = aws.getRegion({});\nconst third = aws.getRegion({});\nconst example = new aws.dynamodb.Table(\"example\", {\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"TestTableHashKey\",\n name: \"example-13281\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: alternate.then(alternate =\u003e alternate.name),\n },\n {\n regionName: third.then(third =\u003e third.name),\n propagateTags: true,\n },\n ],\n tags: {\n Architect: \"Eleanor\",\n Zone: \"SW\",\n },\n});\nconst exampleTag = new aws.dynamodb.Tag(\"example\", {\n resourceArn: pulumi.all([example.arn, current, alternate]).apply(([arn, current, alternate]) =\u003e std.replaceOutput({\n text: arn,\n search: current.region,\n replace: alternate.name,\n })).apply(invoke =\u003e invoke.result),\n key: \"Architect\",\n value: \"Gigi\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ncurrent = aws.get_region()\nalternate = aws.get_region()\nthird = aws.get_region()\nexample = aws.dynamodb.Table(\"example\",\n billing_mode=\"PAY_PER_REQUEST\",\n hash_key=\"TestTableHashKey\",\n name=\"example-13281\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": alternate.name,\n },\n {\n \"region_name\": third.name,\n \"propagate_tags\": True,\n },\n ],\n tags={\n \"Architect\": \"Eleanor\",\n \"Zone\": \"SW\",\n })\nexample_tag = aws.dynamodb.Tag(\"example\",\n resource_arn=example.arn.apply(lambda arn: std.replace(text=arn,\n search=current.region,\n replace=alternate.name)).apply(lambda invoke: invoke.result),\n key=\"Architect\",\n value=\"Gigi\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var alternate = Aws.GetRegion.Invoke();\n\n var third = Aws.GetRegion.Invoke();\n\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n BillingMode = \"PAY_PER_REQUEST\",\n HashKey = \"TestTableHashKey\",\n Name = \"example-13281\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = third.Apply(getRegionResult =\u003e getRegionResult.Name),\n PropagateTags = true,\n },\n },\n Tags = \n {\n { \"Architect\", \"Eleanor\" },\n { \"Zone\", \"SW\" },\n },\n });\n\n var exampleTag = new Aws.DynamoDB.Tag(\"example\", new()\n {\n ResourceArn = Output.Tuple(example.Arn, current, alternate).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n var alternate = values.Item3;\n return Std.Replace.Invoke(new()\n {\n Text = arn,\n Search = current.Apply(getRegionResult =\u003e getRegionResult.Region),\n Replace = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n }).Apply(invoke =\u003e invoke.Result),\n Key = \"Architect\",\n Value = \"Gigi\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncurrent, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nalternate, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nthird, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nexample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\nBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\nHashKey: pulumi.String(\"TestTableHashKey\"),\nName: pulumi.String(\"example-13281\"),\nStreamEnabled: pulumi.Bool(true),\nStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\nAttributes: dynamodb.TableAttributeArray{\n\u0026dynamodb.TableAttributeArgs{\nName: pulumi.String(\"TestTableHashKey\"),\nType: pulumi.String(\"S\"),\n},\n},\nReplicas: dynamodb.TableReplicaTypeArray{\n\u0026dynamodb.TableReplicaTypeArgs{\nRegionName: pulumi.String(alternate.Name),\n},\n\u0026dynamodb.TableReplicaTypeArgs{\nRegionName: pulumi.String(third.Name),\nPropagateTags: pulumi.Bool(true),\n},\n},\nTags: pulumi.StringMap{\n\"Architect\": pulumi.String(\"Eleanor\"),\n\"Zone\": pulumi.String(\"SW\"),\n},\n})\nif err != nil {\nreturn err\n}\ninvokeReplace, err := std.Replace(ctx, \u0026std.ReplaceArgs{\nText: arn,\nSearch: current.Region,\nReplace: alternate.Name,\n}, nil)\nif err != nil {\nreturn err\n}\n_, err = dynamodb.NewTag(ctx, \"example\", \u0026dynamodb.TagArgs{\nResourceArn: pulumi.String(example.Arn.ApplyT(func(arn string) (std.ReplaceResult, error) {\n%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference)).(std.ReplaceResultOutput).ApplyT(func(invoke std.ReplaceResult) (*string, error) {\nreturn invoke.Result, nil\n}).(pulumi.StringPtrOutput)),\nKey: pulumi.String(\"Architect\"),\nValue: pulumi.String(\"Gigi\"),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport com.pulumi.aws.dynamodb.Tag;\nimport com.pulumi.aws.dynamodb.TagArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.ReplaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n final var alternate = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n final var third = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n var example = new Table(\"example\", TableArgs.builder()\n .billingMode(\"PAY_PER_REQUEST\")\n .hashKey(\"TestTableHashKey\")\n .name(\"example-13281\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(alternate.name())\n .build(),\n TableReplicaArgs.builder()\n .regionName(third.name())\n .propagateTags(true)\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Architect\", \"Eleanor\"),\n Map.entry(\"Zone\", \"SW\")\n ))\n .build());\n\n var exampleTag = new Tag(\"exampleTag\", TagArgs.builder()\n .resourceArn(example.arn().applyValue(_arn -\u003e StdFunctions.replace(ReplaceArgs.builder()\n .text(_arn)\n .search(current.region())\n .replace(alternate.name())\n .build())).applyValue(_invoke -\u003e _invoke.result()))\n .key(\"Architect\")\n .value(\"Gigi\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n billingMode: PAY_PER_REQUEST\n hashKey: TestTableHashKey\n name: example-13281\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: ${alternate.name}\n - regionName: ${third.name}\n propagateTags: true\n tags:\n Architect: Eleanor\n Zone: SW\n exampleTag:\n type: aws:dynamodb:Tag\n name: example\n properties:\n resourceArn:\n fn::invoke:\n function: std:replace\n arguments:\n text: ${example.arn}\n search: ${current.region}\n replace: ${alternate.name}\n return: result\n key: Architect\n value: Gigi\nvariables:\n current:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n alternate:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n third:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB tables using the `name`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/table:Table basic-dynamodb-table GameScores\n```\n", + "description": "Provides a DynamoDB table resource.\n\n\u003e **Note:** It is recommended to use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) for \u003cspan pulumi-lang-nodejs=\"`readCapacity`\" pulumi-lang-dotnet=\"`ReadCapacity`\" pulumi-lang-go=\"`readCapacity`\" pulumi-lang-python=\"`read_capacity`\" pulumi-lang-yaml=\"`readCapacity`\" pulumi-lang-java=\"`readCapacity`\"\u003e`read_capacity`\u003c/span\u003e and/or \u003cspan pulumi-lang-nodejs=\"`writeCapacity`\" pulumi-lang-dotnet=\"`WriteCapacity`\" pulumi-lang-go=\"`writeCapacity`\" pulumi-lang-python=\"`write_capacity`\" pulumi-lang-yaml=\"`writeCapacity`\" pulumi-lang-java=\"`writeCapacity`\"\u003e`write_capacity`\u003c/span\u003e if there's `autoscaling policy` attached to the table.\n\n\u003e **Note:** When using\u003cspan pulumi-lang-nodejs=\" aws.dynamodb.TableReplica \" pulumi-lang-dotnet=\" aws.dynamodb.TableReplica \" pulumi-lang-go=\" dynamodb.TableReplica \" pulumi-lang-python=\" dynamodb.TableReplica \" pulumi-lang-yaml=\" aws.dynamodb.TableReplica \" pulumi-lang-java=\" aws.dynamodb.TableReplica \"\u003e aws.dynamodb.TableReplica \u003c/span\u003ewith this resource, use \u003cspan pulumi-lang-nodejs=\"`lifecycle`\" pulumi-lang-dotnet=\"`Lifecycle`\" pulumi-lang-go=\"`lifecycle`\" pulumi-lang-python=\"`lifecycle`\" pulumi-lang-yaml=\"`lifecycle`\" pulumi-lang-java=\"`lifecycle`\"\u003e`lifecycle`\u003c/span\u003e \u003cspan pulumi-lang-nodejs=\"`ignoreChanges`\" pulumi-lang-dotnet=\"`IgnoreChanges`\" pulumi-lang-go=\"`ignoreChanges`\" pulumi-lang-python=\"`ignore_changes`\" pulumi-lang-yaml=\"`ignoreChanges`\" pulumi-lang-java=\"`ignoreChanges`\"\u003e`ignore_changes`\u003c/span\u003e for \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e, _e.g._, `lifecycle {\u003cspan pulumi-lang-nodejs=\" ignoreChanges \" pulumi-lang-dotnet=\" IgnoreChanges \" pulumi-lang-go=\" ignoreChanges \" pulumi-lang-python=\" ignore_changes \" pulumi-lang-yaml=\" ignoreChanges \" pulumi-lang-java=\" ignoreChanges \"\u003e ignore_changes \u003c/span\u003e= [replica] }`.\n\n## DynamoDB Table attributes\n\nOnly define attributes on the table object that are going to be used as:\n\n* Table hash key or range key\n* LSI or GSI hash key or range key\n\nThe DynamoDB API expects attribute structure (name and type) to be passed along when creating or updating GSI/LSIs or creating the initial table. In these cases it expects the Hash / Range keys to be provided. Because these get re-used in numerous places (i.e the table's range key could be a part of one or more GSIs), they are stored on the table object to prevent duplication and increase consistency. If you add attributes here that are not used in these scenarios it can cause an infinite loop in planning.\n\n## Example Usage\n\n### Basic Example\n\nThe following dynamodb table description models the table and GSI shown in the [AWS SDK example documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst basic_dynamodb_table = new aws.dynamodb.Table(\"basic-dynamodb-table\", {\n name: \"GameScores\",\n billingMode: \"PROVISIONED\",\n readCapacity: 20,\n writeCapacity: 20,\n hashKey: \"UserId\",\n rangeKey: \"GameTitle\",\n attributes: [\n {\n name: \"UserId\",\n type: \"S\",\n },\n {\n name: \"GameTitle\",\n type: \"S\",\n },\n {\n name: \"TopScore\",\n type: \"N\",\n },\n ],\n ttl: {\n attributeName: \"TimeToExist\",\n enabled: true,\n },\n globalSecondaryIndexes: [{\n name: \"GameTitleIndex\",\n hashKey: \"GameTitle\",\n rangeKey: \"TopScore\",\n writeCapacity: 10,\n readCapacity: 10,\n projectionType: \"INCLUDE\",\n nonKeyAttributes: [\"UserId\"],\n }],\n tags: {\n Name: \"dynamodb-table-1\",\n Environment: \"production\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbasic_dynamodb_table = aws.dynamodb.Table(\"basic-dynamodb-table\",\n name=\"GameScores\",\n billing_mode=\"PROVISIONED\",\n read_capacity=20,\n write_capacity=20,\n hash_key=\"UserId\",\n range_key=\"GameTitle\",\n attributes=[\n {\n \"name\": \"UserId\",\n \"type\": \"S\",\n },\n {\n \"name\": \"GameTitle\",\n \"type\": \"S\",\n },\n {\n \"name\": \"TopScore\",\n \"type\": \"N\",\n },\n ],\n ttl={\n \"attribute_name\": \"TimeToExist\",\n \"enabled\": True,\n },\n global_secondary_indexes=[{\n \"name\": \"GameTitleIndex\",\n \"hash_key\": \"GameTitle\",\n \"range_key\": \"TopScore\",\n \"write_capacity\": 10,\n \"read_capacity\": 10,\n \"projection_type\": \"INCLUDE\",\n \"non_key_attributes\": [\"UserId\"],\n }],\n tags={\n \"Name\": \"dynamodb-table-1\",\n \"Environment\": \"production\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic_dynamodb_table = new Aws.DynamoDB.Table(\"basic-dynamodb-table\", new()\n {\n Name = \"GameScores\",\n BillingMode = \"PROVISIONED\",\n ReadCapacity = 20,\n WriteCapacity = 20,\n HashKey = \"UserId\",\n RangeKey = \"GameTitle\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"UserId\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"GameTitle\",\n Type = \"S\",\n },\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TopScore\",\n Type = \"N\",\n },\n },\n Ttl = new Aws.DynamoDB.Inputs.TableTtlArgs\n {\n AttributeName = \"TimeToExist\",\n Enabled = true,\n },\n GlobalSecondaryIndexes = new[]\n {\n new Aws.DynamoDB.Inputs.TableGlobalSecondaryIndexArgs\n {\n Name = \"GameTitleIndex\",\n HashKey = \"GameTitle\",\n RangeKey = \"TopScore\",\n WriteCapacity = 10,\n ReadCapacity = 10,\n ProjectionType = \"INCLUDE\",\n NonKeyAttributes = new[]\n {\n \"UserId\",\n },\n },\n },\n Tags = \n {\n { \"Name\", \"dynamodb-table-1\" },\n { \"Environment\", \"production\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"basic-dynamodb-table\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"GameScores\"),\n\t\t\tBillingMode: pulumi.String(\"PROVISIONED\"),\n\t\t\tReadCapacity: pulumi.Int(20),\n\t\t\tWriteCapacity: pulumi.Int(20),\n\t\t\tHashKey: pulumi.String(\"UserId\"),\n\t\t\tRangeKey: pulumi.String(\"GameTitle\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"UserId\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TopScore\"),\n\t\t\t\t\tType: pulumi.String(\"N\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTtl: \u0026dynamodb.TableTtlArgs{\n\t\t\t\tAttributeName: pulumi.String(\"TimeToExist\"),\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tGlobalSecondaryIndexes: dynamodb.TableGlobalSecondaryIndexArray{\n\t\t\t\t\u0026dynamodb.TableGlobalSecondaryIndexArgs{\n\t\t\t\t\tName: pulumi.String(\"GameTitleIndex\"),\n\t\t\t\t\tHashKey: pulumi.String(\"GameTitle\"),\n\t\t\t\t\tRangeKey: pulumi.String(\"TopScore\"),\n\t\t\t\t\tWriteCapacity: pulumi.Int(10),\n\t\t\t\t\tReadCapacity: pulumi.Int(10),\n\t\t\t\t\tProjectionType: pulumi.String(\"INCLUDE\"),\n\t\t\t\t\tNonKeyAttributes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"UserId\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"dynamodb-table-1\"),\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableTtlArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableGlobalSecondaryIndexArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic_dynamodb_table = new Table(\"basic-dynamodb-table\", TableArgs.builder()\n .name(\"GameScores\")\n .billingMode(\"PROVISIONED\")\n .readCapacity(20)\n .writeCapacity(20)\n .hashKey(\"UserId\")\n .rangeKey(\"GameTitle\")\n .attributes( \n TableAttributeArgs.builder()\n .name(\"UserId\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"GameTitle\")\n .type(\"S\")\n .build(),\n TableAttributeArgs.builder()\n .name(\"TopScore\")\n .type(\"N\")\n .build())\n .ttl(TableTtlArgs.builder()\n .attributeName(\"TimeToExist\")\n .enabled(true)\n .build())\n .globalSecondaryIndexes(TableGlobalSecondaryIndexArgs.builder()\n .name(\"GameTitleIndex\")\n .hashKey(\"GameTitle\")\n .rangeKey(\"TopScore\")\n .writeCapacity(10)\n .readCapacity(10)\n .projectionType(\"INCLUDE\")\n .nonKeyAttributes(\"UserId\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"dynamodb-table-1\"),\n Map.entry(\"Environment\", \"production\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basic-dynamodb-table:\n type: aws:dynamodb:Table\n properties:\n name: GameScores\n billingMode: PROVISIONED\n readCapacity: 20\n writeCapacity: 20\n hashKey: UserId\n rangeKey: GameTitle\n attributes:\n - name: UserId\n type: S\n - name: GameTitle\n type: S\n - name: TopScore\n type: N\n ttl:\n attributeName: TimeToExist\n enabled: true\n globalSecondaryIndexes:\n - name: GameTitleIndex\n hashKey: GameTitle\n rangeKey: TopScore\n writeCapacity: 10\n readCapacity: 10\n projectionType: INCLUDE\n nonKeyAttributes:\n - UserId\n tags:\n Name: dynamodb-table-1\n Environment: production\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Tables\n\nThis resource implements support for [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html) via \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e configuration blocks. For working with [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html), see the \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-dotnet=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-go=\"`dynamodb.GlobalTable`\" pulumi-lang-python=\"`dynamodb.GlobalTable`\" pulumi-lang-yaml=\"`aws.dynamodb.GlobalTable`\" pulumi-lang-java=\"`aws.dynamodb.GlobalTable`\"\u003e`aws.dynamodb.GlobalTable`\u003c/span\u003e resource.\n\n\u003e **Note:**\u003cspan pulumi-lang-nodejs=\" aws.dynamodb.TableReplica \" pulumi-lang-dotnet=\" aws.dynamodb.TableReplica \" pulumi-lang-go=\" dynamodb.TableReplica \" pulumi-lang-python=\" dynamodb.TableReplica \" pulumi-lang-yaml=\" aws.dynamodb.TableReplica \" pulumi-lang-java=\" aws.dynamodb.TableReplica \"\u003e aws.dynamodb.TableReplica \u003c/span\u003eis an alternate way of configuring Global Tables. Do not use \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e configuration blocks of \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.Table`\" pulumi-lang-dotnet=\"`aws.dynamodb.Table`\" pulumi-lang-go=\"`dynamodb.Table`\" pulumi-lang-python=\"`dynamodb.Table`\" pulumi-lang-yaml=\"`aws.dynamodb.Table`\" pulumi-lang-java=\"`aws.dynamodb.Table`\"\u003e`aws.dynamodb.Table`\u003c/span\u003e together with aws_dynamodb_table_replica.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: \"us-east-2\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": \"us-east-2\",\n },\n {\n \"region_name\": \"us-west-2\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .build(),\n TableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n - regionName: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Global Tables with Multi-Region Strong Consistency\n\nA global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read.\n\nYou can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas.\n\n**Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html).\n\nConsistency Mode (\u003cspan pulumi-lang-nodejs=\"`consistencyMode`\" pulumi-lang-dotnet=\"`ConsistencyMode`\" pulumi-lang-go=\"`consistencyMode`\" pulumi-lang-python=\"`consistency_mode`\" pulumi-lang-yaml=\"`consistencyMode`\" pulumi-lang-java=\"`consistencyMode`\"\u003e`consistency_mode`\u003c/span\u003e) on the embedded \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e allows you to configure consistency mode for Global Tables.\n\n##### Consistency mode with 3 Replicas\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: \"us-east-2\",\n consistencyMode: \"STRONG\",\n },\n {\n regionName: \"us-west-2\",\n consistencyMode: \"STRONG\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": \"us-east-2\",\n \"consistency_mode\": \"STRONG\",\n },\n {\n \"region_name\": \"us-west-2\",\n \"consistency_mode\": \"STRONG\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n ConsistencyMode = \"STRONG\",\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-west-2\",\n ConsistencyMode = \"STRONG\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t\tConsistencyMode: pulumi.String(\"STRONG\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t\tConsistencyMode: pulumi.String(\"STRONG\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .consistencyMode(\"STRONG\")\n .build(),\n TableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .consistencyMode(\"STRONG\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n consistencyMode: STRONG\n - regionName: us-west-2\n consistencyMode: STRONG\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n##### Consistency Mode with 2 Replicas and Witness Region\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dynamodb.Table(\"example\", {\n name: \"example\",\n hashKey: \"TestTableHashKey\",\n billingMode: \"PAY_PER_REQUEST\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [{\n regionName: \"us-east-2\",\n consistencyMode: \"STRONG\",\n }],\n globalTableWitness: {\n regionName: \"us-west-2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dynamodb.Table(\"example\",\n name=\"example\",\n hash_key=\"TestTableHashKey\",\n billing_mode=\"PAY_PER_REQUEST\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[{\n \"region_name\": \"us-east-2\",\n \"consistency_mode\": \"STRONG\",\n }],\n global_table_witness={\n \"region_name\": \"us-west-2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n Name = \"example\",\n HashKey = \"TestTableHashKey\",\n BillingMode = \"PAY_PER_REQUEST\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = \"us-east-2\",\n ConsistencyMode = \"STRONG\",\n },\n },\n GlobalTableWitness = new Aws.DynamoDB.Inputs.TableGlobalTableWitnessArgs\n {\n RegionName = \"us-west-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tHashKey: pulumi.String(\"TestTableHashKey\"),\n\t\t\tBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"TestTableHashKey\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tReplicas: dynamodb.TableReplicaTypeArray{\n\t\t\t\t\u0026dynamodb.TableReplicaTypeArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-2\"),\n\t\t\t\t\tConsistencyMode: pulumi.String(\"STRONG\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tGlobalTableWitness: \u0026dynamodb.TableGlobalTableWitnessArgs{\n\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableGlobalTableWitnessArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Table(\"example\", TableArgs.builder()\n .name(\"example\")\n .hashKey(\"TestTableHashKey\")\n .billingMode(\"PAY_PER_REQUEST\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas(TableReplicaArgs.builder()\n .regionName(\"us-east-2\")\n .consistencyMode(\"STRONG\")\n .build())\n .globalTableWitness(TableGlobalTableWitnessArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n name: example\n hashKey: TestTableHashKey\n billingMode: PAY_PER_REQUEST\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: us-east-2\n consistencyMode: STRONG\n globalTableWitness:\n regionName: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Replica Tagging\n\nYou can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the \u003cspan pulumi-lang-nodejs=\"`aws.dynamodb.Tag`\" pulumi-lang-dotnet=\"`aws.dynamodb.Tag`\" pulumi-lang-go=\"`dynamodb.Tag`\" pulumi-lang-python=\"`dynamodb.Tag`\" pulumi-lang-yaml=\"`aws.dynamodb.Tag`\" pulumi-lang-java=\"`aws.dynamodb.Tag`\"\u003e`aws.dynamodb.Tag`\u003c/span\u003e resource for the other.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst current = aws.getRegion({});\nconst alternate = aws.getRegion({});\nconst third = aws.getRegion({});\nconst example = new aws.dynamodb.Table(\"example\", {\n billingMode: \"PAY_PER_REQUEST\",\n hashKey: \"TestTableHashKey\",\n name: \"example-13281\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n attributes: [{\n name: \"TestTableHashKey\",\n type: \"S\",\n }],\n replicas: [\n {\n regionName: alternate.then(alternate =\u003e alternate.name),\n },\n {\n regionName: third.then(third =\u003e third.name),\n propagateTags: true,\n },\n ],\n tags: {\n Architect: \"Eleanor\",\n Zone: \"SW\",\n },\n});\nconst exampleTag = new aws.dynamodb.Tag(\"example\", {\n resourceArn: pulumi.all([example.arn, current, alternate]).apply(([arn, current, alternate]) =\u003e std.replaceOutput({\n text: arn,\n search: current.region,\n replace: alternate.name,\n })).apply(invoke =\u003e invoke.result),\n key: \"Architect\",\n value: \"Gigi\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ncurrent = aws.get_region()\nalternate = aws.get_region()\nthird = aws.get_region()\nexample = aws.dynamodb.Table(\"example\",\n billing_mode=\"PAY_PER_REQUEST\",\n hash_key=\"TestTableHashKey\",\n name=\"example-13281\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n attributes=[{\n \"name\": \"TestTableHashKey\",\n \"type\": \"S\",\n }],\n replicas=[\n {\n \"region_name\": alternate.name,\n },\n {\n \"region_name\": third.name,\n \"propagate_tags\": True,\n },\n ],\n tags={\n \"Architect\": \"Eleanor\",\n \"Zone\": \"SW\",\n })\nexample_tag = aws.dynamodb.Tag(\"example\",\n resource_arn=example.arn.apply(lambda arn: std.replace(text=arn,\n search=current.region,\n replace=alternate.name)).apply(lambda invoke: invoke.result),\n key=\"Architect\",\n value=\"Gigi\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var alternate = Aws.GetRegion.Invoke();\n\n var third = Aws.GetRegion.Invoke();\n\n var example = new Aws.DynamoDB.Table(\"example\", new()\n {\n BillingMode = \"PAY_PER_REQUEST\",\n HashKey = \"TestTableHashKey\",\n Name = \"example-13281\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"TestTableHashKey\",\n Type = \"S\",\n },\n },\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n new Aws.DynamoDB.Inputs.TableReplicaArgs\n {\n RegionName = third.Apply(getRegionResult =\u003e getRegionResult.Name),\n PropagateTags = true,\n },\n },\n Tags = \n {\n { \"Architect\", \"Eleanor\" },\n { \"Zone\", \"SW\" },\n },\n });\n\n var exampleTag = new Aws.DynamoDB.Tag(\"example\", new()\n {\n ResourceArn = Output.Tuple(example.Arn, current, alternate).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n var alternate = values.Item3;\n return Std.Replace.Invoke(new()\n {\n Text = arn,\n Search = current.Apply(getRegionResult =\u003e getRegionResult.Region),\n Replace = alternate.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n }).Apply(invoke =\u003e invoke.Result),\n Key = \"Architect\",\n Value = \"Gigi\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncurrent, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nalternate, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nthird, err := aws.GetRegion(ctx, \u0026aws.GetRegionArgs{\n}, nil);\nif err != nil {\nreturn err\n}\nexample, err := dynamodb.NewTable(ctx, \"example\", \u0026dynamodb.TableArgs{\nBillingMode: pulumi.String(\"PAY_PER_REQUEST\"),\nHashKey: pulumi.String(\"TestTableHashKey\"),\nName: pulumi.String(\"example-13281\"),\nStreamEnabled: pulumi.Bool(true),\nStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\nAttributes: dynamodb.TableAttributeArray{\n\u0026dynamodb.TableAttributeArgs{\nName: pulumi.String(\"TestTableHashKey\"),\nType: pulumi.String(\"S\"),\n},\n},\nReplicas: dynamodb.TableReplicaTypeArray{\n\u0026dynamodb.TableReplicaTypeArgs{\nRegionName: pulumi.String(alternate.Name),\n},\n\u0026dynamodb.TableReplicaTypeArgs{\nRegionName: pulumi.String(third.Name),\nPropagateTags: pulumi.Bool(true),\n},\n},\nTags: pulumi.StringMap{\n\"Architect\": pulumi.String(\"Eleanor\"),\n\"Zone\": pulumi.String(\"SW\"),\n},\n})\nif err != nil {\nreturn err\n}\ninvokeReplace, err := std.Replace(ctx, \u0026std.ReplaceArgs{\nText: arn,\nSearch: current.Region,\nReplace: alternate.Name,\n}, nil)\nif err != nil {\nreturn err\n}\n_, err = dynamodb.NewTag(ctx, \"example\", \u0026dynamodb.TagArgs{\nResourceArn: pulumi.String(example.Arn.ApplyT(func(arn string) (std.ReplaceResult, error) {\n%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference)).(std.ReplaceResultOutput).ApplyT(func(invoke std.ReplaceResult) (*string, error) {\nreturn invoke.Result, nil\n}).(pulumi.StringPtrOutput)),\nKey: pulumi.String(\"Architect\"),\nValue: pulumi.String(\"Gigi\"),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;\nimport com.pulumi.aws.dynamodb.Tag;\nimport com.pulumi.aws.dynamodb.TagArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.ReplaceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n final var alternate = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n final var third = AwsFunctions.getRegion(GetRegionArgs.builder()\n .build());\n\n var example = new Table(\"example\", TableArgs.builder()\n .billingMode(\"PAY_PER_REQUEST\")\n .hashKey(\"TestTableHashKey\")\n .name(\"example-13281\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .attributes(TableAttributeArgs.builder()\n .name(\"TestTableHashKey\")\n .type(\"S\")\n .build())\n .replicas( \n TableReplicaArgs.builder()\n .regionName(alternate.name())\n .build(),\n TableReplicaArgs.builder()\n .regionName(third.name())\n .propagateTags(true)\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"Architect\", \"Eleanor\"),\n Map.entry(\"Zone\", \"SW\")\n ))\n .build());\n\n var exampleTag = new Tag(\"exampleTag\", TagArgs.builder()\n .resourceArn(example.arn().applyValue(_arn -\u003e StdFunctions.replace(ReplaceArgs.builder()\n .text(_arn)\n .search(current.region())\n .replace(alternate.name())\n .build())).applyValue(_invoke -\u003e _invoke.result()))\n .key(\"Architect\")\n .value(\"Gigi\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dynamodb:Table\n properties:\n billingMode: PAY_PER_REQUEST\n hashKey: TestTableHashKey\n name: example-13281\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n attributes:\n - name: TestTableHashKey\n type: S\n replicas:\n - regionName: ${alternate.name}\n - regionName: ${third.name}\n propagateTags: true\n tags:\n Architect: Eleanor\n Zone: SW\n exampleTag:\n type: aws:dynamodb:Tag\n name: example\n properties:\n resourceArn:\n fn::invoke:\n function: std:replace\n arguments:\n text: ${example.arn}\n search: ${current.region}\n replace: ${alternate.name}\n return: result\n key: Architect\n value: Gigi\nvariables:\n current:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n alternate:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n third:\n fn::invoke:\n function: aws:getRegion\n arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB tables using the `name`. For example:\n\n```sh\n$ pulumi import aws:dynamodb/table:Table basic-dynamodb-table GameScores\n```\n", "properties": { "arn": { "type": "string", @@ -262629,6 +263614,10 @@ }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, + "globalTableWitness": { + "$ref": "#/types/aws:dynamodb/TableGlobalTableWitness:TableGlobalTableWitness", + "description": "Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e with \u003cspan pulumi-lang-nodejs=\"`consistencyMode`\" pulumi-lang-dotnet=\"`ConsistencyMode`\" pulumi-lang-go=\"`consistencyMode`\" pulumi-lang-python=\"`consistency_mode`\" pulumi-lang-yaml=\"`consistencyMode`\" pulumi-lang-java=\"`consistencyMode`\"\u003e`consistency_mode`\u003c/span\u003e set to `STRONG`. Other combinations will fail to provision. See below.\n" + }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an \u003cspan pulumi-lang-nodejs=\"`attribute`\" pulumi-lang-dotnet=\"`Attribute`\" pulumi-lang-go=\"`attribute`\" pulumi-lang-python=\"`attribute`\" pulumi-lang-yaml=\"`attribute`\" pulumi-lang-java=\"`attribute`\"\u003e`attribute`\u003c/span\u003e. See below.\n" @@ -262745,6 +263734,7 @@ "required": [ "arn", "attributes", + "globalTableWitness", "hashKey", "name", "pointInTimeRecovery", @@ -262782,6 +263772,10 @@ }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, + "globalTableWitness": { + "$ref": "#/types/aws:dynamodb/TableGlobalTableWitness:TableGlobalTableWitness", + "description": "Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e with \u003cspan pulumi-lang-nodejs=\"`consistencyMode`\" pulumi-lang-dotnet=\"`ConsistencyMode`\" pulumi-lang-go=\"`consistencyMode`\" pulumi-lang-python=\"`consistency_mode`\" pulumi-lang-yaml=\"`consistencyMode`\" pulumi-lang-java=\"`consistencyMode`\"\u003e`consistency_mode`\u003c/span\u003e set to `STRONG`. Other combinations will fail to provision. See below.\n" + }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an \u003cspan pulumi-lang-nodejs=\"`attribute`\" pulumi-lang-dotnet=\"`Attribute`\" pulumi-lang-go=\"`attribute`\" pulumi-lang-python=\"`attribute`\" pulumi-lang-yaml=\"`attribute`\" pulumi-lang-java=\"`attribute`\"\u003e`attribute`\u003c/span\u003e. See below.\n", @@ -262915,6 +263909,10 @@ }, "description": "Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.\n" }, + "globalTableWitness": { + "$ref": "#/types/aws:dynamodb/TableGlobalTableWitness:TableGlobalTableWitness", + "description": "Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single \u003cspan pulumi-lang-nodejs=\"`replica`\" pulumi-lang-dotnet=\"`Replica`\" pulumi-lang-go=\"`replica`\" pulumi-lang-python=\"`replica`\" pulumi-lang-yaml=\"`replica`\" pulumi-lang-java=\"`replica`\"\u003e`replica`\u003c/span\u003e with \u003cspan pulumi-lang-nodejs=\"`consistencyMode`\" pulumi-lang-dotnet=\"`ConsistencyMode`\" pulumi-lang-go=\"`consistencyMode`\" pulumi-lang-python=\"`consistency_mode`\" pulumi-lang-yaml=\"`consistencyMode`\" pulumi-lang-java=\"`consistencyMode`\"\u003e`consistency_mode`\u003c/span\u003e set to `STRONG`. Other combinations will fail to provision. See below.\n" + }, "hashKey": { "type": "string", "description": "Attribute to use as the hash (partition) key. Must also be defined as an \u003cspan pulumi-lang-nodejs=\"`attribute`\" pulumi-lang-dotnet=\"`Attribute`\" pulumi-lang-go=\"`attribute`\" pulumi-lang-python=\"`attribute`\" pulumi-lang-yaml=\"`attribute`\" pulumi-lang-java=\"`attribute`\"\u003e`attribute`\u003c/span\u003e. See below.\n", @@ -282294,6 +283292,10 @@ "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, + "tunnelBandwidth": { + "type": "string", + "description": "Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. \u003cspan pulumi-lang-nodejs=\"`standard`\" pulumi-lang-dotnet=\"`Standard`\" pulumi-lang-go=\"`standard`\" pulumi-lang-python=\"`standard`\" pulumi-lang-yaml=\"`standard`\" pulumi-lang-java=\"`standard`\"\u003e`standard`\u003c/span\u003e supports up to 1.25 Gbps per tunnel, while \u003cspan pulumi-lang-nodejs=\"`large`\" pulumi-lang-dotnet=\"`Large`\" pulumi-lang-go=\"`large`\" pulumi-lang-python=\"`large`\" pulumi-lang-yaml=\"`large`\" pulumi-lang-java=\"`large`\"\u003e`large`\u003c/span\u003e supports up to 5 Gbps per tunnel. Not supported when \u003cspan pulumi-lang-nodejs=\"`vpnGatewayId`\" pulumi-lang-dotnet=\"`VpnGatewayId`\" pulumi-lang-go=\"`vpnGatewayId`\" pulumi-lang-python=\"`vpn_gateway_id`\" pulumi-lang-yaml=\"`vpnGatewayId`\" pulumi-lang-java=\"`vpnGatewayId`\"\u003e`vpn_gateway_id`\u003c/span\u003e is specified, or \u003cspan pulumi-lang-nodejs=\"`enableAcceleration`\" pulumi-lang-dotnet=\"`EnableAcceleration`\" pulumi-lang-go=\"`enableAcceleration`\" pulumi-lang-python=\"`enable_acceleration`\" pulumi-lang-yaml=\"`enableAcceleration`\" pulumi-lang-java=\"`enableAcceleration`\"\u003e`enable_acceleration`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n" + }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. \u003cspan pulumi-lang-nodejs=\"`ipv6`\" pulumi-lang-dotnet=\"`Ipv6`\" pulumi-lang-go=\"`ipv6`\" pulumi-lang-python=\"`ipv6`\" pulumi-lang-yaml=\"`ipv6`\" pulumi-lang-java=\"`ipv6`\"\u003e`ipv6`\u003c/span\u003e Supports only EC2 Transit Gateway.\n" @@ -282351,6 +283353,7 @@ "tunnel2LogOptions", "tunnel2PresharedKey", "tunnel2VgwInsideAddress", + "tunnelBandwidth", "tunnelInsideIpVersion", "type", "vgwTelemetries" @@ -282621,6 +283624,11 @@ "type": "string", "description": "The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.\n" }, + "tunnelBandwidth": { + "type": "string", + "description": "Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. \u003cspan pulumi-lang-nodejs=\"`standard`\" pulumi-lang-dotnet=\"`Standard`\" pulumi-lang-go=\"`standard`\" pulumi-lang-python=\"`standard`\" pulumi-lang-yaml=\"`standard`\" pulumi-lang-java=\"`standard`\"\u003e`standard`\u003c/span\u003e supports up to 1.25 Gbps per tunnel, while \u003cspan pulumi-lang-nodejs=\"`large`\" pulumi-lang-dotnet=\"`Large`\" pulumi-lang-go=\"`large`\" pulumi-lang-python=\"`large`\" pulumi-lang-yaml=\"`large`\" pulumi-lang-java=\"`large`\"\u003e`large`\u003c/span\u003e supports up to 5 Gbps per tunnel. Not supported when \u003cspan pulumi-lang-nodejs=\"`vpnGatewayId`\" pulumi-lang-dotnet=\"`VpnGatewayId`\" pulumi-lang-go=\"`vpnGatewayId`\" pulumi-lang-python=\"`vpn_gateway_id`\" pulumi-lang-yaml=\"`vpnGatewayId`\" pulumi-lang-java=\"`vpnGatewayId`\"\u003e`vpn_gateway_id`\u003c/span\u003e is specified, or \u003cspan pulumi-lang-nodejs=\"`enableAcceleration`\" pulumi-lang-dotnet=\"`EnableAcceleration`\" pulumi-lang-go=\"`enableAcceleration`\" pulumi-lang-python=\"`enable_acceleration`\" pulumi-lang-yaml=\"`enableAcceleration`\" pulumi-lang-java=\"`enableAcceleration`\"\u003e`enable_acceleration`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n", + "willReplaceOnChanges": true + }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. \u003cspan pulumi-lang-nodejs=\"`ipv6`\" pulumi-lang-dotnet=\"`Ipv6`\" pulumi-lang-go=\"`ipv6`\" pulumi-lang-python=\"`ipv6`\" pulumi-lang-yaml=\"`ipv6`\" pulumi-lang-java=\"`ipv6`\"\u003e`ipv6`\u003c/span\u003e Supports only EC2 Transit Gateway.\n", @@ -282987,6 +283995,11 @@ "type": "string", "description": "The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).\n" }, + "tunnelBandwidth": { + "type": "string", + "description": "Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. \u003cspan pulumi-lang-nodejs=\"`standard`\" pulumi-lang-dotnet=\"`Standard`\" pulumi-lang-go=\"`standard`\" pulumi-lang-python=\"`standard`\" pulumi-lang-yaml=\"`standard`\" pulumi-lang-java=\"`standard`\"\u003e`standard`\u003c/span\u003e supports up to 1.25 Gbps per tunnel, while \u003cspan pulumi-lang-nodejs=\"`large`\" pulumi-lang-dotnet=\"`Large`\" pulumi-lang-go=\"`large`\" pulumi-lang-python=\"`large`\" pulumi-lang-yaml=\"`large`\" pulumi-lang-java=\"`large`\"\u003e`large`\u003c/span\u003e supports up to 5 Gbps per tunnel. Not supported when \u003cspan pulumi-lang-nodejs=\"`vpnGatewayId`\" pulumi-lang-dotnet=\"`VpnGatewayId`\" pulumi-lang-go=\"`vpnGatewayId`\" pulumi-lang-python=\"`vpn_gateway_id`\" pulumi-lang-yaml=\"`vpnGatewayId`\" pulumi-lang-java=\"`vpnGatewayId`\"\u003e`vpn_gateway_id`\u003c/span\u003e is specified, or \u003cspan pulumi-lang-nodejs=\"`enableAcceleration`\" pulumi-lang-dotnet=\"`EnableAcceleration`\" pulumi-lang-go=\"`enableAcceleration`\" pulumi-lang-python=\"`enable_acceleration`\" pulumi-lang-yaml=\"`enableAcceleration`\" pulumi-lang-java=\"`enableAcceleration`\"\u003e`enable_acceleration`\u003c/span\u003e is \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n", + "willReplaceOnChanges": true + }, "tunnelInsideIpVersion": { "type": "string", "description": "Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. \u003cspan pulumi-lang-nodejs=\"`ipv6`\" pulumi-lang-dotnet=\"`Ipv6`\" pulumi-lang-go=\"`ipv6`\" pulumi-lang-python=\"`ipv6`\" pulumi-lang-yaml=\"`ipv6`\" pulumi-lang-java=\"`ipv6`\"\u003e`ipv6`\u003c/span\u003e Supports only EC2 Transit Gateway.\n", @@ -298557,6 +299570,14 @@ "region": { "type": "string", "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "scalingStrategy": { + "type": "string", + "description": "Specifies the scaling strategy. When set to `ADVANCED`, the \u003cspan pulumi-lang-nodejs=\"`utilizationPerformanceIndex`\" pulumi-lang-dotnet=\"`UtilizationPerformanceIndex`\" pulumi-lang-go=\"`utilizationPerformanceIndex`\" pulumi-lang-python=\"`utilization_performance_index`\" pulumi-lang-yaml=\"`utilizationPerformanceIndex`\" pulumi-lang-java=\"`utilizationPerformanceIndex`\"\u003e`utilization_performance_index`\u003c/span\u003e argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.\n" + }, + "utilizationPerformanceIndex": { + "type": "integer", + "description": "Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when \u003cspan pulumi-lang-nodejs=\"`scalingStrategy`\" pulumi-lang-dotnet=\"`ScalingStrategy`\" pulumi-lang-go=\"`scalingStrategy`\" pulumi-lang-python=\"`scaling_strategy`\" pulumi-lang-yaml=\"`scalingStrategy`\" pulumi-lang-java=\"`scalingStrategy`\"\u003e`scaling_strategy`\u003c/span\u003e is set to `ADVANCED`. Valid values: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`25`\" pulumi-lang-dotnet=\"`25`\" pulumi-lang-go=\"`25`\" pulumi-lang-python=\"`25`\" pulumi-lang-yaml=\"`25`\" pulumi-lang-java=\"`25`\"\u003e`25`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`75`\" pulumi-lang-dotnet=\"`75`\" pulumi-lang-go=\"`75`\" pulumi-lang-python=\"`75`\" pulumi-lang-yaml=\"`75`\" pulumi-lang-java=\"`75`\"\u003e`75`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`100`\" pulumi-lang-dotnet=\"`100`\" pulumi-lang-go=\"`100`\" pulumi-lang-python=\"`100`\" pulumi-lang-yaml=\"`100`\" pulumi-lang-java=\"`100`\"\u003e`100`\u003c/span\u003e.\n" } }, "required": [ @@ -298581,6 +299602,16 @@ "region": { "type": "string", "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "scalingStrategy": { + "type": "string", + "description": "Specifies the scaling strategy. When set to `ADVANCED`, the \u003cspan pulumi-lang-nodejs=\"`utilizationPerformanceIndex`\" pulumi-lang-dotnet=\"`UtilizationPerformanceIndex`\" pulumi-lang-go=\"`utilizationPerformanceIndex`\" pulumi-lang-python=\"`utilization_performance_index`\" pulumi-lang-yaml=\"`utilizationPerformanceIndex`\" pulumi-lang-java=\"`utilizationPerformanceIndex`\"\u003e`utilization_performance_index`\u003c/span\u003e argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.\n", + "willReplaceOnChanges": true + }, + "utilizationPerformanceIndex": { + "type": "integer", + "description": "Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when \u003cspan pulumi-lang-nodejs=\"`scalingStrategy`\" pulumi-lang-dotnet=\"`ScalingStrategy`\" pulumi-lang-go=\"`scalingStrategy`\" pulumi-lang-python=\"`scaling_strategy`\" pulumi-lang-yaml=\"`scalingStrategy`\" pulumi-lang-java=\"`scalingStrategy`\"\u003e`scaling_strategy`\u003c/span\u003e is set to `ADVANCED`. Valid values: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`25`\" pulumi-lang-dotnet=\"`25`\" pulumi-lang-go=\"`25`\" pulumi-lang-python=\"`25`\" pulumi-lang-yaml=\"`25`\" pulumi-lang-java=\"`25`\"\u003e`25`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`75`\" pulumi-lang-dotnet=\"`75`\" pulumi-lang-go=\"`75`\" pulumi-lang-python=\"`75`\" pulumi-lang-yaml=\"`75`\" pulumi-lang-java=\"`75`\"\u003e`75`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`100`\" pulumi-lang-dotnet=\"`100`\" pulumi-lang-go=\"`100`\" pulumi-lang-python=\"`100`\" pulumi-lang-yaml=\"`100`\" pulumi-lang-java=\"`100`\"\u003e`100`\u003c/span\u003e.\n", + "willReplaceOnChanges": true } }, "requiredInputs": [ @@ -298606,6 +299637,16 @@ "region": { "type": "string", "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "scalingStrategy": { + "type": "string", + "description": "Specifies the scaling strategy. When set to `ADVANCED`, the \u003cspan pulumi-lang-nodejs=\"`utilizationPerformanceIndex`\" pulumi-lang-dotnet=\"`UtilizationPerformanceIndex`\" pulumi-lang-go=\"`utilizationPerformanceIndex`\" pulumi-lang-python=\"`utilization_performance_index`\" pulumi-lang-yaml=\"`utilizationPerformanceIndex`\" pulumi-lang-java=\"`utilizationPerformanceIndex`\"\u003e`utilization_performance_index`\u003c/span\u003e argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.\n", + "willReplaceOnChanges": true + }, + "utilizationPerformanceIndex": { + "type": "integer", + "description": "Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when \u003cspan pulumi-lang-nodejs=\"`scalingStrategy`\" pulumi-lang-dotnet=\"`ScalingStrategy`\" pulumi-lang-go=\"`scalingStrategy`\" pulumi-lang-python=\"`scaling_strategy`\" pulumi-lang-yaml=\"`scalingStrategy`\" pulumi-lang-java=\"`scalingStrategy`\"\u003e`scaling_strategy`\u003c/span\u003e is set to `ADVANCED`. Valid values: \u003cspan pulumi-lang-nodejs=\"`1`\" pulumi-lang-dotnet=\"`1`\" pulumi-lang-go=\"`1`\" pulumi-lang-python=\"`1`\" pulumi-lang-yaml=\"`1`\" pulumi-lang-java=\"`1`\"\u003e`1`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`25`\" pulumi-lang-dotnet=\"`25`\" pulumi-lang-go=\"`25`\" pulumi-lang-python=\"`25`\" pulumi-lang-yaml=\"`25`\" pulumi-lang-java=\"`25`\"\u003e`25`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`50`\" pulumi-lang-dotnet=\"`50`\" pulumi-lang-go=\"`50`\" pulumi-lang-python=\"`50`\" pulumi-lang-yaml=\"`50`\" pulumi-lang-java=\"`50`\"\u003e`50`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`75`\" pulumi-lang-dotnet=\"`75`\" pulumi-lang-go=\"`75`\" pulumi-lang-python=\"`75`\" pulumi-lang-yaml=\"`75`\" pulumi-lang-java=\"`75`\"\u003e`75`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`100`\" pulumi-lang-dotnet=\"`100`\" pulumi-lang-go=\"`100`\" pulumi-lang-python=\"`100`\" pulumi-lang-yaml=\"`100`\" pulumi-lang-java=\"`100`\"\u003e`100`\u003c/span\u003e.\n", + "willReplaceOnChanges": true } }, "type": "object" @@ -332063,7 +333104,7 @@ } }, "aws:lambda/invocation:Invocation": { - "description": "Manages an AWS Lambda Function invocation. Use this resource to invoke a Lambda function with the [RequestResponse](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) invocation type.\n\n\u003e **Note:** By default this resource _only_ invokes the function when the arguments call for a create or replace. After an initial invocation on _apply_, if the arguments do not change, a subsequent _apply_ does not invoke the function again. To dynamically invoke the function, see the \u003cspan pulumi-lang-nodejs=\"`triggers`\" pulumi-lang-dotnet=\"`Triggers`\" pulumi-lang-go=\"`triggers`\" pulumi-lang-python=\"`triggers`\" pulumi-lang-yaml=\"`triggers`\" pulumi-lang-java=\"`triggers`\"\u003e`triggers`\u003c/span\u003e example below. To always invoke a function on each _apply_, see the \u003cspan pulumi-lang-nodejs=\"`aws.lambda.Invocation`\" pulumi-lang-dotnet=\"`aws.lambda.Invocation`\" pulumi-lang-go=\"`lambda.Invocation`\" pulumi-lang-python=\"`lambda.Invocation`\" pulumi-lang-yaml=\"`aws.lambda.Invocation`\" pulumi-lang-java=\"`aws.lambda.Invocation`\"\u003e`aws.lambda.Invocation`\u003c/span\u003e data source. To invoke the Lambda function when the Pulumi resource is updated and deleted, see the CRUD Lifecycle Management example below.\n\n\u003e **Note:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking a Lambda function with environment variables, the IAM role associated with the function may have been deleted and recreated after the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n## Example Usage\n\n### Basic Invocation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\n// Lambda function to invoke\nconst example = new aws.lambda.Function(\"example\", {\n code: new pulumi.asset.FileArchive(\"function.zip\"),\n name: \"data_processor\",\n role: lambdaRole.arn,\n handler: \"index.handler\",\n runtime: aws.lambda.Runtime.Python3d12,\n});\n// Invoke the function once during resource creation\nconst exampleInvocation = new aws.lambda.Invocation(\"example\", {\n functionName: example.name,\n input: JSON.stringify({\n operation: \"initialize\",\n config: {\n environment: \"production\",\n debug: false,\n },\n }),\n});\nexport const initializationResult = std.jsondecodeOutput({\n input: exampleInvocation.result,\n}).apply(invoke =\u003e invoke.result?.status);\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\n# Lambda function to invoke\nexample = aws.lambda_.Function(\"example\",\n code=pulumi.FileArchive(\"function.zip\"),\n name=\"data_processor\",\n role=lambda_role[\"arn\"],\n handler=\"index.handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D12)\n# Invoke the function once during resource creation\nexample_invocation = aws.lambda_.Invocation(\"example\",\n function_name=example.name,\n input=json.dumps({\n \"operation\": \"initialize\",\n \"config\": {\n \"environment\": \"production\",\n \"debug\": False,\n },\n }))\npulumi.export(\"initializationResult\", std.jsondecode_output(input=example_invocation.result).apply(lambda invoke: invoke.result[\"status\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Lambda function to invoke\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n Code = new FileArchive(\"function.zip\"),\n Name = \"data_processor\",\n Role = lambdaRole.Arn,\n Handler = \"index.handler\",\n Runtime = Aws.Lambda.Runtime.Python3d12,\n });\n\n // Invoke the function once during resource creation\n var exampleInvocation = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = example.Name,\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"operation\"] = \"initialize\",\n [\"config\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"environment\"] = \"production\",\n [\"debug\"] = false,\n },\n }),\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"initializationResult\"] = Std.Jsondecode.Invoke(new()\n {\n Input = exampleInvocation.Result,\n }).Apply(invoke =\u003e invoke.Result?.Status),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n// Lambda function to invoke\nexample, err := lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\nCode: pulumi.NewFileArchive(\"function.zip\"),\nName: pulumi.String(\"data_processor\"),\nRole: pulumi.Any(lambdaRole.Arn),\nHandler: pulumi.String(\"index.handler\"),\nRuntime: pulumi.String(lambda.RuntimePython3d12),\n})\nif err != nil {\nreturn err\n}\ntmpJSON0, err := json.Marshal(map[string]interface{}{\n\"operation\": \"initialize\",\n\"config\": map[string]interface{}{\n\"environment\": \"production\",\n\"debug\": false,\n},\n})\nif err != nil {\nreturn err\n}\njson0 := string(tmpJSON0)\n// Invoke the function once during resource creation\nexampleInvocation, err := lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\nFunctionName: example.Name,\nInput: pulumi.String(json0),\n})\nif err != nil {\nreturn err\n}\nctx.Export(\"initializationResult\", std.JsondecodeOutput(ctx, std.JsondecodeOutputArgs{\nInput: exampleInvocation.Result,\n}, nil).ApplyT(func(invoke std.JsondecodeResult) (*interface{}, error) {\nreturn invoke.Result.Status, nil\n}).(pulumi.Interface{}PtrOutput))\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.JsondecodeArgs;\nimport com.pulumi.asset.FileArchive;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Lambda function to invoke\n var example = new Function(\"example\", FunctionArgs.builder()\n .code(new FileArchive(\"function.zip\"))\n .name(\"data_processor\")\n .role(lambdaRole.arn())\n .handler(\"index.handler\")\n .runtime(\"python3.12\")\n .build());\n\n // Invoke the function once during resource creation\n var exampleInvocation = new Invocation(\"exampleInvocation\", InvocationArgs.builder()\n .functionName(example.name())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"operation\", \"initialize\"),\n jsonProperty(\"config\", jsonObject(\n jsonProperty(\"environment\", \"production\"),\n jsonProperty(\"debug\", false)\n ))\n )))\n .build());\n\n ctx.export(\"initializationResult\", StdFunctions.jsondecode(JsondecodeArgs.builder()\n .input(exampleInvocation.result())\n .build()).applyValue(_invoke -\u003e _invoke.result().status()));\n }\n}\n```\n```yaml\nresources:\n # Lambda function to invoke\n example:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: function.zip\n name: data_processor\n role: ${lambdaRole.arn}\n handler: index.handler\n runtime: python3.12\n # Invoke the function once during resource creation\n exampleInvocation:\n type: aws:lambda:Invocation\n name: example\n properties:\n functionName: ${example.name}\n input:\n fn::toJSON:\n operation: initialize\n config:\n environment: production\n debug: false\noutputs:\n # Use the result in other resources\n initializationResult:\n fn::invoke:\n function: std:jsondecode\n arguments:\n input: ${exampleInvocation.result}\n return: result.status\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Dynamic Invocation with Triggers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n triggers: {\n function_version: exampleAwsLambdaFunction.version,\n config_hash: std.sha256Output({\n input: JSON.stringify({\n environment: environment,\n timestamp: std.timestamp({}).then(invoke =\u003e invoke.result),\n }),\n }).apply(invoke =\u003e invoke.result),\n },\n input: JSON.stringify({\n operation: \"process_data\",\n environment: environment,\n batch_id: batchId.result,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n triggers={\n \"function_version\": example_aws_lambda_function[\"version\"],\n \"config_hash\": std.sha256_output(input=json.dumps({\n \"environment\": environment,\n \"timestamp\": std.timestamp().result,\n })).apply(lambda invoke: invoke.result),\n },\n input=json.dumps({\n \"operation\": \"process_data\",\n \"environment\": environment,\n \"batch_id\": batch_id[\"result\"],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Triggers = \n {\n { \"function_version\", exampleAwsLambdaFunction.Version },\n { \"config_hash\", Std.Sha256.Invoke(new()\n {\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"environment\"] = environment,\n [\"timestamp\"] = Std.Timestamp.Invoke().Apply(invoke =\u003e invoke.Result),\n }),\n }).Apply(invoke =\u003e invoke.Result) },\n },\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"operation\"] = \"process_data\",\n [\"environment\"] = environment,\n [\"batch_id\"] = batchId.Result,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"environment\": environment,\n\t\t\t\"timestamp\": std.Timestamp(ctx, \u0026std.TimestampArgs{}, nil).Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"operation\": \"process_data\",\n\t\t\t\"environment\": environment,\n\t\t\t\"batch_id\": batchId.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"function_version\": pulumi.Any(exampleAwsLambdaFunction.Version),\n\t\t\t\t\"config_hash\": pulumi.String(std.Sha256Output(ctx, std.Sha256OutputArgs{\n\t\t\t\t\tInput: pulumi.String(json0),\n\t\t\t\t}, nil).ApplyT(func(invoke std.Sha256Result) (*string, error) {\n\t\t\t\t\treturn invoke.Result, nil\n\t\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\t},\n\t\t\tInput: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.TimestampArgs;\nimport com.pulumi.std.inputs.Sha256Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .triggers(Map.ofEntries(\n Map.entry(\"function_version\", exampleAwsLambdaFunction.version()),\n Map.entry(\"config_hash\", StdFunctions.sha256(Sha256Args.builder()\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"environment\", environment),\n jsonProperty(\"timestamp\", StdFunctions.timestamp(TimestampArgs.builder()\n .build()).result())\n )))\n .build()).applyValue(_invoke -\u003e _invoke.result()))\n ))\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"operation\", \"process_data\"),\n jsonProperty(\"environment\", environment),\n jsonProperty(\"batch_id\", batchId.result())\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n triggers:\n function_version: ${exampleAwsLambdaFunction.version}\n config_hash:\n fn::invoke:\n function: std:sha256\n arguments:\n input:\n fn::toJSON:\n environment: ${environment}\n timestamp:\n fn::invoke:\n function: std:timestamp\n arguments: {}\n return: result\n return: result\n input:\n fn::toJSON:\n operation: process_data\n environment: ${environment}\n batch_id: ${batchId.result}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CRUD Lifecycle Management\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n input: JSON.stringify({\n resource_name: \"database_setup\",\n database_url: exampleAwsDbInstance.endpoint,\n credentials: {\n username: dbUsername,\n password: dbPassword,\n },\n }),\n lifecycleScope: \"CRUD\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n input=json.dumps({\n \"resource_name\": \"database_setup\",\n \"database_url\": example_aws_db_instance[\"endpoint\"],\n \"credentials\": {\n \"username\": db_username,\n \"password\": db_password,\n },\n }),\n lifecycle_scope=\"CRUD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"resource_name\"] = \"database_setup\",\n [\"database_url\"] = exampleAwsDbInstance.Endpoint,\n [\"credentials\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = dbUsername,\n [\"password\"] = dbPassword,\n },\n }),\n LifecycleScope = \"CRUD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"resource_name\": \"database_setup\",\n\t\t\t\"database_url\": exampleAwsDbInstance.Endpoint,\n\t\t\t\"credentials\": map[string]interface{}{\n\t\t\t\t\"username\": dbUsername,\n\t\t\t\t\"password\": dbPassword,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tInput: pulumi.String(json0),\n\t\t\tLifecycleScope: pulumi.String(\"CRUD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"resource_name\", \"database_setup\"),\n jsonProperty(\"database_url\", exampleAwsDbInstance.endpoint()),\n jsonProperty(\"credentials\", jsonObject(\n jsonProperty(\"username\", dbUsername),\n jsonProperty(\"password\", dbPassword)\n ))\n )))\n .lifecycleScope(\"CRUD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n input:\n fn::toJSON:\n resource_name: database_setup\n database_url: ${exampleAwsDbInstance.endpoint}\n credentials:\n username: ${dbUsername}\n password: ${dbPassword}\n lifecycleScope: CRUD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`lifecycleScope \" pulumi-lang-dotnet=\"`LifecycleScope \" pulumi-lang-go=\"`lifecycleScope \" pulumi-lang-python=\"`lifecycle_scope \" pulumi-lang-yaml=\"`lifecycleScope \" pulumi-lang-java=\"`lifecycleScope \"\u003e`lifecycle_scope \u003c/span\u003e= \"CRUD\"` will inject a key \u003cspan pulumi-lang-nodejs=\"`tf`\" pulumi-lang-dotnet=\"`Tf`\" pulumi-lang-go=\"`tf`\" pulumi-lang-python=\"`tf`\" pulumi-lang-yaml=\"`tf`\" pulumi-lang-java=\"`tf`\"\u003e`tf`\u003c/span\u003e in the input event to pass lifecycle information! This allows the Lambda function to handle different lifecycle transitions uniquely. If you need to use a key \u003cspan pulumi-lang-nodejs=\"`tf`\" pulumi-lang-dotnet=\"`Tf`\" pulumi-lang-go=\"`tf`\" pulumi-lang-python=\"`tf`\" pulumi-lang-yaml=\"`tf`\" pulumi-lang-java=\"`tf`\"\u003e`tf`\u003c/span\u003e in your own input JSON, the default key name can be overridden with the \u003cspan pulumi-lang-nodejs=\"`pulumiKey`\" pulumi-lang-dotnet=\"`PulumiKey`\" pulumi-lang-go=\"`pulumiKey`\" pulumi-lang-python=\"`pulumi_key`\" pulumi-lang-yaml=\"`pulumiKey`\" pulumi-lang-java=\"`pulumiKey`\"\u003e`pulumi_key`\u003c/span\u003e argument.\n\nThe lifecycle key gets added with subkeys:\n\n* \u003cspan pulumi-lang-nodejs=\"`action`\" pulumi-lang-dotnet=\"`Action`\" pulumi-lang-go=\"`action`\" pulumi-lang-python=\"`action`\" pulumi-lang-yaml=\"`action`\" pulumi-lang-java=\"`action`\"\u003e`action`\u003c/span\u003e - Action Pulumi performs on the resource. Values are \u003cspan pulumi-lang-nodejs=\"`create`\" pulumi-lang-dotnet=\"`Create`\" pulumi-lang-go=\"`create`\" pulumi-lang-python=\"`create`\" pulumi-lang-yaml=\"`create`\" pulumi-lang-java=\"`create`\"\u003e`create`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`update`\" pulumi-lang-dotnet=\"`Update`\" pulumi-lang-go=\"`update`\" pulumi-lang-python=\"`update`\" pulumi-lang-yaml=\"`update`\" pulumi-lang-java=\"`update`\"\u003e`update`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`delete`\" pulumi-lang-dotnet=\"`Delete`\" pulumi-lang-go=\"`delete`\" pulumi-lang-python=\"`delete`\" pulumi-lang-yaml=\"`delete`\" pulumi-lang-java=\"`delete`\"\u003e`delete`\u003c/span\u003e.\n* \u003cspan pulumi-lang-nodejs=\"`prevInput`\" pulumi-lang-dotnet=\"`PrevInput`\" pulumi-lang-go=\"`prevInput`\" pulumi-lang-python=\"`prev_input`\" pulumi-lang-yaml=\"`prevInput`\" pulumi-lang-java=\"`prevInput`\"\u003e`prev_input`\u003c/span\u003e - Input JSON payload from the previous invocation. This can be used to handle update and delete events.\n\nWhen the resource from the CRUD example above is created, the Lambda will receive the following JSON payload:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb.cluster-xyz.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"create\",\n \"prev_input\": null\n }\n}\n```\n\nIf the \u003cspan pulumi-lang-nodejs=\"`databaseUrl`\" pulumi-lang-dotnet=\"`DatabaseUrl`\" pulumi-lang-go=\"`databaseUrl`\" pulumi-lang-python=\"`database_url`\" pulumi-lang-yaml=\"`databaseUrl`\" pulumi-lang-java=\"`databaseUrl`\"\u003e`database_url`\u003c/span\u003e changes, the Lambda will be invoked again with:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"update\",\n \"prev_input\": {\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb.cluster-xyz.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n }\n }\n }\n}\n```\n\nWhen the invocation resource is removed, the final invocation will have:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"delete\",\n \"prev_input\": {\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n }\n }\n }\n}\n```\n", + "description": "Manages an AWS Lambda Function invocation. Use this resource to invoke a Lambda function with the [RequestResponse](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) invocation type.\n\n\u003e **Note:** By default this resource _only_ invokes the function when the arguments call for a create or replace. After an initial invocation on _apply_, if the arguments do not change, a subsequent _apply_ does not invoke the function again. To dynamically invoke the function, see the \u003cspan pulumi-lang-nodejs=\"`triggers`\" pulumi-lang-dotnet=\"`Triggers`\" pulumi-lang-go=\"`triggers`\" pulumi-lang-python=\"`triggers`\" pulumi-lang-yaml=\"`triggers`\" pulumi-lang-java=\"`triggers`\"\u003e`triggers`\u003c/span\u003e example below. To always invoke a function on each _apply_, see the \u003cspan pulumi-lang-nodejs=\"`aws.lambda.Invocation`\" pulumi-lang-dotnet=\"`aws.lambda.Invocation`\" pulumi-lang-go=\"`lambda.Invocation`\" pulumi-lang-python=\"`lambda.Invocation`\" pulumi-lang-yaml=\"`aws.lambda.Invocation`\" pulumi-lang-java=\"`aws.lambda.Invocation`\"\u003e`aws.lambda.Invocation`\u003c/span\u003e data source. To invoke the Lambda function when the Pulumi resource is updated and deleted, see the CRUD Lifecycle Management example below.\n\n\u003e **Note:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking a Lambda function with environment variables, the IAM role associated with the function may have been deleted and recreated after the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n## Example Usage\n\n### Basic Invocation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\n// Lambda function to invoke\nconst example = new aws.lambda.Function(\"example\", {\n code: new pulumi.asset.FileArchive(\"function.zip\"),\n name: \"data_processor\",\n role: lambdaRole.arn,\n handler: \"index.handler\",\n runtime: aws.lambda.Runtime.Python3d12,\n});\n// Invoke the function once during resource creation\nconst exampleInvocation = new aws.lambda.Invocation(\"example\", {\n functionName: example.name,\n input: JSON.stringify({\n operation: \"initialize\",\n config: {\n environment: \"production\",\n debug: false,\n },\n }),\n});\nexport const initializationResult = std.jsondecodeOutput({\n input: exampleInvocation.result,\n}).apply(invoke =\u003e invoke.result?.status);\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\n# Lambda function to invoke\nexample = aws.lambda_.Function(\"example\",\n code=pulumi.FileArchive(\"function.zip\"),\n name=\"data_processor\",\n role=lambda_role[\"arn\"],\n handler=\"index.handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D12)\n# Invoke the function once during resource creation\nexample_invocation = aws.lambda_.Invocation(\"example\",\n function_name=example.name,\n input=json.dumps({\n \"operation\": \"initialize\",\n \"config\": {\n \"environment\": \"production\",\n \"debug\": False,\n },\n }))\npulumi.export(\"initializationResult\", std.jsondecode_output(input=example_invocation.result).apply(lambda invoke: invoke.result[\"status\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Lambda function to invoke\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n Code = new FileArchive(\"function.zip\"),\n Name = \"data_processor\",\n Role = lambdaRole.Arn,\n Handler = \"index.handler\",\n Runtime = Aws.Lambda.Runtime.Python3d12,\n });\n\n // Invoke the function once during resource creation\n var exampleInvocation = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = example.Name,\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"operation\"] = \"initialize\",\n [\"config\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"environment\"] = \"production\",\n [\"debug\"] = false,\n },\n }),\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"initializationResult\"] = Std.Jsondecode.Invoke(new()\n {\n Input = exampleInvocation.Result,\n }).Apply(invoke =\u003e invoke.Result?.Status),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\n// Lambda function to invoke\nexample, err := lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\nCode: pulumi.NewFileArchive(\"function.zip\"),\nName: pulumi.String(\"data_processor\"),\nRole: pulumi.Any(lambdaRole.Arn),\nHandler: pulumi.String(\"index.handler\"),\nRuntime: pulumi.String(lambda.RuntimePython3d12),\n})\nif err != nil {\nreturn err\n}\ntmpJSON0, err := json.Marshal(map[string]interface{}{\n\"operation\": \"initialize\",\n\"config\": map[string]interface{}{\n\"environment\": \"production\",\n\"debug\": false,\n},\n})\nif err != nil {\nreturn err\n}\njson0 := string(tmpJSON0)\n// Invoke the function once during resource creation\nexampleInvocation, err := lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\nFunctionName: example.Name,\nInput: pulumi.String(json0),\n})\nif err != nil {\nreturn err\n}\nctx.Export(\"initializationResult\", std.JsondecodeOutput(ctx, std.JsondecodeOutputArgs{\nInput: exampleInvocation.Result,\n}, nil).ApplyT(func(invoke std.JsondecodeResult) (*interface{}, error) {\nreturn invoke.Result.Status, nil\n}).(pulumi.Interface{}PtrOutput))\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.JsondecodeArgs;\nimport com.pulumi.asset.FileArchive;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Lambda function to invoke\n var example = new Function(\"example\", FunctionArgs.builder()\n .code(new FileArchive(\"function.zip\"))\n .name(\"data_processor\")\n .role(lambdaRole.arn())\n .handler(\"index.handler\")\n .runtime(\"python3.12\")\n .build());\n\n // Invoke the function once during resource creation\n var exampleInvocation = new Invocation(\"exampleInvocation\", InvocationArgs.builder()\n .functionName(example.name())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"operation\", \"initialize\"),\n jsonProperty(\"config\", jsonObject(\n jsonProperty(\"environment\", \"production\"),\n jsonProperty(\"debug\", false)\n ))\n )))\n .build());\n\n ctx.export(\"initializationResult\", StdFunctions.jsondecode(JsondecodeArgs.builder()\n .input(exampleInvocation.result())\n .build()).applyValue(_invoke -\u003e _invoke.result().status()));\n }\n}\n```\n```yaml\nresources:\n # Lambda function to invoke\n example:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: function.zip\n name: data_processor\n role: ${lambdaRole.arn}\n handler: index.handler\n runtime: python3.12\n # Invoke the function once during resource creation\n exampleInvocation:\n type: aws:lambda:Invocation\n name: example\n properties:\n functionName: ${example.name}\n input:\n fn::toJSON:\n operation: initialize\n config:\n environment: production\n debug: false\noutputs:\n # Use the result in other resources\n initializationResult:\n fn::invoke:\n function: std:jsondecode\n arguments:\n input: ${exampleInvocation.result}\n return: result.status\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Dynamic Invocation with Triggers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n triggers: {\n function_version: exampleAwsLambdaFunction.version,\n config_hash: std.sha256Output({\n input: JSON.stringify({\n environment: environment,\n timestamp: std.timestamp({}).then(invoke =\u003e invoke.result),\n }),\n }).apply(invoke =\u003e invoke.result),\n },\n input: JSON.stringify({\n operation: \"process_data\",\n environment: environment,\n batch_id: batchId.result,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n triggers={\n \"function_version\": example_aws_lambda_function[\"version\"],\n \"config_hash\": std.sha256_output(input=json.dumps({\n \"environment\": environment,\n \"timestamp\": std.timestamp().result,\n })).apply(lambda invoke: invoke.result),\n },\n input=json.dumps({\n \"operation\": \"process_data\",\n \"environment\": environment,\n \"batch_id\": batch_id[\"result\"],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Triggers = \n {\n { \"function_version\", exampleAwsLambdaFunction.Version },\n { \"config_hash\", Std.Sha256.Invoke(new()\n {\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"environment\"] = environment,\n [\"timestamp\"] = Std.Timestamp.Invoke().Apply(invoke =\u003e invoke.Result),\n }),\n }).Apply(invoke =\u003e invoke.Result) },\n },\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"operation\"] = \"process_data\",\n [\"environment\"] = environment,\n [\"batch_id\"] = batchId.Result,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"environment\": environment,\n\t\t\t\"timestamp\": std.Timestamp(ctx, \u0026std.TimestampArgs{}, nil).Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"operation\": \"process_data\",\n\t\t\t\"environment\": environment,\n\t\t\t\"batch_id\": batchId.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"function_version\": pulumi.Any(exampleAwsLambdaFunction.Version),\n\t\t\t\t\"config_hash\": pulumi.String(std.Sha256Output(ctx, std.Sha256OutputArgs{\n\t\t\t\t\tInput: pulumi.String(json0),\n\t\t\t\t}, nil).ApplyT(func(invoke std.Sha256Result) (*string, error) {\n\t\t\t\t\treturn invoke.Result, nil\n\t\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t\t},\n\t\t\tInput: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport com.pulumi.std.StdFunctions;\nimport com.pulumi.std.inputs.TimestampArgs;\nimport com.pulumi.std.inputs.Sha256Args;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .triggers(Map.ofEntries(\n Map.entry(\"function_version\", exampleAwsLambdaFunction.version()),\n Map.entry(\"config_hash\", StdFunctions.sha256(Sha256Args.builder()\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"environment\", environment),\n jsonProperty(\"timestamp\", StdFunctions.timestamp(TimestampArgs.builder()\n .build()).result())\n )))\n .build()).applyValue(_invoke -\u003e _invoke.result()))\n ))\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"operation\", \"process_data\"),\n jsonProperty(\"environment\", environment),\n jsonProperty(\"batch_id\", batchId.result())\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n triggers:\n function_version: ${exampleAwsLambdaFunction.version}\n config_hash:\n fn::invoke:\n function: std:sha256\n arguments:\n input:\n fn::toJSON:\n environment: ${environment}\n timestamp:\n fn::invoke:\n function: std:timestamp\n arguments: {}\n return: result\n return: result\n input:\n fn::toJSON:\n operation: process_data\n environment: ${environment}\n batch_id: ${batchId.result}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CRUD Lifecycle Management\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Invocation(\"example\", {\n functionName: exampleAwsLambdaFunction.functionName,\n input: JSON.stringify({\n resource_name: \"database_setup\",\n database_url: exampleAwsDbInstance.endpoint,\n credentials: {\n username: dbUsername,\n password: dbPassword,\n },\n }),\n lifecycleScope: \"CRUD\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Invocation(\"example\",\n function_name=example_aws_lambda_function[\"functionName\"],\n input=json.dumps({\n \"resource_name\": \"database_setup\",\n \"database_url\": example_aws_db_instance[\"endpoint\"],\n \"credentials\": {\n \"username\": db_username,\n \"password\": db_password,\n },\n }),\n lifecycle_scope=\"CRUD\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Invocation(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.FunctionName,\n Input = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"resource_name\"] = \"database_setup\",\n [\"database_url\"] = exampleAwsDbInstance.Endpoint,\n [\"credentials\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = dbUsername,\n [\"password\"] = dbPassword,\n },\n }),\n LifecycleScope = \"CRUD\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"resource_name\": \"database_setup\",\n\t\t\t\"database_url\": exampleAwsDbInstance.Endpoint,\n\t\t\t\"credentials\": map[string]interface{}{\n\t\t\t\t\"username\": dbUsername,\n\t\t\t\t\"password\": dbPassword,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewInvocation(ctx, \"example\", \u0026lambda.InvocationArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),\n\t\t\tInput: pulumi.String(json0),\n\t\t\tLifecycleScope: pulumi.String(\"CRUD\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Invocation;\nimport com.pulumi.aws.lambda.InvocationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Invocation(\"example\", InvocationArgs.builder()\n .functionName(exampleAwsLambdaFunction.functionName())\n .input(serializeJson(\n jsonObject(\n jsonProperty(\"resource_name\", \"database_setup\"),\n jsonProperty(\"database_url\", exampleAwsDbInstance.endpoint()),\n jsonProperty(\"credentials\", jsonObject(\n jsonProperty(\"username\", dbUsername),\n jsonProperty(\"password\", dbPassword)\n ))\n )))\n .lifecycleScope(\"CRUD\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Invocation\n properties:\n functionName: ${exampleAwsLambdaFunction.functionName}\n input:\n fn::toJSON:\n resource_name: database_setup\n database_url: ${exampleAwsDbInstance.endpoint}\n credentials:\n username: ${dbUsername}\n password: ${dbPassword}\n lifecycleScope: CRUD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`lifecycleScope \" pulumi-lang-dotnet=\"`LifecycleScope \" pulumi-lang-go=\"`lifecycleScope \" pulumi-lang-python=\"`lifecycle_scope \" pulumi-lang-yaml=\"`lifecycleScope \" pulumi-lang-java=\"`lifecycleScope \"\u003e`lifecycle_scope \u003c/span\u003e= \"CRUD\"` will inject a key \u003cspan pulumi-lang-nodejs=\"`tf`\" pulumi-lang-dotnet=\"`Tf`\" pulumi-lang-go=\"`tf`\" pulumi-lang-python=\"`tf`\" pulumi-lang-yaml=\"`tf`\" pulumi-lang-java=\"`tf`\"\u003e`tf`\u003c/span\u003e in the input event to pass lifecycle information! This allows the Lambda function to handle different lifecycle transitions uniquely. If you need to use a key \u003cspan pulumi-lang-nodejs=\"`tf`\" pulumi-lang-dotnet=\"`Tf`\" pulumi-lang-go=\"`tf`\" pulumi-lang-python=\"`tf`\" pulumi-lang-yaml=\"`tf`\" pulumi-lang-java=\"`tf`\"\u003e`tf`\u003c/span\u003e in your own input JSON, the default key name can be overridden with the \u003cspan pulumi-lang-nodejs=\"`pulumiKey`\" pulumi-lang-dotnet=\"`PulumiKey`\" pulumi-lang-go=\"`pulumiKey`\" pulumi-lang-python=\"`pulumi_key`\" pulumi-lang-yaml=\"`pulumiKey`\" pulumi-lang-java=\"`pulumiKey`\"\u003e`pulumi_key`\u003c/span\u003e argument.\n\nThe lifecycle key gets added with subkeys:\n\n* \u003cspan pulumi-lang-nodejs=\"`action`\" pulumi-lang-dotnet=\"`Action`\" pulumi-lang-go=\"`action`\" pulumi-lang-python=\"`action`\" pulumi-lang-yaml=\"`action`\" pulumi-lang-java=\"`action`\"\u003e`action`\u003c/span\u003e - Action Pulumi performs on the resource. Values are \u003cspan pulumi-lang-nodejs=\"`create`\" pulumi-lang-dotnet=\"`Create`\" pulumi-lang-go=\"`create`\" pulumi-lang-python=\"`create`\" pulumi-lang-yaml=\"`create`\" pulumi-lang-java=\"`create`\"\u003e`create`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`update`\" pulumi-lang-dotnet=\"`Update`\" pulumi-lang-go=\"`update`\" pulumi-lang-python=\"`update`\" pulumi-lang-yaml=\"`update`\" pulumi-lang-java=\"`update`\"\u003e`update`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`delete`\" pulumi-lang-dotnet=\"`Delete`\" pulumi-lang-go=\"`delete`\" pulumi-lang-python=\"`delete`\" pulumi-lang-yaml=\"`delete`\" pulumi-lang-java=\"`delete`\"\u003e`delete`\u003c/span\u003e.\n* \u003cspan pulumi-lang-nodejs=\"`prevInput`\" pulumi-lang-dotnet=\"`PrevInput`\" pulumi-lang-go=\"`prevInput`\" pulumi-lang-python=\"`prev_input`\" pulumi-lang-yaml=\"`prevInput`\" pulumi-lang-java=\"`prevInput`\"\u003e`prev_input`\u003c/span\u003e - Input JSON payload from the previous invocation. This can be used to handle update and delete events.\n\nWhen the resource from the CRUD example above is created, the Lambda will receive the following JSON payload:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb.cluster-xyz.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"create\",\n \"prev_input\": null\n }\n}\n```\n\nIf the \u003cspan pulumi-lang-nodejs=\"`databaseUrl`\" pulumi-lang-dotnet=\"`DatabaseUrl`\" pulumi-lang-go=\"`databaseUrl`\" pulumi-lang-python=\"`database_url`\" pulumi-lang-yaml=\"`databaseUrl`\" pulumi-lang-java=\"`databaseUrl`\"\u003e`database_url`\u003c/span\u003e changes, the Lambda will be invoked again with:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"update\",\n \"prev_input\": {\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb.cluster-xyz.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n }\n }\n }\n}\n```\n\nWhen the invocation resource is removed, the final invocation will have:\n\n```json\n{\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n },\n \"tf\": {\n \"action\": \"delete\",\n \"prev_input\": {\n \"resource_name\": \"database_setup\",\n \"database_url\": \"mydb-new.cluster-abc.us-west-2.rds.amazonaws.com:5432\",\n \"credentials\": {\n \"username\": \"admin\",\n \"password\": \"secret123\"\n }\n }\n }\n}\n```\n\n## Import\n\nUsing `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example:\n\n```sh\n$ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09\n```\nBecause it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function.\nTo compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function.\n\n", "properties": { "functionName": { "type": "string", @@ -333010,7 +334051,7 @@ } }, "aws:lb/listener:Listener": { - "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.Listener`\" pulumi-lang-dotnet=\"`aws.alb.Listener`\" pulumi-lang-go=\"`alb.Listener`\" pulumi-lang-python=\"`alb.Listener`\" pulumi-lang-yaml=\"`aws.alb.Listener`\" pulumi-lang-java=\"`aws.alb.Listener`\"\u003e`aws.alb.Listener`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.Listener`\" pulumi-lang-dotnet=\"`aws.lb.Listener`\" pulumi-lang-go=\"`lb.Listener`\" pulumi-lang-python=\"`lb.Listener`\" pulumi-lang-yaml=\"`aws.lb.Listener`\" pulumi-lang-java=\"`aws.lb.Listener`\"\u003e`aws.lb.Listener`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith weighted target groups:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndBlue = new aws.lb.TargetGroup(\"front_end_blue\", {});\nconst frontEndGreen = new aws.lb.TargetGroup(\"front_end_green\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: frontEndBlue.arn,\n weight: 100,\n },\n {\n arn: frontEndGreen.arn,\n weight: 0,\n },\n ],\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_blue = aws.lb.TargetGroup(\"front_end_blue\")\nfront_end_green = aws.lb.TargetGroup(\"front_end_green\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": front_end_blue.arn,\n \"weight\": 100,\n },\n {\n \"arn\": front_end_green.arn,\n \"weight\": 0,\n },\n ],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndBlue = new Aws.LB.TargetGroup(\"front_end_blue\");\n\n var frontEndGreen = new Aws.LB.TargetGroup(\"front_end_green\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndBlue.Arn,\n Weight = 100,\n },\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndGreen.Arn,\n Weight = 0,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndBlue, err := lb.NewTargetGroup(ctx, \"front_end_blue\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndGreen, err := lb.NewTargetGroup(ctx, \"front_end_green\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndBlue.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndGreen.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(0),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionForwardArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndBlue = new TargetGroup(\"frontEndBlue\");\n\n var frontEndGreen = new TargetGroup(\"frontEndGreen\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndBlue.arn())\n .weight(100)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndGreen.arn())\n .weight(0)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndBlue:\n type: aws:lb:TargetGroup\n name: front_end_blue\n frontEndGreen:\n type: aws:lb:TargetGroup\n name: front_end_green\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${frontEndBlue.arn}\n weight: 100\n - arn: ${frontEndGreen.arn}\n weight: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(443)\n .protocol(\"TLS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(\"80\")\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener.\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n\n", + "description": "Provides a Load Balancer Listener resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.Listener`\" pulumi-lang-dotnet=\"`aws.alb.Listener`\" pulumi-lang-go=\"`alb.Listener`\" pulumi-lang-python=\"`alb.Listener`\" pulumi-lang-yaml=\"`aws.alb.Listener`\" pulumi-lang-java=\"`aws.alb.Listener`\"\u003e`aws.alb.Listener`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.Listener`\" pulumi-lang-dotnet=\"`aws.lb.Listener`\" pulumi-lang-go=\"`lb.Listener`\" pulumi-lang-python=\"`lb.Listener`\" pulumi-lang-yaml=\"`aws.lb.Listener`\" pulumi-lang-java=\"`aws.lb.Listener`\"\u003e`aws.lb.Listener`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n### Forward Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith weighted target groups:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndBlue = new aws.lb.TargetGroup(\"front_end_blue\", {});\nconst frontEndGreen = new aws.lb.TargetGroup(\"front_end_green\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 443,\n protocol: \"HTTPS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n defaultActions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: frontEndBlue.arn,\n weight: 100,\n },\n {\n arn: frontEndGreen.arn,\n weight: 0,\n },\n ],\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_blue = aws.lb.TargetGroup(\"front_end_blue\")\nfront_end_green = aws.lb.TargetGroup(\"front_end_green\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=443,\n protocol=\"HTTPS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n default_actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": front_end_blue.arn,\n \"weight\": 100,\n },\n {\n \"arn\": front_end_green.arn,\n \"weight\": 0,\n },\n ],\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndBlue = new Aws.LB.TargetGroup(\"front_end_blue\");\n\n var frontEndGreen = new Aws.LB.TargetGroup(\"front_end_green\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 443,\n Protocol = \"HTTPS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndBlue.Arn,\n Weight = 100,\n },\n new Aws.LB.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n Arn = frontEndGreen.Arn,\n Weight = 0,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndBlue, err := lb.NewTargetGroup(ctx, \"front_end_blue\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndGreen, err := lb.NewTargetGroup(ctx, \"front_end_green\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndBlue.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(100),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: frontEndGreen.Arn,\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(0),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionForwardArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndBlue = new TargetGroup(\"frontEndBlue\");\n\n var frontEndGreen = new TargetGroup(\"frontEndGreen\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(443)\n .protocol(\"HTTPS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndBlue.arn())\n .weight(100)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .arn(frontEndGreen.arn())\n .weight(0)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndBlue:\n type: aws:lb:TargetGroup\n name: front_end_blue\n frontEndGreen:\n type: aws:lb:TargetGroup\n name: front_end_green\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '443'\n protocol: HTTPS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n defaultActions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${frontEndBlue.arn}\n weight: 100\n - arn: ${frontEndGreen.arn}\n weight: 0\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nTo a NLB:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEndAwsLb.arn,\n port: 443,\n protocol: \"TLS\",\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpnPolicy: \"HTTP2Preferred\",\n defaultActions: [{\n type: \"forward\",\n targetGroupArn: frontEndAwsLbTargetGroup.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end_aws_lb[\"arn\"],\n port=443,\n protocol=\"TLS\",\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n alpn_policy=\"HTTP2Preferred\",\n default_actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": front_end_aws_lb_target_group[\"arn\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEndAwsLb.Arn,\n Port = 443,\n Protocol = \"TLS\",\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = \"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\",\n AlpnPolicy = \"HTTP2Preferred\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndAwsLbTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(frontEndAwsLb.Arn),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tProtocol: pulumi.String(\"TLS\"),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.String(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\"),\n\t\t\tAlpnPolicy: pulumi.String(\"HTTP2Preferred\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(frontEndAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new Listener(\"frontEnd\", ListenerArgs.builder()\n .loadBalancerArn(frontEndAwsLb.arn())\n .port(443)\n .protocol(\"TLS\")\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(\"arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\")\n .alpnPolicy(\"HTTP2Preferred\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndAwsLbTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEndAwsLb.arn}\n port: '443'\n protocol: TLS\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4\n alpnPolicy: HTTP2Preferred\n defaultActions:\n - type: forward\n targetGroupArn: ${frontEndAwsLbTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redirect Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerDefaultActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerDefaultActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fixed-response Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"Fixed response content\",\n statusCode: \"200\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"Fixed response content\",\n \"status_code\": \"200\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"Fixed response content\",\n StatusCode = \"200\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"Fixed response content\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions(ListenerDefaultActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"Fixed response content\")\n .statusCode(\"200\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: Fixed response content\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-cognito Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerDefaultActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateCognitoArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerDefaultActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Authenticate-OIDC Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndTargetGroup = new aws.lb.TargetGroup(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {\n loadBalancerArn: frontEnd.arn,\n port: 80,\n protocol: \"HTTP\",\n defaultActions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: frontEndTargetGroup.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_target_group = aws.lb.TargetGroup(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\",\n load_balancer_arn=front_end.arn,\n port=80,\n protocol=\"HTTP\",\n default_actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": front_end_target_group.arn,\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndTargetGroup = new Aws.LB.TargetGroup(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\", new()\n {\n LoadBalancerArn = frontEnd.Arn,\n Port = 80,\n Protocol = \"HTTP\",\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = frontEndTargetGroup.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfrontEnd, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndTargetGroup, err := lb.NewTargetGroup(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"front_end\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: frontEnd.Arn,\n\t\t\tPort: pulumi.Int(80),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerDefaultActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: frontEndTargetGroup.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndTargetGroup = new TargetGroup(\"frontEndTargetGroup\");\n\n var frontEndListener = new Listener(\"frontEndListener\", ListenerArgs.builder()\n .loadBalancerArn(frontEnd.arn())\n .port(80)\n .protocol(\"HTTP\")\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerDefaultActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(frontEndTargetGroup.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndTargetGroup:\n type: aws:lb:TargetGroup\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n properties:\n loadBalancerArn: ${frontEnd.arn}\n port: '80'\n protocol: HTTP\n defaultActions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${frontEndTargetGroup.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JWT Validation Action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.Listener(\"test\", {\n loadBalancerArn: testAwsLb.id,\n protocol: \"HTTPS\",\n port: 443,\n sslPolicy: \"ELBSecurityPolicy-2016-08\",\n certificateArn: testAwsIamServerCertificate.arn,\n defaultActions: [\n {\n type: \"jwt-validation\",\n jwtValidation: {\n issuer: \"https://example.com\",\n jwksEndpoint: \"https://example.com/.well-known/jwks.json\",\n additionalClaims: [\n {\n format: \"string-array\",\n name: \"claim_name1\",\n values: [\n \"value1\",\n \"value2\",\n ],\n },\n {\n format: \"single-string\",\n name: \"claim_name2\",\n values: [\"value1\"],\n },\n ],\n },\n },\n {\n targetGroupArn: testAwsLbTargetGroup.id,\n type: \"forward\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.Listener(\"test\",\n load_balancer_arn=test_aws_lb[\"id\"],\n protocol=\"HTTPS\",\n port=443,\n ssl_policy=\"ELBSecurityPolicy-2016-08\",\n certificate_arn=test_aws_iam_server_certificate[\"arn\"],\n default_actions=[\n {\n \"type\": \"jwt-validation\",\n \"jwt_validation\": {\n \"issuer\": \"https://example.com\",\n \"jwks_endpoint\": \"https://example.com/.well-known/jwks.json\",\n \"additional_claims\": [\n {\n \"format\": \"string-array\",\n \"name\": \"claim_name1\",\n \"values\": [\n \"value1\",\n \"value2\",\n ],\n },\n {\n \"format\": \"single-string\",\n \"name\": \"claim_name2\",\n \"values\": [\"value1\"],\n },\n ],\n },\n },\n {\n \"target_group_arn\": test_aws_lb_target_group[\"id\"],\n \"type\": \"forward\",\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.Listener(\"test\", new()\n {\n LoadBalancerArn = testAwsLb.Id,\n Protocol = \"HTTPS\",\n Port = 443,\n SslPolicy = \"ELBSecurityPolicy-2016-08\",\n CertificateArn = testAwsIamServerCertificate.Arn,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n Type = \"jwt-validation\",\n JwtValidation = new Aws.LB.Inputs.ListenerDefaultActionJwtValidationArgs\n {\n Issuer = \"https://example.com\",\n JwksEndpoint = \"https://example.com/.well-known/jwks.json\",\n AdditionalClaims = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs\n {\n Format = \"string-array\",\n Name = \"claim_name1\",\n Values = new[]\n {\n \"value1\",\n \"value2\",\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs\n {\n Format = \"single-string\",\n Name = \"claim_name2\",\n Values = new[]\n {\n \"value1\",\n },\n },\n },\n },\n },\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = testAwsLbTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewListener(ctx, \"test\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: pulumi.Any(testAwsLb.Id),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tPort: pulumi.Int(443),\n\t\t\tSslPolicy: pulumi.String(\"ELBSecurityPolicy-2016-08\"),\n\t\t\tCertificateArn: pulumi.Any(testAwsIamServerCertificate.Arn),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tType: pulumi.String(\"jwt-validation\"),\n\t\t\t\t\tJwtValidation: \u0026lb.ListenerDefaultActionJwtValidationArgs{\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tJwksEndpoint: pulumi.String(\"https://example.com/.well-known/jwks.json\"),\n\t\t\t\t\t\tAdditionalClaims: lb.ListenerDefaultActionJwtValidationAdditionalClaimArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{\n\t\t\t\t\t\t\t\tFormat: pulumi.String(\"string-array\"),\n\t\t\t\t\t\t\t\tName: pulumi.String(\"claim_name1\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value2\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{\n\t\t\t\t\t\t\t\tFormat: pulumi.String(\"single-string\"),\n\t\t\t\t\t\t\t\tName: pulumi.String(\"claim_name2\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(testAwsLbTargetGroup.Id),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Listener(\"test\", ListenerArgs.builder()\n .loadBalancerArn(testAwsLb.id())\n .protocol(\"HTTPS\")\n .port(443)\n .sslPolicy(\"ELBSecurityPolicy-2016-08\")\n .certificateArn(testAwsIamServerCertificate.arn())\n .defaultActions( \n ListenerDefaultActionArgs.builder()\n .type(\"jwt-validation\")\n .jwtValidation(ListenerDefaultActionJwtValidationArgs.builder()\n .issuer(\"https://example.com\")\n .jwksEndpoint(\"https://example.com/.well-known/jwks.json\")\n .additionalClaims( \n ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()\n .format(\"string-array\")\n .name(\"claim_name1\")\n .values( \n \"value1\",\n \"value2\")\n .build(),\n ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()\n .format(\"single-string\")\n .name(\"claim_name2\")\n .values(\"value1\")\n .build())\n .build())\n .build(),\n ListenerDefaultActionArgs.builder()\n .targetGroupArn(testAwsLbTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:Listener\n properties:\n loadBalancerArn: ${testAwsLb.id}\n protocol: HTTPS\n port: '443'\n sslPolicy: ELBSecurityPolicy-2016-08\n certificateArn: ${testAwsIamServerCertificate.arn}\n defaultActions:\n - type: jwt-validation\n jwtValidation:\n issuer: https://example.com\n jwksEndpoint: https://example.com/.well-known/jwks.json\n additionalClaims:\n - format: string-array\n name: claim_name1\n values:\n - value1\n - value2\n - format: single-string\n name: claim_name2\n values:\n - value1\n - targetGroupArn: ${testAwsLbTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Gateway Load Balancer Listener\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {\n loadBalancerType: \"gateway\",\n name: \"example\",\n subnetMappings: [{\n subnetId: exampleAwsSubnet.id,\n }],\n});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {\n name: \"example\",\n port: 6081,\n protocol: \"GENEVE\",\n vpcId: exampleAwsVpc.id,\n healthCheck: {\n port: \"80\",\n protocol: \"HTTP\",\n },\n});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\",\n load_balancer_type=\"gateway\",\n name=\"example\",\n subnet_mappings=[{\n \"subnet_id\": example_aws_subnet[\"id\"],\n }])\nexample_target_group = aws.lb.TargetGroup(\"example\",\n name=\"example\",\n port=6081,\n protocol=\"GENEVE\",\n vpc_id=example_aws_vpc[\"id\"],\n health_check={\n \"port\": \"80\",\n \"protocol\": \"HTTP\",\n })\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"gateway\",\n Name = \"example\",\n SubnetMappings = new[]\n {\n new Aws.LB.Inputs.LoadBalancerSubnetMappingArgs\n {\n SubnetId = exampleAwsSubnet.Id,\n },\n },\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\", new()\n {\n Name = \"example\",\n Port = 6081,\n Protocol = \"GENEVE\",\n VpcId = exampleAwsVpc.Id,\n HealthCheck = new Aws.LB.Inputs.TargetGroupHealthCheckArgs\n {\n Port = \"80\",\n Protocol = \"HTTP\",\n },\n });\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"gateway\"),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSubnetMappings: lb.LoadBalancerSubnetMappingArray{\n\t\t\t\t\u0026lb.LoadBalancerSubnetMappingArgs{\n\t\t\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPort: pulumi.Int(6081),\n\t\t\tProtocol: pulumi.String(\"GENEVE\"),\n\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\tHealthCheck: \u0026lb.TargetGroupHealthCheckArgs{\n\t\t\t\tPort: pulumi.String(\"80\"),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.inputs.LoadBalancerSubnetMappingArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lb.inputs.TargetGroupHealthCheckArgs;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"gateway\")\n .name(\"example\")\n .subnetMappings(LoadBalancerSubnetMappingArgs.builder()\n .subnetId(exampleAwsSubnet.id())\n .build())\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example\")\n .port(6081)\n .protocol(\"GENEVE\")\n .vpcId(exampleAwsVpc.id())\n .healthCheck(TargetGroupHealthCheckArgs.builder()\n .port(\"80\")\n .protocol(\"HTTP\")\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: gateway\n name: example\n subnetMappings:\n - subnetId: ${exampleAwsSubnet.id}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n properties:\n name: example\n port: 6081\n protocol: GENEVE\n vpcId: ${exampleAwsVpc.id}\n healthCheck:\n port: 80\n protocol: HTTP\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mutual TLS Authentication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lb.LoadBalancer(\"example\", {loadBalancerType: \"application\"});\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleListener = new aws.lb.Listener(\"example\", {\n loadBalancerArn: example.id,\n defaultActions: [{\n targetGroupArn: exampleTargetGroup.id,\n type: \"forward\",\n }],\n mutualAuthentication: {\n mode: \"verify\",\n trustStoreArn: \"...\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lb.LoadBalancer(\"example\", load_balancer_type=\"application\")\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_listener = aws.lb.Listener(\"example\",\n load_balancer_arn=example.id,\n default_actions=[{\n \"target_group_arn\": example_target_group.id,\n \"type\": \"forward\",\n }],\n mutual_authentication={\n \"mode\": \"verify\",\n \"trust_store_arn\": \"...\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.LB.LoadBalancer(\"example\", new()\n {\n LoadBalancerType = \"application\",\n });\n\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleListener = new Aws.LB.Listener(\"example\", new()\n {\n LoadBalancerArn = example.Id,\n DefaultActions = new[]\n {\n new Aws.LB.Inputs.ListenerDefaultActionArgs\n {\n TargetGroupArn = exampleTargetGroup.Id,\n Type = \"forward\",\n },\n },\n MutualAuthentication = new Aws.LB.Inputs.ListenerMutualAuthenticationArgs\n {\n Mode = \"verify\",\n TrustStoreArn = \"...\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lb.NewLoadBalancer(ctx, \"example\", \u0026lb.LoadBalancerArgs{\n\t\t\tLoadBalancerType: pulumi.String(\"application\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := lb.NewTargetGroup(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListener(ctx, \"example\", \u0026lb.ListenerArgs{\n\t\t\tLoadBalancerArn: example.ID(),\n\t\t\tDefaultActions: lb.ListenerDefaultActionArray{\n\t\t\t\t\u0026lb.ListenerDefaultActionArgs{\n\t\t\t\t\tTargetGroupArn: exampleTargetGroup.ID(),\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tMutualAuthentication: \u0026lb.ListenerMutualAuthenticationArgs{\n\t\t\t\tMode: pulumi.String(\"verify\"),\n\t\t\t\tTrustStoreArn: pulumi.String(\"...\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.LoadBalancerArgs;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerArgs;\nimport com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerMutualAuthenticationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LoadBalancer(\"example\", LoadBalancerArgs.builder()\n .loadBalancerType(\"application\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\");\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .loadBalancerArn(example.id())\n .defaultActions(ListenerDefaultActionArgs.builder()\n .targetGroupArn(exampleTargetGroup.id())\n .type(\"forward\")\n .build())\n .mutualAuthentication(ListenerMutualAuthenticationArgs.builder()\n .mode(\"verify\")\n .trustStoreArn(\"...\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lb:LoadBalancer\n properties:\n loadBalancerType: application\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleListener:\n type: aws:lb:Listener\n name: example\n properties:\n loadBalancerArn: ${example.id}\n defaultActions:\n - targetGroupArn: ${exampleTargetGroup.id}\n type: forward\n mutualAuthentication:\n mode: verify\n trustStoreArn: '...'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener.\n\nUsing `pulumi import`, import listeners using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener/app/front-end-alb/8e4497da625e2d8a/9ab28ade35828f96\n\n", "properties": { "alpnPolicy": { "type": "string", @@ -333531,7 +334572,7 @@ ] }, "aws:lb/listenerRule:ListenerRule": { - "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.alb.ListenerRule`\" pulumi-lang-go=\"`alb.ListenerRule`\" pulumi-lang-python=\"`alb.ListenerRule`\" pulumi-lang-yaml=\"`aws.alb.ListenerRule`\" pulumi-lang-java=\"`aws.alb.ListenerRule`\"\u003e`aws.alb.ListenerRule`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.lb.ListenerRule`\" pulumi-lang-go=\"`lb.ListenerRule`\" pulumi-lang-python=\"`lb.ListenerRule`\" pulumi-lang-yaml=\"`aws.lb.ListenerRule`\" pulumi-lang-java=\"`aws.lb.ListenerRule`\"\u003e`aws.lb.ListenerRule`\u003c/span\u003e. The functionality is identical.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst frontEnd = new aws.lb.LoadBalancer(\"front_end\", {});\nconst frontEndListener = new aws.lb.Listener(\"front_end\", {});\nconst static = new aws.lb.ListenerRule(\"static\", {\n listenerArn: frontEndListener.arn,\n priority: 100,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [\n {\n pathPattern: {\n values: [\"/static/*\"],\n },\n },\n {\n hostHeader: {\n values: [\"example.com\"],\n },\n },\n ],\n});\n// Forward action\nconst hostBasedWeightedRouting = new aws.lb.ListenerRule(\"host_based_weighted_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Weighted Forward action\nconst hostBasedRouting = new aws.lb.ListenerRule(\"host_based_routing\", {\n listenerArn: frontEndListener.arn,\n priority: 99,\n actions: [{\n type: \"forward\",\n forward: {\n targetGroups: [\n {\n arn: main.arn,\n weight: 80,\n },\n {\n arn: canary.arn,\n weight: 20,\n },\n ],\n stickiness: {\n enabled: true,\n duration: 600,\n },\n },\n }],\n conditions: [{\n hostHeader: {\n values: [\"my-service.*.mycompany.io\"],\n },\n }],\n});\n// Redirect action\nconst redirectHttpToHttps = new aws.lb.ListenerRule(\"redirect_http_to_https\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"redirect\",\n redirect: {\n port: \"443\",\n protocol: \"HTTPS\",\n statusCode: \"HTTP_301\",\n },\n }],\n conditions: [{\n httpHeader: {\n httpHeaderName: \"X-Forwarded-For\",\n values: [\"192.168.1.*\"],\n },\n }],\n});\n// Fixed-response action\nconst healthCheck = new aws.lb.ListenerRule(\"health_check\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"fixed-response\",\n fixedResponse: {\n contentType: \"text/plain\",\n messageBody: \"HEALTHY\",\n statusCode: \"200\",\n },\n }],\n conditions: [{\n queryStrings: [\n {\n key: \"health\",\n value: \"check\",\n },\n {\n value: \"bar\",\n },\n ],\n }],\n});\n// Authenticate-cognito Action\nconst pool = new aws.cognito.UserPool(\"pool\", {});\nconst client = new aws.cognito.UserPoolClient(\"client\", {});\nconst domain = new aws.cognito.UserPoolDomain(\"domain\", {});\nconst admin = new aws.lb.ListenerRule(\"admin\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-cognito\",\n authenticateCognito: {\n userPoolArn: pool.arn,\n userPoolClientId: client.id,\n userPoolDomain: domain.domain,\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// Authenticate-oidc Action\nconst oidc = new aws.lb.ListenerRule(\"oidc\", {\n listenerArn: frontEndListener.arn,\n actions: [\n {\n type: \"authenticate-oidc\",\n authenticateOidc: {\n authorizationEndpoint: \"https://example.com/authorization_endpoint\",\n clientId: \"client_id\",\n clientSecret: \"client_secret\",\n issuer: \"https://example.com\",\n tokenEndpoint: \"https://example.com/token_endpoint\",\n userInfoEndpoint: \"https://example.com/user_info_endpoint\",\n },\n },\n {\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n },\n ],\n});\n// With transform\nconst transform = new aws.lb.ListenerRule(\"transform\", {\n listenerArn: frontEndListener.arn,\n actions: [{\n type: \"forward\",\n targetGroupArn: staticAwsLbTargetGroup.arn,\n }],\n conditions: [{\n pathPattern: {\n values: [\"*\"],\n },\n }],\n transforms: [\n {\n type: \"host-header-rewrite\",\n hostHeaderRewriteConfig: {\n rewrite: {\n regex: \"^mywebsite-(.+).com$\",\n replace: \"internal.dev.$1.myweb.com\",\n },\n },\n },\n {\n type: \"url-rewrite\",\n urlRewriteConfig: {\n rewrite: {\n regex: \"^/dp/([A-Za-z0-9]+)/?$\",\n replace: \"/product.php?id=$1\",\n },\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfront_end = aws.lb.LoadBalancer(\"front_end\")\nfront_end_listener = aws.lb.Listener(\"front_end\")\nstatic = aws.lb.ListenerRule(\"static\",\n listener_arn=front_end_listener.arn,\n priority=100,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[\n {\n \"path_pattern\": {\n \"values\": [\"/static/*\"],\n },\n },\n {\n \"host_header\": {\n \"values\": [\"example.com\"],\n },\n },\n ])\n# Forward action\nhost_based_weighted_routing = aws.lb.ListenerRule(\"host_based_weighted_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Weighted Forward action\nhost_based_routing = aws.lb.ListenerRule(\"host_based_routing\",\n listener_arn=front_end_listener.arn,\n priority=99,\n actions=[{\n \"type\": \"forward\",\n \"forward\": {\n \"target_groups\": [\n {\n \"arn\": main[\"arn\"],\n \"weight\": 80,\n },\n {\n \"arn\": canary[\"arn\"],\n \"weight\": 20,\n },\n ],\n \"stickiness\": {\n \"enabled\": True,\n \"duration\": 600,\n },\n },\n }],\n conditions=[{\n \"host_header\": {\n \"values\": [\"my-service.*.mycompany.io\"],\n },\n }])\n# Redirect action\nredirect_http_to_https = aws.lb.ListenerRule(\"redirect_http_to_https\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"redirect\",\n \"redirect\": {\n \"port\": \"443\",\n \"protocol\": \"HTTPS\",\n \"status_code\": \"HTTP_301\",\n },\n }],\n conditions=[{\n \"http_header\": {\n \"http_header_name\": \"X-Forwarded-For\",\n \"values\": [\"192.168.1.*\"],\n },\n }])\n# Fixed-response action\nhealth_check = aws.lb.ListenerRule(\"health_check\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"fixed-response\",\n \"fixed_response\": {\n \"content_type\": \"text/plain\",\n \"message_body\": \"HEALTHY\",\n \"status_code\": \"200\",\n },\n }],\n conditions=[{\n \"query_strings\": [\n {\n \"key\": \"health\",\n \"value\": \"check\",\n },\n {\n \"value\": \"bar\",\n },\n ],\n }])\n# Authenticate-cognito Action\npool = aws.cognito.UserPool(\"pool\")\nclient = aws.cognito.UserPoolClient(\"client\")\ndomain = aws.cognito.UserPoolDomain(\"domain\")\nadmin = aws.lb.ListenerRule(\"admin\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-cognito\",\n \"authenticate_cognito\": {\n \"user_pool_arn\": pool.arn,\n \"user_pool_client_id\": client.id,\n \"user_pool_domain\": domain.domain,\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# Authenticate-oidc Action\noidc = aws.lb.ListenerRule(\"oidc\",\n listener_arn=front_end_listener.arn,\n actions=[\n {\n \"type\": \"authenticate-oidc\",\n \"authenticate_oidc\": {\n \"authorization_endpoint\": \"https://example.com/authorization_endpoint\",\n \"client_id\": \"client_id\",\n \"client_secret\": \"client_secret\",\n \"issuer\": \"https://example.com\",\n \"token_endpoint\": \"https://example.com/token_endpoint\",\n \"user_info_endpoint\": \"https://example.com/user_info_endpoint\",\n },\n },\n {\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n },\n ])\n# With transform\ntransform = aws.lb.ListenerRule(\"transform\",\n listener_arn=front_end_listener.arn,\n actions=[{\n \"type\": \"forward\",\n \"target_group_arn\": static_aws_lb_target_group[\"arn\"],\n }],\n conditions=[{\n \"path_pattern\": {\n \"values\": [\"*\"],\n },\n }],\n transforms=[\n {\n \"type\": \"host-header-rewrite\",\n \"host_header_rewrite_config\": {\n \"rewrite\": {\n \"regex\": \"^mywebsite-(.+).com$\",\n \"replace\": \"internal.dev.$1.myweb.com\",\n },\n },\n },\n {\n \"type\": \"url-rewrite\",\n \"url_rewrite_config\": {\n \"rewrite\": {\n \"regex\": \"^/dp/([A-Za-z0-9]+)/?$\",\n \"replace\": \"/product.php?id=$1\",\n },\n },\n },\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var frontEnd = new Aws.LB.LoadBalancer(\"front_end\");\n\n var frontEndListener = new Aws.LB.Listener(\"front_end\");\n\n var @static = new Aws.LB.ListenerRule(\"static\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 100,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"/static/*\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"example.com\",\n },\n },\n },\n },\n });\n\n // Forward action\n var hostBasedWeightedRouting = new Aws.LB.ListenerRule(\"host_based_weighted_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Weighted Forward action\n var hostBasedRouting = new Aws.LB.ListenerRule(\"host_based_routing\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Priority = 99,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = main.Arn,\n Weight = 80,\n },\n new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs\n {\n Arn = canary.Arn,\n Weight = 20,\n },\n },\n Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs\n {\n Enabled = true,\n Duration = 600,\n },\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs\n {\n Values = new[]\n {\n \"my-service.*.mycompany.io\",\n },\n },\n },\n },\n });\n\n // Redirect action\n var redirectHttpToHttps = new Aws.LB.ListenerRule(\"redirect_http_to_https\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"redirect\",\n Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs\n {\n Port = \"443\",\n Protocol = \"HTTPS\",\n StatusCode = \"HTTP_301\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs\n {\n HttpHeaderName = \"X-Forwarded-For\",\n Values = new[]\n {\n \"192.168.1.*\",\n },\n },\n },\n },\n });\n\n // Fixed-response action\n var healthCheck = new Aws.LB.ListenerRule(\"health_check\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"fixed-response\",\n FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs\n {\n ContentType = \"text/plain\",\n MessageBody = \"HEALTHY\",\n StatusCode = \"200\",\n },\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n QueryStrings = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Key = \"health\",\n Value = \"check\",\n },\n new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs\n {\n Value = \"bar\",\n },\n },\n },\n },\n });\n\n // Authenticate-cognito Action\n var pool = new Aws.Cognito.UserPool(\"pool\");\n\n var client = new Aws.Cognito.UserPoolClient(\"client\");\n\n var domain = new Aws.Cognito.UserPoolDomain(\"domain\");\n\n var admin = new Aws.LB.ListenerRule(\"admin\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-cognito\",\n AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs\n {\n UserPoolArn = pool.Arn,\n UserPoolClientId = client.Id,\n UserPoolDomain = domain.Domain,\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // Authenticate-oidc Action\n var oidc = new Aws.LB.ListenerRule(\"oidc\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"authenticate-oidc\",\n AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs\n {\n AuthorizationEndpoint = \"https://example.com/authorization_endpoint\",\n ClientId = \"client_id\",\n ClientSecret = \"client_secret\",\n Issuer = \"https://example.com\",\n TokenEndpoint = \"https://example.com/token_endpoint\",\n UserInfoEndpoint = \"https://example.com/user_info_endpoint\",\n },\n },\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n });\n\n // With transform\n var transform = new Aws.LB.ListenerRule(\"transform\", new()\n {\n ListenerArn = frontEndListener.Arn,\n Actions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleActionArgs\n {\n Type = \"forward\",\n TargetGroupArn = staticAwsLbTargetGroup.Arn,\n },\n },\n Conditions = new[]\n {\n new Aws.LB.Inputs.ListenerRuleConditionArgs\n {\n PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs\n {\n Values = new[]\n {\n \"*\",\n },\n },\n },\n },\n Transforms = new[]\n {\n new Aws.LB.Inputs.ListenerRuleTransformArgs\n {\n Type = \"host-header-rewrite\",\n HostHeaderRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs\n {\n Rewrite = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs\n {\n Regex = \"^mywebsite-(.+).com$\",\n Replace = \"internal.dev.$1.myweb.com\",\n },\n },\n },\n new Aws.LB.Inputs.ListenerRuleTransformArgs\n {\n Type = \"url-rewrite\",\n UrlRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigArgs\n {\n Rewrite = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs\n {\n Regex = \"^/dp/([A-Za-z0-9]+)/?$\",\n Replace = \"/product.php?id=$1\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lb.NewLoadBalancer(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfrontEndListener, err := lb.NewListener(ctx, \"front_end\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"static\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(100),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"/static/*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"example.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_weighted_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Weighted Forward action\n\t\t_, err = lb.NewListenerRule(ctx, \"host_based_routing\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tPriority: pulumi.Int(99),\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tForward: \u0026lb.ListenerRuleActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(main.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026lb.ListenerRuleActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tArn: pulumi.Any(canary.Arn),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tStickiness: \u0026lb.ListenerRuleActionForwardStickinessArgs{\n\t\t\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\t\t\tDuration: pulumi.Int(600),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHostHeader: \u0026lb.ListenerRuleConditionHostHeaderArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"my-service.*.mycompany.io\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Redirect action\n\t\t_, err = lb.NewListenerRule(ctx, \"redirect_http_to_https\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"redirect\"),\n\t\t\t\t\tRedirect: \u0026lb.ListenerRuleActionRedirectArgs{\n\t\t\t\t\t\tPort: pulumi.String(\"443\"),\n\t\t\t\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"HTTP_301\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tHttpHeader: \u0026lb.ListenerRuleConditionHttpHeaderArgs{\n\t\t\t\t\t\tHttpHeaderName: pulumi.String(\"X-Forwarded-For\"),\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"192.168.1.*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Fixed-response action\n\t\t_, err = lb.NewListenerRule(ctx, \"health_check\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"fixed-response\"),\n\t\t\t\t\tFixedResponse: \u0026lb.ListenerRuleActionFixedResponseArgs{\n\t\t\t\t\t\tContentType: pulumi.String(\"text/plain\"),\n\t\t\t\t\t\tMessageBody: pulumi.String(\"HEALTHY\"),\n\t\t\t\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tQueryStrings: lb.ListenerRuleConditionQueryStringArray{\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"health\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"check\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026lb.ListenerRuleConditionQueryStringArgs{\n\t\t\t\t\t\t\tValue: pulumi.String(\"bar\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-cognito Action\n\t\tpool, err := cognito.NewUserPool(ctx, \"pool\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tclient, err := cognito.NewUserPoolClient(ctx, \"client\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdomain, err := cognito.NewUserPoolDomain(ctx, \"domain\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewListenerRule(ctx, \"admin\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-cognito\"),\n\t\t\t\t\tAuthenticateCognito: \u0026lb.ListenerRuleActionAuthenticateCognitoArgs{\n\t\t\t\t\t\tUserPoolArn: pool.Arn,\n\t\t\t\t\t\tUserPoolClientId: client.ID(),\n\t\t\t\t\t\tUserPoolDomain: domain.Domain,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Authenticate-oidc Action\n\t\t_, err = lb.NewListenerRule(ctx, \"oidc\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"authenticate-oidc\"),\n\t\t\t\t\tAuthenticateOidc: \u0026lb.ListenerRuleActionAuthenticateOidcArgs{\n\t\t\t\t\t\tAuthorizationEndpoint: pulumi.String(\"https://example.com/authorization_endpoint\"),\n\t\t\t\t\t\tClientId: pulumi.String(\"client_id\"),\n\t\t\t\t\t\tClientSecret: pulumi.String(\"client_secret\"),\n\t\t\t\t\t\tIssuer: pulumi.String(\"https://example.com\"),\n\t\t\t\t\t\tTokenEndpoint: pulumi.String(\"https://example.com/token_endpoint\"),\n\t\t\t\t\t\tUserInfoEndpoint: pulumi.String(\"https://example.com/user_info_endpoint\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// With transform\n\t\t_, err = lb.NewListenerRule(ctx, \"transform\", \u0026lb.ListenerRuleArgs{\n\t\t\tListenerArn: frontEndListener.Arn,\n\t\t\tActions: lb.ListenerRuleActionArray{\n\t\t\t\t\u0026lb.ListenerRuleActionArgs{\n\t\t\t\t\tType: pulumi.String(\"forward\"),\n\t\t\t\t\tTargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t\tConditions: lb.ListenerRuleConditionArray{\n\t\t\t\t\u0026lb.ListenerRuleConditionArgs{\n\t\t\t\t\tPathPattern: \u0026lb.ListenerRuleConditionPathPatternArgs{\n\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTransforms: lb.ListenerRuleTransformArray{\n\t\t\t\t\u0026lb.ListenerRuleTransformArgs{\n\t\t\t\t\tType: pulumi.String(\"host-header-rewrite\"),\n\t\t\t\t\tHostHeaderRewriteConfig: \u0026lb.ListenerRuleTransformHostHeaderRewriteConfigArgs{\n\t\t\t\t\t\tRewrite: \u0026lb.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs{\n\t\t\t\t\t\t\tRegex: pulumi.String(\"^mywebsite-(.+).com$\"),\n\t\t\t\t\t\t\tReplace: pulumi.String(\"internal.dev.$1.myweb.com\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026lb.ListenerRuleTransformArgs{\n\t\t\t\t\tType: pulumi.String(\"url-rewrite\"),\n\t\t\t\t\tUrlRewriteConfig: \u0026lb.ListenerRuleTransformUrlRewriteConfigArgs{\n\t\t\t\t\t\tRewrite: \u0026lb.ListenerRuleTransformUrlRewriteConfigRewriteArgs{\n\t\t\t\t\t\t\tRegex: pulumi.String(\"^/dp/([A-Za-z0-9]+)/?$\"),\n\t\t\t\t\t\t\tReplace: pulumi.String(\"/product.php?id=$1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.LoadBalancer;\nimport com.pulumi.aws.lb.Listener;\nimport com.pulumi.aws.lb.ListenerRule;\nimport com.pulumi.aws.lb.ListenerRuleArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolClient;\nimport com.pulumi.aws.cognito.UserPoolDomain;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigArgs;\nimport com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var frontEnd = new LoadBalancer(\"frontEnd\");\n\n var frontEndListener = new Listener(\"frontEndListener\");\n\n var static_ = new ListenerRule(\"static\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(100)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions( \n ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"/static/*\")\n .build())\n .build(),\n ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"example.com\")\n .build())\n .build())\n .build());\n\n // Forward action\n var hostBasedWeightedRouting = new ListenerRule(\"hostBasedWeightedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Weighted Forward action\n var hostBasedRouting = new ListenerRule(\"hostBasedRouting\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .priority(99)\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .forward(ListenerRuleActionForwardArgs.builder()\n .targetGroups( \n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(main.arn())\n .weight(80)\n .build(),\n ListenerRuleActionForwardTargetGroupArgs.builder()\n .arn(canary.arn())\n .weight(20)\n .build())\n .stickiness(ListenerRuleActionForwardStickinessArgs.builder()\n .enabled(true)\n .duration(600)\n .build())\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()\n .values(\"my-service.*.mycompany.io\")\n .build())\n .build())\n .build());\n\n // Redirect action\n var redirectHttpToHttps = new ListenerRule(\"redirectHttpToHttps\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"redirect\")\n .redirect(ListenerRuleActionRedirectArgs.builder()\n .port(\"443\")\n .protocol(\"HTTPS\")\n .statusCode(\"HTTP_301\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()\n .httpHeaderName(\"X-Forwarded-For\")\n .values(\"192.168.1.*\")\n .build())\n .build())\n .build());\n\n // Fixed-response action\n var healthCheck = new ListenerRule(\"healthCheck\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"fixed-response\")\n .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()\n .contentType(\"text/plain\")\n .messageBody(\"HEALTHY\")\n .statusCode(\"200\")\n .build())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .queryStrings( \n ListenerRuleConditionQueryStringArgs.builder()\n .key(\"health\")\n .value(\"check\")\n .build(),\n ListenerRuleConditionQueryStringArgs.builder()\n .value(\"bar\")\n .build())\n .build())\n .build());\n\n // Authenticate-cognito Action\n var pool = new UserPool(\"pool\");\n\n var client = new UserPoolClient(\"client\");\n\n var domain = new UserPoolDomain(\"domain\");\n\n var admin = new ListenerRule(\"admin\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-cognito\")\n .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()\n .userPoolArn(pool.arn())\n .userPoolClientId(client.id())\n .userPoolDomain(domain.domain())\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // Authenticate-oidc Action\n var oidc = new ListenerRule(\"oidc\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions( \n ListenerRuleActionArgs.builder()\n .type(\"authenticate-oidc\")\n .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()\n .authorizationEndpoint(\"https://example.com/authorization_endpoint\")\n .clientId(\"client_id\")\n .clientSecret(\"client_secret\")\n .issuer(\"https://example.com\")\n .tokenEndpoint(\"https://example.com/token_endpoint\")\n .userInfoEndpoint(\"https://example.com/user_info_endpoint\")\n .build())\n .build(),\n ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .build());\n\n // With transform\n var transform = new ListenerRule(\"transform\", ListenerRuleArgs.builder()\n .listenerArn(frontEndListener.arn())\n .actions(ListenerRuleActionArgs.builder()\n .type(\"forward\")\n .targetGroupArn(staticAwsLbTargetGroup.arn())\n .build())\n .conditions(ListenerRuleConditionArgs.builder()\n .pathPattern(ListenerRuleConditionPathPatternArgs.builder()\n .values(\"*\")\n .build())\n .build())\n .transforms( \n ListenerRuleTransformArgs.builder()\n .type(\"host-header-rewrite\")\n .hostHeaderRewriteConfig(ListenerRuleTransformHostHeaderRewriteConfigArgs.builder()\n .rewrite(ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs.builder()\n .regex(\"^mywebsite-(.+).com$\")\n .replace(\"internal.dev.$1.myweb.com\")\n .build())\n .build())\n .build(),\n ListenerRuleTransformArgs.builder()\n .type(\"url-rewrite\")\n .urlRewriteConfig(ListenerRuleTransformUrlRewriteConfigArgs.builder()\n .rewrite(ListenerRuleTransformUrlRewriteConfigRewriteArgs.builder()\n .regex(\"^/dp/([A-Za-z0-9]+)/?$\")\n .replace(\"/product.php?id=$1\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n frontEnd:\n type: aws:lb:LoadBalancer\n name: front_end\n frontEndListener:\n type: aws:lb:Listener\n name: front_end\n static:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 100\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - /static/*\n - hostHeader:\n values:\n - example.com\n # Forward action\n hostBasedWeightedRouting:\n type: aws:lb:ListenerRule\n name: host_based_weighted_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Weighted Forward action\n hostBasedRouting:\n type: aws:lb:ListenerRule\n name: host_based_routing\n properties:\n listenerArn: ${frontEndListener.arn}\n priority: 99\n actions:\n - type: forward\n forward:\n targetGroups:\n - arn: ${main.arn}\n weight: 80\n - arn: ${canary.arn}\n weight: 20\n stickiness:\n enabled: true\n duration: 600\n conditions:\n - hostHeader:\n values:\n - my-service.*.mycompany.io\n # Redirect action\n redirectHttpToHttps:\n type: aws:lb:ListenerRule\n name: redirect_http_to_https\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: redirect\n redirect:\n port: '443'\n protocol: HTTPS\n statusCode: HTTP_301\n conditions:\n - httpHeader:\n httpHeaderName: X-Forwarded-For\n values:\n - 192.168.1.*\n # Fixed-response action\n healthCheck:\n type: aws:lb:ListenerRule\n name: health_check\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: fixed-response\n fixedResponse:\n contentType: text/plain\n messageBody: HEALTHY\n statusCode: '200'\n conditions:\n - queryStrings:\n - key: health\n value: check\n - value: bar\n # Authenticate-cognito Action\n pool:\n type: aws:cognito:UserPool\n client:\n type: aws:cognito:UserPoolClient\n domain:\n type: aws:cognito:UserPoolDomain\n admin:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-cognito\n authenticateCognito:\n userPoolArn: ${pool.arn}\n userPoolClientId: ${client.id}\n userPoolDomain: ${domain.domain}\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # Authenticate-oidc Action\n oidc:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: authenticate-oidc\n authenticateOidc:\n authorizationEndpoint: https://example.com/authorization_endpoint\n clientId: client_id\n clientSecret: client_secret\n issuer: https://example.com\n tokenEndpoint: https://example.com/token_endpoint\n userInfoEndpoint: https://example.com/user_info_endpoint\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n # With transform\n transform:\n type: aws:lb:ListenerRule\n properties:\n listenerArn: ${frontEndListener.arn}\n actions:\n - type: forward\n targetGroupArn: ${staticAwsLbTargetGroup.arn}\n conditions:\n - pathPattern:\n values:\n - '*'\n transforms:\n - type: host-header-rewrite\n hostHeaderRewriteConfig:\n rewrite:\n regex: ^mywebsite-(.+).com$\n replace: internal.dev.$1.myweb.com\n - type: url-rewrite\n urlRewriteConfig:\n rewrite:\n regex: ^/dp/([A-Za-z0-9]+)/?$\n replace: /product.php?id=$1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n- `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.\n\nUsing `pulumi import`, import rules using their ARN. For example:\n\nconsole\n\n% pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b\n\n", + "description": "Provides a Load Balancer Listener Rule resource.\n\n\u003e **Note:** \u003cspan pulumi-lang-nodejs=\"`aws.alb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.alb.ListenerRule`\" pulumi-lang-go=\"`alb.ListenerRule`\" pulumi-lang-python=\"`alb.ListenerRule`\" pulumi-lang-yaml=\"`aws.alb.ListenerRule`\" pulumi-lang-java=\"`aws.alb.ListenerRule`\"\u003e`aws.alb.ListenerRule`\u003c/span\u003e is known as \u003cspan pulumi-lang-nodejs=\"`aws.lb.ListenerRule`\" pulumi-lang-dotnet=\"`aws.lb.ListenerRule`\" pulumi-lang-go=\"`lb.ListenerRule`\" pulumi-lang-python=\"`lb.ListenerRule`\" pulumi-lang-yaml=\"`aws.lb.ListenerRule`\" pulumi-lang-java=\"`aws.lb.ListenerRule`\"\u003e`aws.lb.ListenerRule`\u003c/span\u003e. The functionality is identical.\n\n", "properties": { "actions": { "type": "array", @@ -355063,7 +356104,7 @@ "properties": { "arn": { "type": "string", - "description": "ARN of the channel to associate with the notification configuration. This can be an email contact ARN.\n" + "description": "ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.\n" }, "notificationConfigurationArn": { "type": "string", @@ -355077,7 +356118,7 @@ "inputProperties": { "arn": { "type": "string", - "description": "ARN of the channel to associate with the notification configuration. This can be an email contact ARN.\n" + "description": "ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.\n" }, "notificationConfigurationArn": { "type": "string", @@ -355093,7 +356134,7 @@ "properties": { "arn": { "type": "string", - "description": "ARN of the channel to associate with the notification configuration. This can be an email contact ARN.\n" + "description": "ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.\n" }, "notificationConfigurationArn": { "type": "string", @@ -356881,9 +357922,13 @@ "type": "string", "description": "The Amazon Resource Name (ARN) for the cloud vm cluster.\n" }, + "cloudExadataInfrastructureArn": { + "type": "string", + "description": "The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "cloudExadataInfrastructureId": { "type": "string", - "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "clusterName": { "type": "string", @@ -356995,9 +358040,13 @@ "type": "string", "description": "The OCID (Oracle Cloud Identifier) of the VM cluster.\n" }, + "odbNetworkArn": { + "type": "string", + "description": "The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "odbNetworkId": { "type": "string", - "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "percentProgress": { "type": "number", @@ -357084,6 +358133,7 @@ }, "required": [ "arn", + "cloudExadataInfrastructureArn", "cloudExadataInfrastructureId", "clusterName", "computeModel", @@ -357110,6 +358160,7 @@ "ociResourceAnchorName", "ociUrl", "ocid", + "odbNetworkArn", "odbNetworkId", "percentProgress", "region", @@ -357128,9 +358179,13 @@ "vipIds" ], "inputProperties": { + "cloudExadataInfrastructureArn": { + "type": "string", + "description": "The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "cloudExadataInfrastructureId": { "type": "string", - "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "clusterName": { "type": "string", @@ -357187,9 +358242,13 @@ "type": "integer", "description": "The amount of memory, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource.\n" }, + "odbNetworkArn": { + "type": "string", + "description": "The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "odbNetworkId": { "type": "string", - "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "region": { "type": "string", @@ -357222,14 +358281,12 @@ } }, "requiredInputs": [ - "cloudExadataInfrastructureId", "cpuCoreCount", "dataStorageSizeInTbs", "dbServers", "displayName", "giVersion", "hostnamePrefix", - "odbNetworkId", "sshPublicKeys" ], "stateInputs": { @@ -357239,9 +358296,13 @@ "type": "string", "description": "The Amazon Resource Name (ARN) for the cloud vm cluster.\n" }, + "cloudExadataInfrastructureArn": { + "type": "string", + "description": "The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "cloudExadataInfrastructureId": { "type": "string", - "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "clusterName": { "type": "string", @@ -357353,9 +358414,13 @@ "type": "string", "description": "The OCID (Oracle Cloud Identifier) of the VM cluster.\n" }, + "odbNetworkArn": { + "type": "string", + "description": "The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" + }, "odbNetworkId": { "type": "string", - "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.\n" + "description": "The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureId \" pulumi-lang-dotnet=\" CloudExadataInfrastructureId \" pulumi-lang-go=\" cloudExadataInfrastructureId \" pulumi-lang-python=\" cloud_exadata_infrastructure_id \" pulumi-lang-yaml=\" cloudExadataInfrastructureId \" pulumi-lang-java=\" cloudExadataInfrastructureId \"\u003e cloud_exadata_infrastructure_id \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkId \" pulumi-lang-dotnet=\" OdbNetworkId \" pulumi-lang-go=\" odbNetworkId \" pulumi-lang-python=\" odb_network_id \" pulumi-lang-yaml=\" odbNetworkId \" pulumi-lang-java=\" odbNetworkId \"\u003e odb_network_id \u003c/span\u003eor\u003cspan pulumi-lang-nodejs=\" cloudExadataInfrastructureArn \" pulumi-lang-dotnet=\" CloudExadataInfrastructureArn \" pulumi-lang-go=\" cloudExadataInfrastructureArn \" pulumi-lang-python=\" cloud_exadata_infrastructure_arn \" pulumi-lang-yaml=\" cloudExadataInfrastructureArn \" pulumi-lang-java=\" cloudExadataInfrastructureArn \"\u003e cloud_exadata_infrastructure_arn \u003c/span\u003eand\u003cspan pulumi-lang-nodejs=\" odbNetworkArn \" pulumi-lang-dotnet=\" OdbNetworkArn \" pulumi-lang-go=\" odbNetworkArn \" pulumi-lang-python=\" odb_network_arn \" pulumi-lang-yaml=\" odbNetworkArn \" pulumi-lang-java=\" odbNetworkArn \"\u003e odb_network_arn \u003c/span\u003emust be used.\n" }, "percentProgress": { "type": "number", @@ -360169,7 +361234,7 @@ "items": { "type": "string" }, - "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" + "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, \u003cspan pulumi-lang-nodejs=\"`awsServiceAccessPrincipals`\" pulumi-lang-dotnet=\"`AwsServiceAccessPrincipals`\" pulumi-lang-go=\"`awsServiceAccessPrincipals`\" pulumi-lang-python=\"`aws_service_access_principals`\" pulumi-lang-yaml=\"`awsServiceAccessPrincipals`\" pulumi-lang-java=\"`awsServiceAccessPrincipals`\"\u003e`aws_service_access_principals`\u003c/span\u003e must include `securityhub.amazonaws.com`.\n" }, "featureSet": { "type": "string", @@ -360229,7 +361294,7 @@ "items": { "type": "string" }, - "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" + "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, \u003cspan pulumi-lang-nodejs=\"`awsServiceAccessPrincipals`\" pulumi-lang-dotnet=\"`AwsServiceAccessPrincipals`\" pulumi-lang-go=\"`awsServiceAccessPrincipals`\" pulumi-lang-python=\"`aws_service_access_principals`\" pulumi-lang-yaml=\"`awsServiceAccessPrincipals`\" pulumi-lang-java=\"`awsServiceAccessPrincipals`\"\u003e`aws_service_access_principals`\u003c/span\u003e must include `securityhub.amazonaws.com`.\n" }, "featureSet": { "type": "string", @@ -360262,7 +361327,7 @@ "items": { "type": "string" }, - "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).\n" + "description": "List of Organizations policy types to enable in the Organization Root. Organization must have \u003cspan pulumi-lang-nodejs=\"`featureSet`\" pulumi-lang-dotnet=\"`FeatureSet`\" pulumi-lang-go=\"`featureSet`\" pulumi-lang-python=\"`feature_set`\" pulumi-lang-yaml=\"`featureSet`\" pulumi-lang-java=\"`featureSet`\"\u003e`feature_set`\u003c/span\u003e set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, \u003cspan pulumi-lang-nodejs=\"`awsServiceAccessPrincipals`\" pulumi-lang-dotnet=\"`AwsServiceAccessPrincipals`\" pulumi-lang-go=\"`awsServiceAccessPrincipals`\" pulumi-lang-python=\"`aws_service_access_principals`\" pulumi-lang-yaml=\"`awsServiceAccessPrincipals`\" pulumi-lang-java=\"`awsServiceAccessPrincipals`\"\u003e`aws_service_access_principals`\u003c/span\u003e must include `securityhub.amazonaws.com`.\n" }, "featureSet": { "type": "string", @@ -363566,6 +364631,10 @@ "type": "string", "description": "The default namespace for this Amazon Web Services account. Currently, the default is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e.\n" }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, "terminationProtectionEnabled": { "type": "boolean", "description": "A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, it will allow the account to be deleted.\n" @@ -363577,6 +364646,7 @@ "required": [ "awsAccountId", "defaultNamespace", + "region", "terminationProtectionEnabled" ], "inputProperties": { @@ -363587,6 +364657,10 @@ "type": "string", "description": "The default namespace for this Amazon Web Services account. Currently, the default is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e.\n" }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, "terminationProtectionEnabled": { "type": "boolean", "description": "A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, it will allow the account to be deleted.\n" @@ -363605,6 +364679,10 @@ "type": "string", "description": "The default namespace for this Amazon Web Services account. Currently, the default is \u003cspan pulumi-lang-nodejs=\"`default`\" pulumi-lang-dotnet=\"`Default`\" pulumi-lang-go=\"`default`\" pulumi-lang-python=\"`default`\" pulumi-lang-yaml=\"`default`\" pulumi-lang-java=\"`default`\"\u003e`default`\u003c/span\u003e.\n" }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, "terminationProtectionEnabled": { "type": "boolean", "description": "A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If \u003cspan pulumi-lang-nodejs=\"`false`\" pulumi-lang-dotnet=\"`False`\" pulumi-lang-go=\"`false`\" pulumi-lang-python=\"`false`\" pulumi-lang-yaml=\"`false`\" pulumi-lang-java=\"`false`\"\u003e`false`\u003c/span\u003e, it will allow the account to be deleted.\n" @@ -390223,7 +391301,7 @@ "deprecationMessage": "aws.s3/bucketrequestpaymentconfigurationv2.BucketRequestPaymentConfigurationV2 has been deprecated in favor of aws.s3/bucketrequestpaymentconfiguration.BucketRequestPaymentConfiguration" }, "aws:s3/bucketServerSideEncryptionConfiguration:BucketServerSideEncryptionConfiguration": { - "description": "Provides a S3 bucket server-side encryption configuration resource.\n\n\u003e **NOTE:** Destroying an \u003cspan pulumi-lang-nodejs=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-dotnet=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-go=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-python=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-yaml=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-java=\"`aws.s3.BucketServerSideEncryptionConfiguration`\"\u003e`aws.s3.BucketServerSideEncryptionConfiguration`\u003c/span\u003e resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n* `bucket` (String) S3 bucket name.\n\n#### Optional\n\n* `account_id` (String) AWS Account where this resource is managed.\n\n* `expected_bucket_owner` (String) Account ID of the expected bucket owner.\n\n* `region` (String) Region where this resource is managed.\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nterraform\n\nimport {\n\n to = aws_s3_bucket_server_side_encryption_configuration.example\n\n id = \"bucket-name,123456789012\"\n\n}\n\n**Using `pulumi import` to import** S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name,123456789012\n\n", + "description": "Provides a S3 bucket server-side encryption configuration resource.\n\n\u003e **NOTE:** Destroying an \u003cspan pulumi-lang-nodejs=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-dotnet=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-go=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-python=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-yaml=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-java=\"`aws.s3.BucketServerSideEncryptionConfiguration`\"\u003e`aws.s3.BucketServerSideEncryptionConfiguration`\u003c/span\u003e resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).\n\n\u003e **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the \u003cspan pulumi-lang-nodejs=\"`blockedEncryptionTypes`\" pulumi-lang-dotnet=\"`BlockedEncryptionTypes`\" pulumi-lang-go=\"`blockedEncryptionTypes`\" pulumi-lang-python=\"`blocked_encryption_types`\" pulumi-lang-yaml=\"`blockedEncryptionTypes`\" pulumi-lang-java=\"`blockedEncryptionTypes`\"\u003e`blocked_encryption_types`\u003c/span\u003e argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blocking SSE-C Uploads\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n bucketKeyEnabled: true,\n blockedEncryptionTypes: [\"SSE-C\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n \"bucket_key_enabled\": True,\n \"blocked_encryption_types\": [\"SSE-C\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n BucketKeyEnabled = true,\n BlockedEncryptionTypes = new[]\n {\n \"SSE-C\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t\tBucketKeyEnabled: pulumi.Bool(true),\n\t\t\t\t\tBlockedEncryptionTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SSE-C\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .bucketKeyEnabled(true)\n .blockedEncryptionTypes(\"SSE-C\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n bucketKeyEnabled: true\n blockedEncryptionTypes:\n - SSE-C\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n* `bucket` (String) S3 bucket name.\n\n#### Optional\n\n* `account_id` (String) AWS Account where this resource is managed.\n\n* `expected_bucket_owner` (String) Account ID of the expected bucket owner.\n\n* `region` (String) Region where this resource is managed.\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nterraform\n\nimport {\n\n to = aws_s3_bucket_server_side_encryption_configuration.example\n\n id = \"bucket-name,123456789012\"\n\n}\n\n**Using `pulumi import` to import** S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name,123456789012\n\n", "properties": { "bucket": { "type": "string", @@ -390311,7 +391389,7 @@ ] }, "aws:s3/bucketServerSideEncryptionConfigurationV2:BucketServerSideEncryptionConfigurationV2": { - "description": "Provides a S3 bucket server-side encryption configuration resource.\n\n\u003e **NOTE:** Destroying an \u003cspan pulumi-lang-nodejs=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-dotnet=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-go=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-python=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-yaml=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-java=\"`aws.s3.BucketServerSideEncryptionConfiguration`\"\u003e`aws.s3.BucketServerSideEncryptionConfiguration`\u003c/span\u003e resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n* `bucket` (String) S3 bucket name.\n\n#### Optional\n\n* `account_id` (String) AWS Account where this resource is managed.\n\n* `expected_bucket_owner` (String) Account ID of the expected bucket owner.\n\n* `region` (String) Region where this resource is managed.\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nterraform\n\nimport {\n\n to = aws_s3_bucket_server_side_encryption_configuration.example\n\n id = \"bucket-name,123456789012\"\n\n}\n\n**Using `pulumi import` to import** S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name,123456789012\n\n", + "description": "Provides a S3 bucket server-side encryption configuration resource.\n\n\u003e **NOTE:** Destroying an \u003cspan pulumi-lang-nodejs=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-dotnet=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-go=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-python=\"`s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-yaml=\"`aws.s3.BucketServerSideEncryptionConfiguration`\" pulumi-lang-java=\"`aws.s3.BucketServerSideEncryptionConfiguration`\"\u003e`aws.s3.BucketServerSideEncryptionConfiguration`\u003c/span\u003e resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).\n\n\u003e **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the \u003cspan pulumi-lang-nodejs=\"`blockedEncryptionTypes`\" pulumi-lang-dotnet=\"`BlockedEncryptionTypes`\" pulumi-lang-go=\"`blockedEncryptionTypes`\" pulumi-lang-python=\"`blocked_encryption_types`\" pulumi-lang-yaml=\"`blockedEncryptionTypes`\" pulumi-lang-java=\"`blockedEncryptionTypes`\"\u003e`blocked_encryption_types`\u003c/span\u003e argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Blocking SSE-C Uploads\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mykey = new aws.kms.Key(\"mykey\", {\n description: \"This key is used to encrypt bucket objects\",\n deletionWindowInDays: 10,\n});\nconst mybucket = new aws.s3.Bucket(\"mybucket\", {bucket: \"mybucket\"});\nconst example = new aws.s3.BucketServerSideEncryptionConfiguration(\"example\", {\n bucket: mybucket.id,\n rules: [{\n applyServerSideEncryptionByDefault: {\n kmsMasterKeyId: mykey.arn,\n sseAlgorithm: \"aws:kms\",\n },\n bucketKeyEnabled: true,\n blockedEncryptionTypes: [\"SSE-C\"],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmykey = aws.kms.Key(\"mykey\",\n description=\"This key is used to encrypt bucket objects\",\n deletion_window_in_days=10)\nmybucket = aws.s3.Bucket(\"mybucket\", bucket=\"mybucket\")\nexample = aws.s3.BucketServerSideEncryptionConfiguration(\"example\",\n bucket=mybucket.id,\n rules=[{\n \"apply_server_side_encryption_by_default\": {\n \"kms_master_key_id\": mykey.arn,\n \"sse_algorithm\": \"aws:kms\",\n },\n \"bucket_key_enabled\": True,\n \"blocked_encryption_types\": [\"SSE-C\"],\n }])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mykey = new Aws.Kms.Key(\"mykey\", new()\n {\n Description = \"This key is used to encrypt bucket objects\",\n DeletionWindowInDays = 10,\n });\n\n var mybucket = new Aws.S3.Bucket(\"mybucket\", new()\n {\n BucketName = \"mybucket\",\n });\n\n var example = new Aws.S3.BucketServerSideEncryptionConfiguration(\"example\", new()\n {\n Bucket = mybucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs\n {\n ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs\n {\n KmsMasterKeyId = mykey.Arn,\n SseAlgorithm = \"aws:kms\",\n },\n BucketKeyEnabled = true,\n BlockedEncryptionTypes = new[]\n {\n \"SSE-C\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmykey, err := kms.NewKey(ctx, \"mykey\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"This key is used to encrypt bucket objects\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmybucket, err := s3.NewBucket(ctx, \"mybucket\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"mybucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, \"example\", \u0026s3.BucketServerSideEncryptionConfigurationArgs{\n\t\t\tBucket: mybucket.ID(),\n\t\t\tRules: s3.BucketServerSideEncryptionConfigurationRuleArray{\n\t\t\t\t\u0026s3.BucketServerSideEncryptionConfigurationRuleArgs{\n\t\t\t\t\tApplyServerSideEncryptionByDefault: \u0026s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{\n\t\t\t\t\t\tKmsMasterKeyId: mykey.Arn,\n\t\t\t\t\t\tSseAlgorithm: pulumi.String(\"aws:kms\"),\n\t\t\t\t\t},\n\t\t\t\t\tBucketKeyEnabled: pulumi.Bool(true),\n\t\t\t\t\tBlockedEncryptionTypes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SSE-C\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;\nimport com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mykey = new Key(\"mykey\", KeyArgs.builder()\n .description(\"This key is used to encrypt bucket objects\")\n .deletionWindowInDays(10)\n .build());\n\n var mybucket = new Bucket(\"mybucket\", BucketArgs.builder()\n .bucket(\"mybucket\")\n .build());\n\n var example = new BucketServerSideEncryptionConfiguration(\"example\", BucketServerSideEncryptionConfigurationArgs.builder()\n .bucket(mybucket.id())\n .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()\n .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()\n .kmsMasterKeyId(mykey.arn())\n .sseAlgorithm(\"aws:kms\")\n .build())\n .bucketKeyEnabled(true)\n .blockedEncryptionTypes(\"SSE-C\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mykey:\n type: aws:kms:Key\n properties:\n description: This key is used to encrypt bucket objects\n deletionWindowInDays: 10\n mybucket:\n type: aws:s3:Bucket\n properties:\n bucket: mybucket\n example:\n type: aws:s3:BucketServerSideEncryptionConfiguration\n properties:\n bucket: ${mybucket.id}\n rules:\n - applyServerSideEncryptionByDefault:\n kmsMasterKeyId: ${mykey.arn}\n sseAlgorithm: aws:kms\n bucketKeyEnabled: true\n blockedEncryptionTypes:\n - SSE-C\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\n### Identity Schema\n\n#### Required\n\n* `bucket` (String) S3 bucket name.\n\n#### Optional\n\n* `account_id` (String) AWS Account where this resource is managed.\n\n* `expected_bucket_owner` (String) Account ID of the expected bucket owner.\n\n* `region` (String) Region where this resource is managed.\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nterraform\n\nimport {\n\n to = aws_s3_bucket_server_side_encryption_configuration.example\n\n id = \"bucket-name,123456789012\"\n\n}\n\n**Using `pulumi import` to import** S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nconsole\n\n% pulumi import aws_s3_bucket_server_side_encryption_configuration.example bucket-name,123456789012\n\n", "properties": { "bucket": { "type": "string", @@ -397104,11 +398182,11 @@ } }, "aws:sagemaker/model:Model": { - "description": "Provides a SageMaker AI model resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"sagemaker.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json)});\nconst test = aws.sagemaker.getPrebuiltEcrImage({\n repositoryName: \"kmeans\",\n});\nconst example = new aws.sagemaker.Model(\"example\", {\n name: \"my-model\",\n executionRoleArn: exampleRole.arn,\n primaryContainer: {\n image: test.then(test =\u003e test.registryPath),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"sagemaker.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\", assume_role_policy=assume_role.json)\ntest = aws.sagemaker.get_prebuilt_ecr_image(repository_name=\"kmeans\")\nexample = aws.sagemaker.Model(\"example\",\n name=\"my-model\",\n execution_role_arn=example_role.arn,\n primary_container={\n \"image\": test.registry_path,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"sagemaker.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = Aws.Sagemaker.GetPrebuiltEcrImage.Invoke(new()\n {\n RepositoryName = \"kmeans\",\n });\n\n var example = new Aws.Sagemaker.Model(\"example\", new()\n {\n Name = \"my-model\",\n ExecutionRoleArn = exampleRole.Arn,\n PrimaryContainer = new Aws.Sagemaker.Inputs.ModelPrimaryContainerArgs\n {\n Image = test.Apply(getPrebuiltEcrImageResult =\u003e getPrebuiltEcrImageResult.RegistryPath),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"sagemaker.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := sagemaker.GetPrebuiltEcrImage(ctx, \u0026sagemaker.GetPrebuiltEcrImageArgs{\n\t\t\tRepositoryName: \"kmeans\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewModel(ctx, \"example\", \u0026sagemaker.ModelArgs{\n\t\t\tName: pulumi.String(\"my-model\"),\n\t\t\tExecutionRoleArn: exampleRole.Arn,\n\t\t\tPrimaryContainer: \u0026sagemaker.ModelPrimaryContainerArgs{\n\t\t\t\tImage: pulumi.String(test.RegistryPath),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sagemaker.SagemakerFunctions;\nimport com.pulumi.aws.sagemaker.inputs.GetPrebuiltEcrImageArgs;\nimport com.pulumi.aws.sagemaker.Model;\nimport com.pulumi.aws.sagemaker.ModelArgs;\nimport com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"sagemaker.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.json())\n .build());\n\n final var test = SagemakerFunctions.getPrebuiltEcrImage(GetPrebuiltEcrImageArgs.builder()\n .repositoryName(\"kmeans\")\n .build());\n\n var example = new Model(\"example\", ModelArgs.builder()\n .name(\"my-model\")\n .executionRoleArn(exampleRole.arn())\n .primaryContainer(ModelPrimaryContainerArgs.builder()\n .image(test.registryPath())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Model\n properties:\n name: my-model\n executionRoleArn: ${exampleRole.arn}\n primaryContainer:\n image: ${test.registryPath}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - sagemaker.amazonaws.com\n test:\n fn::invoke:\n function: aws:sagemaker:getPrebuiltEcrImage\n arguments:\n repositoryName: kmeans\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Inference Execution Config\n\n* \u003cspan pulumi-lang-nodejs=\"`mode`\" pulumi-lang-dotnet=\"`Mode`\" pulumi-lang-go=\"`mode`\" pulumi-lang-python=\"`mode`\" pulumi-lang-yaml=\"`mode`\" pulumi-lang-java=\"`mode`\"\u003e`mode`\u003c/span\u003e - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`.\n\n### VPC Config\n\n* \u003cspan pulumi-lang-nodejs=\"`securityGroupIds`\" pulumi-lang-dotnet=\"`SecurityGroupIds`\" pulumi-lang-go=\"`securityGroupIds`\" pulumi-lang-python=\"`security_group_ids`\" pulumi-lang-yaml=\"`securityGroupIds`\" pulumi-lang-java=\"`securityGroupIds`\"\u003e`security_group_ids`\u003c/span\u003e - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.\n* \u003cspan pulumi-lang-nodejs=\"`subnets`\" pulumi-lang-dotnet=\"`Subnets`\" pulumi-lang-go=\"`subnets`\" pulumi-lang-python=\"`subnets`\" pulumi-lang-yaml=\"`subnets`\" pulumi-lang-java=\"`subnets`\"\u003e`subnets`\u003c/span\u003e - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model.\n\n## Import\n\nUsing `pulumi import`, import models using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/model:Model test_model model-foo\n```\n", + "description": "Manages an Amazon SageMaker AI Model.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"sagemaker.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json)});\nconst test = aws.sagemaker.getPrebuiltEcrImage({\n repositoryName: \"kmeans\",\n});\nconst example = new aws.sagemaker.Model(\"example\", {\n name: \"my-model\",\n executionRoleArn: exampleRole.arn,\n primaryContainer: {\n image: test.then(test =\u003e test.registryPath),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[{\n \"actions\": [\"sts:AssumeRole\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"sagemaker.amazonaws.com\"],\n }],\n}])\nexample_role = aws.iam.Role(\"example\", assume_role_policy=assume_role.json)\ntest = aws.sagemaker.get_prebuilt_ecr_image(repository_name=\"kmeans\")\nexample = aws.sagemaker.Model(\"example\",\n name=\"my-model\",\n execution_role_arn=example_role.arn,\n primary_container={\n \"image\": test.registry_path,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"sagemaker.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = Aws.Sagemaker.GetPrebuiltEcrImage.Invoke(new()\n {\n RepositoryName = \"kmeans\",\n });\n\n var example = new Aws.Sagemaker.Model(\"example\", new()\n {\n Name = \"my-model\",\n ExecutionRoleArn = exampleRole.Arn,\n PrimaryContainer = new Aws.Sagemaker.Inputs.ModelPrimaryContainerArgs\n {\n Image = test.Apply(getPrebuiltEcrImageResult =\u003e getPrebuiltEcrImageResult.RegistryPath),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"sagemaker.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := sagemaker.GetPrebuiltEcrImage(ctx, \u0026sagemaker.GetPrebuiltEcrImageArgs{\n\t\t\tRepositoryName: \"kmeans\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewModel(ctx, \"example\", \u0026sagemaker.ModelArgs{\n\t\t\tName: pulumi.String(\"my-model\"),\n\t\t\tExecutionRoleArn: exampleRole.Arn,\n\t\t\tPrimaryContainer: \u0026sagemaker.ModelPrimaryContainerArgs{\n\t\t\t\tImage: pulumi.String(test.RegistryPath),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sagemaker.SagemakerFunctions;\nimport com.pulumi.aws.sagemaker.inputs.GetPrebuiltEcrImageArgs;\nimport com.pulumi.aws.sagemaker.Model;\nimport com.pulumi.aws.sagemaker.ModelArgs;\nimport com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"sagemaker.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder()\n .assumeRolePolicy(assumeRole.json())\n .build());\n\n final var test = SagemakerFunctions.getPrebuiltEcrImage(GetPrebuiltEcrImageArgs.builder()\n .repositoryName(\"kmeans\")\n .build());\n\n var example = new Model(\"example\", ModelArgs.builder()\n .name(\"my-model\")\n .executionRoleArn(exampleRole.arn())\n .primaryContainer(ModelPrimaryContainerArgs.builder()\n .image(test.registryPath())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Model\n properties:\n name: my-model\n executionRoleArn: ${exampleRole.arn}\n primaryContainer:\n image: ${test.registryPath}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - sagemaker.amazonaws.com\n test:\n fn::invoke:\n function: aws:sagemaker:getPrebuiltEcrImage\n arguments:\n repositoryName: kmeans\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import models using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/model:Model example model-foo\n```\n", "properties": { "arn": { "type": "string", - "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" + "description": "Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", @@ -397131,11 +398209,11 @@ }, "name": { "type": "string", - "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n" + "description": "Name of the model (must be unique). If omitted, the provider will assign a random, unique name.\n" }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", - "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" + "description": "Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" }, "region": { "type": "string", @@ -397193,12 +398271,12 @@ }, "name": { "type": "string", - "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n", + "description": "Name of the model (must be unique). If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", - "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" + "description": "Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" }, "region": { "type": "string", @@ -397225,7 +398303,7 @@ "properties": { "arn": { "type": "string", - "description": "The Amazon Resource Name (ARN) assigned by AWS to this model.\n" + "description": "Amazon Resource Name (ARN) assigned by AWS to this model.\n" }, "containers": { "type": "array", @@ -397251,12 +398329,12 @@ }, "name": { "type": "string", - "description": "The name of the model (must be unique). If omitted, this provider will assign a random, unique name.\n", + "description": "Name of the model (must be unique). If omitted, the provider will assign a random, unique name.\n", "willReplaceOnChanges": true }, "primaryContainer": { "$ref": "#/types/aws:sagemaker/ModelPrimaryContainer:ModelPrimaryContainer", - "description": "The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" + "description": "Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the \u003cspan pulumi-lang-nodejs=\"`container`\" pulumi-lang-dotnet=\"`Container`\" pulumi-lang-go=\"`container`\" pulumi-lang-python=\"`container`\" pulumi-lang-yaml=\"`container`\" pulumi-lang-java=\"`container`\"\u003e`container`\u003c/span\u003e argument is required. Fields are documented below.\n" }, "region": { "type": "string", @@ -413808,7 +414886,8 @@ "principalId", "principalType", "region", - "targetId" + "targetId", + "targetType" ], "inputProperties": { "instanceArn": { @@ -413851,7 +414930,8 @@ "permissionSetArn", "principalId", "principalType", - "targetId" + "targetId", + "targetType" ], "stateInputs": { "description": "Input properties used for looking up and filtering AccountAssignment resources.\n", @@ -417769,11 +418849,11 @@ } }, "aws:timestreaminfluxdb/dbCluster:DbCluster": { - "description": "Resource for managing an Amazon Timestream for InfluxDB read-replica cluster.\n\n\u003e **NOTE:** This resource requires a subscription to [Timestream for InfluxDB Read Replicas (Add-On) on the AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-lftzfxtb5xlv4?applicationId=AWS-Marketplace-Console\u0026ref_=beagle\u0026sr=0-2).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n failoverMode: \"AUTOMATIC\",\n username: \"admin\",\n password: \"example-password\",\n port: 8086,\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n name: \"example-db-cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n failover_mode=\"AUTOMATIC\",\n username=\"admin\",\n password=\"example-password\",\n port=8086,\n organization=\"organization\",\n vpc_subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n name=\"example-db-cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n FailoverMode = \"AUTOMATIC\",\n Username = \"admin\",\n Password = \"example-password\",\n Port = 8086,\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tFailoverMode: pulumi.String(\"AUTOMATIC\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tPort: pulumi.Int(8086),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DbCluster(\"example\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .failoverMode(\"AUTOMATIC\")\n .username(\"admin\")\n .password(\"example-password\")\n .port(8086)\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .name(\"example-db-cluster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreaminfluxdb:DbCluster\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n failoverMode: AUTOMATIC\n username: admin\n password: example-password\n port: 8086\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n name: example-db-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Prerequisite Resources\n\nAll Timestream for InfluxDB clusters require a VPC, at least two subnets, and a security group. The following example shows how these prerequisite resources can be created and used with \u003cspan pulumi-lang-nodejs=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-dotnet=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-go=\"`timestreaminfluxdb.DbCluster`\" pulumi-lang-python=\"`timestreaminfluxdb.DbCluster`\" pulumi-lang-yaml=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-java=\"`aws.timestreaminfluxdb.DbCluster`\"\u003e`aws.timestreaminfluxdb.DbCluster`\u003c/span\u003e.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst example1 = new aws.ec2.Subnet(\"example_1\", {\n vpcId: example.id,\n cidrBlock: \"10.0.1.0/24\",\n});\nconst example2 = new aws.ec2.Subnet(\"example_2\", {\n vpcId: example.id,\n cidrBlock: \"10.0.2.0/24\",\n});\nconst exampleSecurityGroup = new aws.ec2.SecurityGroup(\"example\", {\n name: \"example\",\n vpcId: example.id,\n});\nconst exampleDbCluster = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n username: \"admin\",\n password: \"example-password\",\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleSecurityGroup.id],\n name: \"example-db-cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample1 = aws.ec2.Subnet(\"example_1\",\n vpc_id=example.id,\n cidr_block=\"10.0.1.0/24\")\nexample2 = aws.ec2.Subnet(\"example_2\",\n vpc_id=example.id,\n cidr_block=\"10.0.2.0/24\")\nexample_security_group = aws.ec2.SecurityGroup(\"example\",\n name=\"example\",\n vpc_id=example.id)\nexample_db_cluster = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n username=\"admin\",\n password=\"example-password\",\n organization=\"organization\",\n vpc_subnet_ids=[\n example1.id,\n example2.id,\n ],\n vpc_security_group_ids=[example_security_group.id],\n name=\"example-db-cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var example1 = new Aws.Ec2.Subnet(\"example_1\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var example2 = new Aws.Ec2.Subnet(\"example_2\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var exampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"example\",\n VpcId = example.Id,\n });\n\n var exampleDbCluster = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n Username = \"admin\",\n Password = \"example-password\",\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample1, err := ec2.NewSubnet(ctx, \"example_1\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := ec2.NewSubnet(ctx, \"example_2\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVpcId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.ID(),\n\t\t\t\texample2.ID(),\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleSecurityGroup.ID(),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var example1 = new Subnet(\"example1\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var example2 = new Subnet(\"example2\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var exampleSecurityGroup = new SecurityGroup(\"exampleSecurityGroup\", SecurityGroupArgs.builder()\n .name(\"example\")\n .vpcId(example.id())\n .build());\n\n var exampleDbCluster = new DbCluster(\"exampleDbCluster\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .username(\"admin\")\n .password(\"example-password\")\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleSecurityGroup.id())\n .name(\"example-db-cluster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n example1:\n type: aws:ec2:Subnet\n name: example_1\n properties:\n vpcId: ${example.id}\n cidrBlock: 10.0.1.0/24\n example2:\n type: aws:ec2:Subnet\n name: example_2\n properties:\n vpcId: ${example.id}\n cidrBlock: 10.0.2.0/24\n exampleSecurityGroup:\n type: aws:ec2:SecurityGroup\n name: example\n properties:\n name: example\n vpcId: ${example.id}\n exampleDbCluster:\n type: aws:timestreaminfluxdb:DbCluster\n name: example\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n username: admin\n password: example-password\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleSecurityGroup.id}\n name: example-db-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with S3 Log Delivery Enabled\n\nYou can use an S3 bucket to store logs generated by your Timestream for InfluxDB cluster. The following example shows what resources and arguments are required to configure an S3 bucket for logging, including the IAM policy that needs to be set in order to allow Timestream for InfluxDB to place logs in your S3 bucket. The configuration of the required VPC, security group, and subnets have been left out of the example for brevity.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {\n bucket: \"example-s3-bucket\",\n forceDestroy: true,\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"s3:PutObject\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"timestream-influxdb.amazonaws.com\"],\n }],\n resources: [pulumi.interpolate`${exampleBucket.arn}/*`],\n }],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucket.id,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleDbCluster = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n username: \"admin\",\n password: \"example-password\",\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n name: \"example-db-cluster\",\n logDeliveryConfiguration: {\n s3Configuration: {\n bucketName: exampleBucket.bucket,\n enabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"example\",\n bucket=\"example-s3-bucket\",\n force_destroy=True)\nexample = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"s3:PutObject\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"timestream-influxdb.amazonaws.com\"],\n }],\n \"resources\": [example_bucket.arn.apply(lambda arn: f\"{arn}/*\")],\n}])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket.id,\n policy=example.json)\nexample_db_cluster = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n username=\"admin\",\n password=\"example-password\",\n organization=\"organization\",\n vpc_subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n name=\"example-db-cluster\",\n log_delivery_configuration={\n \"s3_configuration\": {\n \"bucket_name\": example_bucket.bucket,\n \"enabled\": True,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucket = new Aws.S3.Bucket(\"example\", new()\n {\n BucketName = \"example-s3-bucket\",\n ForceDestroy = true,\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"timestream-influxdb.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n $\"{exampleBucket.Arn}/*\",\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucket.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDbCluster = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n Username = \"admin\",\n Password = \"example-password\",\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n LogDeliveryConfiguration = new Aws.TimestreamInfluxDB.Inputs.DbClusterLogDeliveryConfigurationArgs\n {\n S3Configuration = new Aws.TimestreamInfluxDB.Inputs.DbClusterLogDeliveryConfigurationS3ConfigurationArgs\n {\n BucketName = exampleBucket.BucketName,\n Enabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"example\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"example-s3-bucket\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"timestream-influxdb.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucket.ID(),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t\tLogDeliveryConfiguration: \u0026timestreaminfluxdb.DbClusterLogDeliveryConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026timestreaminfluxdb.DbClusterLogDeliveryConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: exampleBucket.Bucket,\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport com.pulumi.aws.timestreaminfluxdb.inputs.DbClusterLogDeliveryConfigurationArgs;\nimport com.pulumi.aws.timestreaminfluxdb.inputs.DbClusterLogDeliveryConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucket = new Bucket(\"exampleBucket\", BucketArgs.builder()\n .bucket(\"example-s3-bucket\")\n .forceDestroy(true)\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:PutObject\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"timestream-influxdb.amazonaws.com\")\n .build())\n .resources(exampleBucket.arn().applyValue(_arn -\u003e String.format(\"%s/*\", _arn)))\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleBucket.id())\n .policy(example.applyValue(_example -\u003e _example.json()))\n .build());\n\n var exampleDbCluster = new DbCluster(\"exampleDbCluster\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .username(\"admin\")\n .password(\"example-password\")\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .name(\"example-db-cluster\")\n .logDeliveryConfiguration(DbClusterLogDeliveryConfigurationArgs.builder()\n .s3Configuration(DbClusterLogDeliveryConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleBucket.bucket())\n .enabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucket:\n type: aws:s3:Bucket\n name: example\n properties:\n bucket: example-s3-bucket\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucket.id}\n policy: ${example.json}\n exampleDbCluster:\n type: aws:timestreaminfluxdb:DbCluster\n name: example\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n username: admin\n password: example-password\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n name: example-db-cluster\n logDeliveryConfiguration:\n s3Configuration:\n bucketName: ${exampleBucket.bucket}\n enabled: true\nvariables:\n example:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - s3:PutObject\n principals:\n - type: Service\n identifiers:\n - timestream-influxdb.amazonaws.com\n resources:\n - ${exampleBucket.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example:\n\n```sh\n$ pulumi import aws:timestreaminfluxdb/dbCluster:DbCluster example 12345abcde\n```\n", + "description": "Resource for managing an Amazon Timestream for InfluxDB read-replica cluster.\n\n\u003e **NOTE:** This resource requires a subscription to [Timestream for InfluxDB Read Replicas (Add-On) on the AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-lftzfxtb5xlv4?applicationId=AWS-Marketplace-Console\u0026ref_=beagle\u0026sr=0-2).\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n failoverMode: \"AUTOMATIC\",\n username: \"admin\",\n password: \"example-password\",\n port: 8086,\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n name: \"example-db-cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n failover_mode=\"AUTOMATIC\",\n username=\"admin\",\n password=\"example-password\",\n port=8086,\n organization=\"organization\",\n vpc_subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n name=\"example-db-cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n FailoverMode = \"AUTOMATIC\",\n Username = \"admin\",\n Password = \"example-password\",\n Port = 8086,\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tFailoverMode: pulumi.String(\"AUTOMATIC\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tPort: pulumi.Int(8086),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DbCluster(\"example\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .failoverMode(\"AUTOMATIC\")\n .username(\"admin\")\n .password(\"example-password\")\n .port(8086)\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .name(\"example-db-cluster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreaminfluxdb:DbCluster\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n failoverMode: AUTOMATIC\n username: admin\n password: example-password\n port: 8086\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n name: example-db-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Prerequisite Resources\n\nAll Timestream for InfluxDB clusters require a VPC, at least two subnets, and a security group. The following example shows how these prerequisite resources can be created and used with \u003cspan pulumi-lang-nodejs=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-dotnet=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-go=\"`timestreaminfluxdb.DbCluster`\" pulumi-lang-python=\"`timestreaminfluxdb.DbCluster`\" pulumi-lang-yaml=\"`aws.timestreaminfluxdb.DbCluster`\" pulumi-lang-java=\"`aws.timestreaminfluxdb.DbCluster`\"\u003e`aws.timestreaminfluxdb.DbCluster`\u003c/span\u003e.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst example1 = new aws.ec2.Subnet(\"example_1\", {\n vpcId: example.id,\n cidrBlock: \"10.0.1.0/24\",\n});\nconst example2 = new aws.ec2.Subnet(\"example_2\", {\n vpcId: example.id,\n cidrBlock: \"10.0.2.0/24\",\n});\nconst exampleSecurityGroup = new aws.ec2.SecurityGroup(\"example\", {\n name: \"example\",\n vpcId: example.id,\n});\nconst exampleDbCluster = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n username: \"admin\",\n password: \"example-password\",\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleSecurityGroup.id],\n name: \"example-db-cluster\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample1 = aws.ec2.Subnet(\"example_1\",\n vpc_id=example.id,\n cidr_block=\"10.0.1.0/24\")\nexample2 = aws.ec2.Subnet(\"example_2\",\n vpc_id=example.id,\n cidr_block=\"10.0.2.0/24\")\nexample_security_group = aws.ec2.SecurityGroup(\"example\",\n name=\"example\",\n vpc_id=example.id)\nexample_db_cluster = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n username=\"admin\",\n password=\"example-password\",\n organization=\"organization\",\n vpc_subnet_ids=[\n example1.id,\n example2.id,\n ],\n vpc_security_group_ids=[example_security_group.id],\n name=\"example-db-cluster\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var example1 = new Aws.Ec2.Subnet(\"example_1\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var example2 = new Aws.Ec2.Subnet(\"example_2\", new()\n {\n VpcId = example.Id,\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var exampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = \"example\",\n VpcId = example.Id,\n });\n\n var exampleDbCluster = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n Username = \"admin\",\n Password = \"example-password\",\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample1, err := ec2.NewSubnet(ctx, \"example_1\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := ec2.NewSubnet(ctx, \"example_2\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: example.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tVpcId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.ID(),\n\t\t\t\texample2.ID(),\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleSecurityGroup.ID(),\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Vpc(\"example\", VpcArgs.builder()\n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var example1 = new Subnet(\"example1\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var example2 = new Subnet(\"example2\", SubnetArgs.builder()\n .vpcId(example.id())\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var exampleSecurityGroup = new SecurityGroup(\"exampleSecurityGroup\", SecurityGroupArgs.builder()\n .name(\"example\")\n .vpcId(example.id())\n .build());\n\n var exampleDbCluster = new DbCluster(\"exampleDbCluster\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .username(\"admin\")\n .password(\"example-password\")\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleSecurityGroup.id())\n .name(\"example-db-cluster\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n example1:\n type: aws:ec2:Subnet\n name: example_1\n properties:\n vpcId: ${example.id}\n cidrBlock: 10.0.1.0/24\n example2:\n type: aws:ec2:Subnet\n name: example_2\n properties:\n vpcId: ${example.id}\n cidrBlock: 10.0.2.0/24\n exampleSecurityGroup:\n type: aws:ec2:SecurityGroup\n name: example\n properties:\n name: example\n vpcId: ${example.id}\n exampleDbCluster:\n type: aws:timestreaminfluxdb:DbCluster\n name: example\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n username: admin\n password: example-password\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleSecurityGroup.id}\n name: example-db-cluster\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with S3 Log Delivery Enabled\n\nYou can use an S3 bucket to store logs generated by your Timestream for InfluxDB cluster. The following example shows what resources and arguments are required to configure an S3 bucket for logging, including the IAM policy that needs to be set in order to allow Timestream for InfluxDB to place logs in your S3 bucket. The configuration of the required VPC, security group, and subnets have been left out of the example for brevity.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucket = new aws.s3.Bucket(\"example\", {\n bucket: \"example-s3-bucket\",\n forceDestroy: true,\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"s3:PutObject\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"timestream-influxdb.amazonaws.com\"],\n }],\n resources: [pulumi.interpolate`${exampleBucket.arn}/*`],\n }],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucket.id,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleDbCluster = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n allocatedStorage: 20,\n bucket: \"example-bucket-name\",\n dbInstanceType: \"db.influx.medium\",\n username: \"admin\",\n password: \"example-password\",\n organization: \"organization\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n name: \"example-db-cluster\",\n logDeliveryConfiguration: {\n s3Configuration: {\n bucketName: exampleBucket.bucket,\n enabled: true,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket = aws.s3.Bucket(\"example\",\n bucket=\"example-s3-bucket\",\n force_destroy=True)\nexample = aws.iam.get_policy_document_output(statements=[{\n \"actions\": [\"s3:PutObject\"],\n \"principals\": [{\n \"type\": \"Service\",\n \"identifiers\": [\"timestream-influxdb.amazonaws.com\"],\n }],\n \"resources\": [example_bucket.arn.apply(lambda arn: f\"{arn}/*\")],\n}])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket.id,\n policy=example.json)\nexample_db_cluster = aws.timestreaminfluxdb.DbCluster(\"example\",\n allocated_storage=20,\n bucket=\"example-bucket-name\",\n db_instance_type=\"db.influx.medium\",\n username=\"admin\",\n password=\"example-password\",\n organization=\"organization\",\n vpc_subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]],\n name=\"example-db-cluster\",\n log_delivery_configuration={\n \"s3_configuration\": {\n \"bucket_name\": example_bucket.bucket,\n \"enabled\": True,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucket = new Aws.S3.Bucket(\"example\", new()\n {\n BucketName = \"example-s3-bucket\",\n ForceDestroy = true,\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"timestream-influxdb.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n $\"{exampleBucket.Arn}/*\",\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucket.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDbCluster = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n AllocatedStorage = 20,\n Bucket = \"example-bucket-name\",\n DbInstanceType = \"db.influx.medium\",\n Username = \"admin\",\n Password = \"example-password\",\n Organization = \"organization\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n Name = \"example-db-cluster\",\n LogDeliveryConfiguration = new Aws.TimestreamInfluxDB.Inputs.DbClusterLogDeliveryConfigurationArgs\n {\n S3Configuration = new Aws.TimestreamInfluxDB.Inputs.DbClusterLogDeliveryConfigurationS3ConfigurationArgs\n {\n BucketName = exampleBucket.BucketName,\n Enabled = true,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucket, err := s3.NewBucket(ctx, \"example\", \u0026s3.BucketArgs{\n\t\t\tBucket: pulumi.String(\"example-s3-bucket\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"timestream-influxdb.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucket.ID(),\n\t\t\tPolicy: pulumi.String(example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tBucket: pulumi.String(\"example-bucket-name\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.medium\"),\n\t\t\tUsername: pulumi.String(\"admin\"),\n\t\t\tPassword: pulumi.String(\"example-password\"),\n\t\t\tOrganization: pulumi.String(\"organization\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tName: pulumi.String(\"example-db-cluster\"),\n\t\t\tLogDeliveryConfiguration: \u0026timestreaminfluxdb.DbClusterLogDeliveryConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026timestreaminfluxdb.DbClusterLogDeliveryConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: exampleBucket.Bucket,\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.Bucket;\nimport com.pulumi.aws.s3.BucketArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport com.pulumi.aws.timestreaminfluxdb.inputs.DbClusterLogDeliveryConfigurationArgs;\nimport com.pulumi.aws.timestreaminfluxdb.inputs.DbClusterLogDeliveryConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucket = new Bucket(\"exampleBucket\", BucketArgs.builder()\n .bucket(\"example-s3-bucket\")\n .forceDestroy(true)\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:PutObject\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"timestream-influxdb.amazonaws.com\")\n .build())\n .resources(exampleBucket.arn().applyValue(_arn -\u003e String.format(\"%s/*\", _arn)))\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder()\n .bucket(exampleBucket.id())\n .policy(example.applyValue(_example -\u003e _example.json()))\n .build());\n\n var exampleDbCluster = new DbCluster(\"exampleDbCluster\", DbClusterArgs.builder()\n .allocatedStorage(20)\n .bucket(\"example-bucket-name\")\n .dbInstanceType(\"db.influx.medium\")\n .username(\"admin\")\n .password(\"example-password\")\n .organization(\"organization\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .name(\"example-db-cluster\")\n .logDeliveryConfiguration(DbClusterLogDeliveryConfigurationArgs.builder()\n .s3Configuration(DbClusterLogDeliveryConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleBucket.bucket())\n .enabled(true)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucket:\n type: aws:s3:Bucket\n name: example\n properties:\n bucket: example-s3-bucket\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucket.id}\n policy: ${example.json}\n exampleDbCluster:\n type: aws:timestreaminfluxdb:DbCluster\n name: example\n properties:\n allocatedStorage: 20\n bucket: example-bucket-name\n dbInstanceType: db.influx.medium\n username: admin\n password: example-password\n organization: organization\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n name: example-db-cluster\n logDeliveryConfiguration:\n s3Configuration:\n bucketName: ${exampleBucket.bucket}\n enabled: true\nvariables:\n example:\n fn::invoke:\n function: aws:iam:getPolicyDocument\n arguments:\n statements:\n - actions:\n - s3:PutObject\n principals:\n - type: Service\n identifiers:\n - timestream-influxdb.amazonaws.com\n resources:\n - ${exampleBucket.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with InfluxDB V3\n\nFor InfluxDB V3 clusters, you can create a cluster without providing \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, or \u003cspan pulumi-lang-nodejs=\"`deploymentType`\" pulumi-lang-dotnet=\"`DeploymentType`\" pulumi-lang-go=\"`deploymentType`\" pulumi-lang-python=\"`deployment_type`\" pulumi-lang-yaml=\"`deploymentType`\" pulumi-lang-java=\"`deploymentType`\"\u003e`deployment_type`\u003c/span\u003e by specifying a \u003cspan pulumi-lang-nodejs=\"`dbParameterGroupIdentifier`\" pulumi-lang-dotnet=\"`DbParameterGroupIdentifier`\" pulumi-lang-go=\"`dbParameterGroupIdentifier`\" pulumi-lang-python=\"`db_parameter_group_identifier`\" pulumi-lang-yaml=\"`dbParameterGroupIdentifier`\" pulumi-lang-java=\"`dbParameterGroupIdentifier`\"\u003e`db_parameter_group_identifier`\u003c/span\u003e such as `\"InfluxDBV3Core\"`. The following example shows how to create an InfluxDB V3 cluster:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.timestreaminfluxdb.DbCluster(\"example\", {\n name: \"example-v3-cluster\",\n dbInstanceType: \"db.influx.large\",\n dbParameterGroupIdentifier: \"InfluxDBV3Core\",\n vpcSubnetIds: [\n example1.id,\n example2.id,\n ],\n vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.timestreaminfluxdb.DbCluster(\"example\",\n name=\"example-v3-cluster\",\n db_instance_type=\"db.influx.large\",\n db_parameter_group_identifier=\"InfluxDBV3Core\",\n vpc_subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n vpc_security_group_ids=[example_aws_security_group[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.TimestreamInfluxDB.DbCluster(\"example\", new()\n {\n Name = \"example-v3-cluster\",\n DbInstanceType = \"db.influx.large\",\n DbParameterGroupIdentifier = \"InfluxDBV3Core\",\n VpcSubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n VpcSecurityGroupIds = new[]\n {\n exampleAwsSecurityGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := timestreaminfluxdb.NewDbCluster(ctx, \"example\", \u0026timestreaminfluxdb.DbClusterArgs{\n\t\t\tName: pulumi.String(\"example-v3-cluster\"),\n\t\t\tDbInstanceType: pulumi.String(\"db.influx.large\"),\n\t\t\tDbParameterGroupIdentifier: pulumi.String(\"InfluxDBV3Core\"),\n\t\t\tVpcSubnetIds: pulumi.StringArray{\n\t\t\t\texample1.Id,\n\t\t\t\texample2.Id,\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\texampleAwsSecurityGroup.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.timestreaminfluxdb.DbCluster;\nimport com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DbCluster(\"example\", DbClusterArgs.builder()\n .name(\"example-v3-cluster\")\n .dbInstanceType(\"db.influx.large\")\n .dbParameterGroupIdentifier(\"InfluxDBV3Core\")\n .vpcSubnetIds( \n example1.id(),\n example2.id())\n .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:timestreaminfluxdb:DbCluster\n properties:\n name: example-v3-cluster\n dbInstanceType: db.influx.large\n dbParameterGroupIdentifier: InfluxDBV3Core\n vpcSubnetIds:\n - ${example1.id}\n - ${example2.id}\n vpcSecurityGroupIds:\n - ${exampleAwsSecurityGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Cluster Type Requirements\n\n### InfluxDB V2 Clusters (default)\n\nThe following arguments are **required** for InfluxDB V2 clusters:\n\n* \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`deploymentType`\" pulumi-lang-dotnet=\"`DeploymentType`\" pulumi-lang-go=\"`deploymentType`\" pulumi-lang-python=\"`deployment_type`\" pulumi-lang-yaml=\"`deploymentType`\" pulumi-lang-java=\"`deploymentType`\"\u003e`deployment_type`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e\n\nThe \u003cspan pulumi-lang-nodejs=\"`deploymentType`\" pulumi-lang-dotnet=\"`DeploymentType`\" pulumi-lang-go=\"`deploymentType`\" pulumi-lang-python=\"`deployment_type`\" pulumi-lang-yaml=\"`deploymentType`\" pulumi-lang-java=\"`deploymentType`\"\u003e`deployment_type`\u003c/span\u003e argument defaults to `\"MULTI_NODE_READ_REPLICAS\"` for InfluxDB V2 clusters when not specified.\n\n### InfluxDB V3 Clusters (when using V3 parameter groups)\n\nThe following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group):\n\n* \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`deploymentType`\" pulumi-lang-dotnet=\"`DeploymentType`\" pulumi-lang-go=\"`deploymentType`\" pulumi-lang-python=\"`deployment_type`\" pulumi-lang-yaml=\"`deploymentType`\" pulumi-lang-java=\"`deploymentType`\"\u003e`deployment_type`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e\n* \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e\n\n## Import\n\nUsing `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example:\n\n```sh\n$ pulumi import aws:timestreaminfluxdb/dbCluster:DbCluster example 12345abcde\n```\n", "properties": { "allocatedStorage": { "type": "integer", - "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e.\n" + "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "arn": { "type": "string", @@ -417781,7 +418861,7 @@ }, "bucket": { "type": "string", - "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "dbInstanceType": { "type": "string", @@ -417797,19 +418877,23 @@ }, "deploymentType": { "type": "string", - "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`.\n" + "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "endpoint": { "type": "string", "description": "Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.\n" }, + "engineType": { + "type": "string", + "description": "Database engine type of the DB cluster.\n" + }, "failoverMode": { "type": "string", "description": "Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `\"AUTOMATIC\"` and `\"NO_FAILOVER\"`.\n" }, "influxAuthParametersSecretArn": { "type": "string", - "description": "ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.\n" + "description": "ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.\n" }, "logDeliveryConfiguration": { "$ref": "#/types/aws:timestreaminfluxdb/DbClusterLogDeliveryConfiguration:DbClusterLogDeliveryConfiguration", @@ -417825,11 +418909,11 @@ }, "organization": { "type": "string", - "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "password": { "type": "string", - "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n", + "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.\n", "secret": true }, "port": { @@ -417867,7 +418951,7 @@ }, "username": { "type": "string", - "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "vpcSecurityGroupIds": { "type": "array", @@ -417885,36 +418969,32 @@ } }, "required": [ - "allocatedStorage", "arn", - "bucket", "dbInstanceType", "dbStorageType", "deploymentType", "endpoint", + "engineType", "failoverMode", "influxAuthParametersSecretArn", "name", "networkType", - "organization", - "password", "port", "publiclyAccessible", "readerEndpoint", "region", "tagsAll", - "username", "vpcSecurityGroupIds", "vpcSubnetIds" ], "inputProperties": { "allocatedStorage": { "type": "integer", - "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e.\n" + "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "bucket": { "type": "string", - "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "dbInstanceType": { "type": "string", @@ -417930,7 +419010,7 @@ }, "deploymentType": { "type": "string", - "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`.\n" + "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "failoverMode": { "type": "string", @@ -417950,11 +419030,11 @@ }, "organization": { "type": "string", - "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "password": { "type": "string", - "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n", + "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.\n", "secret": true }, "port": { @@ -417981,7 +419061,7 @@ }, "username": { "type": "string", - "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "vpcSecurityGroupIds": { "type": "array", @@ -417999,12 +419079,7 @@ } }, "requiredInputs": [ - "allocatedStorage", - "bucket", "dbInstanceType", - "organization", - "password", - "username", "vpcSecurityGroupIds", "vpcSubnetIds" ], @@ -418013,7 +419088,7 @@ "properties": { "allocatedStorage": { "type": "integer", - "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e.\n" + "description": "Amount of storage in GiB (gibibytes). The minimum value is \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, the maximum value is \u003cspan pulumi-lang-nodejs=\"`16384`\" pulumi-lang-dotnet=\"`16384`\" pulumi-lang-go=\"`16384`\" pulumi-lang-python=\"`16384`\" pulumi-lang-yaml=\"`16384`\" pulumi-lang-java=\"`16384`\"\u003e`16384`\u003c/span\u003e. The argument \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e places restrictions on this argument's minimum value. The following is a list of \u003cspan pulumi-lang-nodejs=\"`dbStorageType`\" pulumi-lang-dotnet=\"`DbStorageType`\" pulumi-lang-go=\"`dbStorageType`\" pulumi-lang-python=\"`db_storage_type`\" pulumi-lang-yaml=\"`dbStorageType`\" pulumi-lang-java=\"`dbStorageType`\"\u003e`db_storage_type`\u003c/span\u003e values and the corresponding minimum value for \u003cspan pulumi-lang-nodejs=\"`allocatedStorage`\" pulumi-lang-dotnet=\"`AllocatedStorage`\" pulumi-lang-go=\"`allocatedStorage`\" pulumi-lang-python=\"`allocated_storage`\" pulumi-lang-yaml=\"`allocatedStorage`\" pulumi-lang-java=\"`allocatedStorage`\"\u003e`allocated_storage`\u003c/span\u003e: `\"InfluxIOIncludedT1\": \u003cspan pulumi-lang-nodejs=\"`20`\" pulumi-lang-dotnet=\"`20`\" pulumi-lang-go=\"`20`\" pulumi-lang-python=\"`20`\" pulumi-lang-yaml=\"`20`\" pulumi-lang-java=\"`20`\"\u003e`20`\u003c/span\u003e, `\"InfluxIOIncludedT2\" and `\"InfluxIOIncludedT3\": \u003cspan pulumi-lang-nodejs=\"`400`\" pulumi-lang-dotnet=\"`400`\" pulumi-lang-go=\"`400`\" pulumi-lang-python=\"`400`\" pulumi-lang-yaml=\"`400`\" pulumi-lang-java=\"`400`\"\u003e`400`\u003c/span\u003e. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "arn": { "type": "string", @@ -418021,7 +419096,7 @@ }, "bucket": { "type": "string", - "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "dbInstanceType": { "type": "string", @@ -418037,19 +419112,23 @@ }, "deploymentType": { "type": "string", - "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`.\n" + "description": "Specifies the type of cluster to create. Valid options are: `\"MULTI_NODE_READ_REPLICAS\"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "endpoint": { "type": "string", "description": "Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.\n" }, + "engineType": { + "type": "string", + "description": "Database engine type of the DB cluster.\n" + }, "failoverMode": { "type": "string", "description": "Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `\"AUTOMATIC\"` and `\"NO_FAILOVER\"`.\n" }, "influxAuthParametersSecretArn": { "type": "string", - "description": "ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.\n" + "description": "ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.\n" }, "logDeliveryConfiguration": { "$ref": "#/types/aws:timestreaminfluxdb/DbClusterLogDeliveryConfiguration:DbClusterLogDeliveryConfiguration", @@ -418065,11 +419144,11 @@ }, "organization": { "type": "string", - "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "password": { "type": "string", - "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n", + "description": "Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`username`\" pulumi-lang-dotnet=\"`Username`\" pulumi-lang-go=\"`username`\" pulumi-lang-python=\"`username`\" pulumi-lang-yaml=\"`username`\" pulumi-lang-java=\"`username`\"\u003e`username`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.\n", "secret": true }, "port": { @@ -418107,7 +419186,7 @@ }, "username": { "type": "string", - "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute.\n" + "description": "Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with \u003cspan pulumi-lang-nodejs=\"`bucket`\" pulumi-lang-dotnet=\"`Bucket`\" pulumi-lang-go=\"`bucket`\" pulumi-lang-python=\"`bucket`\" pulumi-lang-yaml=\"`bucket`\" pulumi-lang-java=\"`bucket`\"\u003e`bucket`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`organization`\" pulumi-lang-dotnet=\"`Organization`\" pulumi-lang-go=\"`organization`\" pulumi-lang-python=\"`organization`\" pulumi-lang-yaml=\"`organization`\" pulumi-lang-java=\"`organization`\"\u003e`organization`\u003c/span\u003e, and \u003cspan pulumi-lang-nodejs=\"`password`\" pulumi-lang-dotnet=\"`Password`\" pulumi-lang-go=\"`password`\" pulumi-lang-python=\"`password`\" pulumi-lang-yaml=\"`password`\" pulumi-lang-java=\"`password`\"\u003e`password`\u003c/span\u003e, this argument will be stored in the secret referred to by the \u003cspan pulumi-lang-nodejs=\"`influxAuthParametersSecretArn`\" pulumi-lang-dotnet=\"`InfluxAuthParametersSecretArn`\" pulumi-lang-go=\"`influxAuthParametersSecretArn`\" pulumi-lang-python=\"`influx_auth_parameters_secret_arn`\" pulumi-lang-yaml=\"`influxAuthParametersSecretArn`\" pulumi-lang-java=\"`influxAuthParametersSecretArn`\"\u003e`influx_auth_parameters_secret_arn`\u003c/span\u003e attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).\n" }, "vpcSecurityGroupIds": { "type": "array", @@ -424330,6 +425409,140 @@ "type": "object" } }, + "aws:vpclattice/domainVerification:DomainVerification": { + "description": "Resource for managing an AWS VPC Lattice Domain Verification.\n\nStarts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.DomainVerification(\"example\", {domainName: \"example.com\"});\n// Create DNS TXT record for domain verification\nconst exampleRecord = new aws.route53.Record(\"example\", {\n zoneId: exampleAwsRoute53Zone.zoneId,\n name: example.txtRecordName,\n type: aws.route53.RecordType.TXT,\n ttl: 300,\n records: [example.txtRecordValue],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.DomainVerification(\"example\", domain_name=\"example.com\")\n# Create DNS TXT record for domain verification\nexample_record = aws.route53.Record(\"example\",\n zone_id=example_aws_route53_zone[\"zoneId\"],\n name=example.txt_record_name,\n type=aws.route53.RecordType.TXT,\n ttl=300,\n records=[example.txt_record_value])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.DomainVerification(\"example\", new()\n {\n DomainName = \"example.com\",\n });\n\n // Create DNS TXT record for domain verification\n var exampleRecord = new Aws.Route53.Record(\"example\", new()\n {\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n Name = example.TxtRecordName,\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 300,\n Records = new[]\n {\n example.TxtRecordValue,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewDomainVerification(ctx, \"example\", \u0026vpclattice.DomainVerificationArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create DNS TXT record for domain verification\n\t\t_, err = route53.NewRecord(ctx, \"example\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId),\n\t\t\tName: example.TxtRecordName,\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.TxtRecordValue,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.DomainVerification;\nimport com.pulumi.aws.vpclattice.DomainVerificationArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainVerification(\"example\", DomainVerificationArgs.builder()\n .domainName(\"example.com\")\n .build());\n\n // Create DNS TXT record for domain verification\n var exampleRecord = new Record(\"exampleRecord\", RecordArgs.builder()\n .zoneId(exampleAwsRoute53Zone.zoneId())\n .name(example.txtRecordName())\n .type(\"TXT\")\n .ttl(300)\n .records(example.txtRecordValue())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:DomainVerification\n properties:\n domainName: example.com\n # Create DNS TXT record for domain verification\n exampleRecord:\n type: aws:route53:Record\n name: example\n properties:\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n name: ${example.txtRecordName}\n type: TXT\n ttl: 300\n records:\n - ${example.txtRecordValue}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.DomainVerification(\"example\", {\n domainName: \"example.com\",\n tags: {\n Environment: \"production\",\n Purpose: \"domain-verification\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.DomainVerification(\"example\",\n domain_name=\"example.com\",\n tags={\n \"Environment\": \"production\",\n \"Purpose\": \"domain-verification\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.DomainVerification(\"example\", new()\n {\n DomainName = \"example.com\",\n Tags = \n {\n { \"Environment\", \"production\" },\n { \"Purpose\", \"domain-verification\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewDomainVerification(ctx, \"example\", \u0026vpclattice.DomainVerificationArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"production\"),\n\t\t\t\t\"Purpose\": pulumi.String(\"domain-verification\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.DomainVerification;\nimport com.pulumi.aws.vpclattice.DomainVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainVerification(\"example\", DomainVerificationArgs.builder()\n .domainName(\"example.com\")\n .tags(Map.ofEntries(\n Map.entry(\"Environment\", \"production\"),\n Map.entry(\"Purpose\", \"domain-verification\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:DomainVerification\n properties:\n domainName: example.com\n tags:\n Environment: production\n Purpose: domain-verification\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f\n```\n", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the domain verification.\n" + }, + "createdAt": { + "type": "string", + "description": "The date and time that the domain verification was created, in ISO-8601 format.\n" + }, + "domainName": { + "type": "string", + "description": "The domain name to verify ownership for.\n\nThe following arguments are optional:\n" + }, + "lastVerifiedTime": { + "type": "string", + "description": "The date and time that the domain was last successfully verified, in ISO-8601 format.\n" + }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "status": { + "type": "string", + "description": "The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value mapping of resource tags. If configured with a provider \u003cspan pulumi-lang-nodejs=\"`defaultTags`\" pulumi-lang-dotnet=\"`DefaultTags`\" pulumi-lang-go=\"`defaultTags`\" pulumi-lang-python=\"`default_tags`\" pulumi-lang-yaml=\"`defaultTags`\" pulumi-lang-java=\"`defaultTags`\"\u003e`default_tags`\u003c/span\u003e configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" + }, + "tagsAll": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Map of tags assigned to the resource, including those inherited from the provider \u003cspan pulumi-lang-nodejs=\"`defaultTags`\" pulumi-lang-dotnet=\"`DefaultTags`\" pulumi-lang-go=\"`defaultTags`\" pulumi-lang-python=\"`default_tags`\" pulumi-lang-yaml=\"`defaultTags`\" pulumi-lang-java=\"`defaultTags`\"\u003e`default_tags`\u003c/span\u003e configuration block.\n" + }, + "txtRecordName": { + "type": "string", + "description": "The name of the TXT record that must be created for domain verification.\n" + }, + "txtRecordValue": { + "type": "string", + "description": "The value that must be added to the TXT record for domain verification.\n" + } + }, + "required": [ + "arn", + "createdAt", + "domainName", + "lastVerifiedTime", + "region", + "status", + "tagsAll", + "txtRecordName", + "txtRecordValue" + ], + "inputProperties": { + "domainName": { + "type": "string", + "description": "The domain name to verify ownership for.\n\nThe following arguments are optional:\n" + }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value mapping of resource tags. If configured with a provider \u003cspan pulumi-lang-nodejs=\"`defaultTags`\" pulumi-lang-dotnet=\"`DefaultTags`\" pulumi-lang-go=\"`defaultTags`\" pulumi-lang-python=\"`default_tags`\" pulumi-lang-yaml=\"`defaultTags`\" pulumi-lang-java=\"`defaultTags`\"\u003e`default_tags`\u003c/span\u003e configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" + } + }, + "requiredInputs": [ + "domainName" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering DomainVerification resources.\n", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the domain verification.\n" + }, + "createdAt": { + "type": "string", + "description": "The date and time that the domain verification was created, in ISO-8601 format.\n" + }, + "domainName": { + "type": "string", + "description": "The domain name to verify ownership for.\n\nThe following arguments are optional:\n" + }, + "lastVerifiedTime": { + "type": "string", + "description": "The date and time that the domain was last successfully verified, in ISO-8601 format.\n" + }, + "region": { + "type": "string", + "description": "Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.\n" + }, + "status": { + "type": "string", + "description": "The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.\n" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value mapping of resource tags. If configured with a provider \u003cspan pulumi-lang-nodejs=\"`defaultTags`\" pulumi-lang-dotnet=\"`DefaultTags`\" pulumi-lang-go=\"`defaultTags`\" pulumi-lang-python=\"`default_tags`\" pulumi-lang-yaml=\"`defaultTags`\" pulumi-lang-java=\"`defaultTags`\"\u003e`default_tags`\u003c/span\u003e configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n" + }, + "tagsAll": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Map of tags assigned to the resource, including those inherited from the provider \u003cspan pulumi-lang-nodejs=\"`defaultTags`\" pulumi-lang-dotnet=\"`DefaultTags`\" pulumi-lang-go=\"`defaultTags`\" pulumi-lang-python=\"`default_tags`\" pulumi-lang-yaml=\"`defaultTags`\" pulumi-lang-java=\"`defaultTags`\"\u003e`default_tags`\u003c/span\u003e configuration block.\n" + }, + "txtRecordName": { + "type": "string", + "description": "The name of the TXT record that must be created for domain verification.\n" + }, + "txtRecordValue": { + "type": "string", + "description": "The value that must be added to the TXT record for domain verification.\n" + } + }, + "type": "object" + } + }, "aws:vpclattice/listener:Listener": { "description": "Resource for managing an AWS VPC Lattice Listener.\n\n## Example Usage\n\n### Fixed response action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTPS\",\n serviceIdentifier: example.id,\n defaultAction: {\n fixedResponse: {\n statusCode: 404,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTPS\",\n service_identifier=example.id,\n default_action={\n \"fixed_response\": {\n \"status_code\": 404,\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTPS\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n FixedResponse = new Aws.VpcLattice.Inputs.ListenerDefaultActionFixedResponseArgs\n {\n StatusCode = 404,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTPS\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tFixedResponse: \u0026vpclattice.ListenerDefaultActionFixedResponseArgs{\n\t\t\t\t\tStatusCode: pulumi.Int(404),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionFixedResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTPS\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .fixedResponse(ListenerDefaultActionFixedResponseArgs.builder()\n .statusCode(404)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTPS\n serviceIdentifier: ${example.id}\n defaultAction:\n fixedResponse:\n statusCode: 404\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Forward action\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst exampleTargetGroup = new aws.vpclattice.TargetGroup(\"example\", {\n name: \"example-target-group-1\",\n type: \"INSTANCE\",\n config: {\n port: 80,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTP\",\n serviceIdentifier: example.id,\n defaultAction: {\n forwards: [{\n targetGroups: [{\n targetGroupIdentifier: exampleTargetGroup.id,\n }],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample_target_group = aws.vpclattice.TargetGroup(\"example\",\n name=\"example-target-group-1\",\n type=\"INSTANCE\",\n config={\n \"port\": 80,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTP\",\n service_identifier=example.id,\n default_action={\n \"forwards\": [{\n \"target_groups\": [{\n \"target_group_identifier\": example_target_group.id,\n }],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleTargetGroup = new Aws.VpcLattice.TargetGroup(\"example\", new()\n {\n Name = \"example-target-group-1\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTP\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n Forwards = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = exampleTargetGroup.Id,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTargetGroup, err := vpclattice.NewTargetGroup(ctx, \"example\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-1\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tForwards: vpclattice.ListenerDefaultActionForwardArray{\n\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: vpclattice.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: exampleTargetGroup.ID(),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var exampleTargetGroup = new TargetGroup(\"exampleTargetGroup\", TargetGroupArgs.builder()\n .name(\"example-target-group-1\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTP\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .forwards(ListenerDefaultActionForwardArgs.builder()\n .targetGroups(ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(exampleTargetGroup.id())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n exampleTargetGroup:\n type: aws:vpclattice:TargetGroup\n name: example\n properties:\n name: example-target-group-1\n type: INSTANCE\n config:\n port: 80\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTP\n serviceIdentifier: ${example.id}\n defaultAction:\n forwards:\n - targetGroups:\n - targetGroupIdentifier: ${exampleTargetGroup.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Forward action with weighted target groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {name: \"example\"});\nconst example1 = new aws.vpclattice.TargetGroup(\"example1\", {\n name: \"example-target-group-1\",\n type: \"INSTANCE\",\n config: {\n port: 80,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst example2 = new aws.vpclattice.TargetGroup(\"example2\", {\n name: \"example-target-group-2\",\n type: \"INSTANCE\",\n config: {\n port: 8080,\n protocol: \"HTTP\",\n vpcIdentifier: exampleAwsVpc.id,\n },\n});\nconst exampleListener = new aws.vpclattice.Listener(\"example\", {\n name: \"example\",\n protocol: \"HTTP\",\n serviceIdentifier: example.id,\n defaultAction: {\n forwards: [{\n targetGroups: [\n {\n targetGroupIdentifier: example1.id,\n weight: 80,\n },\n {\n targetGroupIdentifier: example2.id,\n weight: 20,\n },\n ],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\", name=\"example\")\nexample1 = aws.vpclattice.TargetGroup(\"example1\",\n name=\"example-target-group-1\",\n type=\"INSTANCE\",\n config={\n \"port\": 80,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample2 = aws.vpclattice.TargetGroup(\"example2\",\n name=\"example-target-group-2\",\n type=\"INSTANCE\",\n config={\n \"port\": 8080,\n \"protocol\": \"HTTP\",\n \"vpc_identifier\": example_aws_vpc[\"id\"],\n })\nexample_listener = aws.vpclattice.Listener(\"example\",\n name=\"example\",\n protocol=\"HTTP\",\n service_identifier=example.id,\n default_action={\n \"forwards\": [{\n \"target_groups\": [\n {\n \"target_group_identifier\": example1.id,\n \"weight\": 80,\n },\n {\n \"target_group_identifier\": example2.id,\n \"weight\": 20,\n },\n ],\n }],\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example1 = new Aws.VpcLattice.TargetGroup(\"example1\", new()\n {\n Name = \"example-target-group-1\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 80,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var example2 = new Aws.VpcLattice.TargetGroup(\"example2\", new()\n {\n Name = \"example-target-group-2\",\n Type = \"INSTANCE\",\n Config = new Aws.VpcLattice.Inputs.TargetGroupConfigArgs\n {\n Port = 8080,\n Protocol = \"HTTP\",\n VpcIdentifier = exampleAwsVpc.Id,\n },\n });\n\n var exampleListener = new Aws.VpcLattice.Listener(\"example\", new()\n {\n Name = \"example\",\n Protocol = \"HTTP\",\n ServiceIdentifier = example.Id,\n DefaultAction = new Aws.VpcLattice.Inputs.ListenerDefaultActionArgs\n {\n Forwards = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardArgs\n {\n TargetGroups = new[]\n {\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example1.Id,\n Weight = 80,\n },\n new Aws.VpcLattice.Inputs.ListenerDefaultActionForwardTargetGroupArgs\n {\n TargetGroupIdentifier = example2.Id,\n Weight = 20,\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample1, err := vpclattice.NewTargetGroup(ctx, \"example1\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-1\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(80),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample2, err := vpclattice.NewTargetGroup(ctx, \"example2\", \u0026vpclattice.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"example-target-group-2\"),\n\t\t\tType: pulumi.String(\"INSTANCE\"),\n\t\t\tConfig: \u0026vpclattice.TargetGroupConfigArgs{\n\t\t\t\tPort: pulumi.Int(8080),\n\t\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\t\tVpcIdentifier: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewListener(ctx, \"example\", \u0026vpclattice.ListenerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tProtocol: pulumi.String(\"HTTP\"),\n\t\t\tServiceIdentifier: example.ID(),\n\t\t\tDefaultAction: \u0026vpclattice.ListenerDefaultActionArgs{\n\t\t\t\tForwards: vpclattice.ListenerDefaultActionForwardArray{\n\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardArgs{\n\t\t\t\t\t\tTargetGroups: vpclattice.ListenerDefaultActionForwardTargetGroupArray{\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: example1.ID(),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(80),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026vpclattice.ListenerDefaultActionForwardTargetGroupArgs{\n\t\t\t\t\t\t\t\tTargetGroupIdentifier: example2.ID(),\n\t\t\t\t\t\t\t\tWeight: pulumi.Int(20),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.TargetGroup;\nimport com.pulumi.aws.vpclattice.TargetGroupArgs;\nimport com.pulumi.aws.vpclattice.inputs.TargetGroupConfigArgs;\nimport com.pulumi.aws.vpclattice.Listener;\nimport com.pulumi.aws.vpclattice.ListenerArgs;\nimport com.pulumi.aws.vpclattice.inputs.ListenerDefaultActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder()\n .name(\"example\")\n .build());\n\n var example1 = new TargetGroup(\"example1\", TargetGroupArgs.builder()\n .name(\"example-target-group-1\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(80)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var example2 = new TargetGroup(\"example2\", TargetGroupArgs.builder()\n .name(\"example-target-group-2\")\n .type(\"INSTANCE\")\n .config(TargetGroupConfigArgs.builder()\n .port(8080)\n .protocol(\"HTTP\")\n .vpcIdentifier(exampleAwsVpc.id())\n .build())\n .build());\n\n var exampleListener = new Listener(\"exampleListener\", ListenerArgs.builder()\n .name(\"example\")\n .protocol(\"HTTP\")\n .serviceIdentifier(example.id())\n .defaultAction(ListenerDefaultActionArgs.builder()\n .forwards(ListenerDefaultActionForwardArgs.builder()\n .targetGroups( \n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example1.id())\n .weight(80)\n .build(),\n ListenerDefaultActionForwardTargetGroupArgs.builder()\n .targetGroupIdentifier(example2.id())\n .weight(20)\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example\n example1:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example-target-group-1\n type: INSTANCE\n config:\n port: 80\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n example2:\n type: aws:vpclattice:TargetGroup\n properties:\n name: example-target-group-2\n type: INSTANCE\n config:\n port: 8080\n protocol: HTTP\n vpcIdentifier: ${exampleAwsVpc.id}\n exampleListener:\n type: aws:vpclattice:Listener\n name: example\n properties:\n name: example\n protocol: HTTP\n serviceIdentifier: ${example.id}\n defaultAction:\n forwards:\n - targetGroups:\n - targetGroupIdentifier: ${example1.id}\n weight: 80\n - targetGroupIdentifier: ${example2.id}\n weight: 20\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Listener using the `listener_id` of the listener and the `id` of the VPC Lattice service combined with a `/` character. For example:\n\n```sh\n$ pulumi import aws:vpclattice/listener:Listener example svc-1a2b3c4d/listener-987654321\n```\n", "properties": { @@ -424688,7 +425901,7 @@ } }, "aws:vpclattice/resourceConfiguration:ResourceConfiguration": { - "description": "Resource for managing an AWS VPC Lattice Resource Configuration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ResourceConfiguration(\"example\", {\n name: \"Example\",\n resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,\n portRanges: [\"80\"],\n protocol: \"TCP\",\n resourceConfigurationDefinition: {\n dnsResource: {\n domainName: \"example.com\",\n ipAddressType: \"IPV4\",\n },\n },\n tags: {\n Environment: \"Example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ResourceConfiguration(\"example\",\n name=\"Example\",\n resource_gateway_identifier=example_aws_vpclattice_resource_gateway[\"id\"],\n port_ranges=[\"80\"],\n protocol=\"TCP\",\n resource_configuration_definition={\n \"dns_resource\": {\n \"domain_name\": \"example.com\",\n \"ip_address_type\": \"IPV4\",\n },\n },\n tags={\n \"Environment\": \"Example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ResourceConfiguration(\"example\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id,\n PortRanges = new[]\n {\n \"80\",\n },\n Protocol = \"TCP\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n DnsResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs\n {\n DomainName = \"example.com\",\n IpAddressType = \"IPV4\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"example\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id),\n\t\t\tPortRanges: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"80\"),\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tDnsResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs{\n\t\t\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceConfiguration(\"example\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())\n .portRanges(\"80\")\n .protocol(\"TCP\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .dnsResource(ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs.builder()\n .domainName(\"example.com\")\n .ipAddressType(\"IPV4\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${exampleAwsVpclatticeResourceGateway.id}\n portRanges:\n - '80'\n protocol: TCP\n resourceConfigurationDefinition:\n dnsResource:\n domainName: example.com\n ipAddressType: IPV4\n tags:\n Environment: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Address Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ResourceConfiguration(\"example\", {\n name: \"Example\",\n resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,\n portRanges: [\"80\"],\n protocol: \"TCP\",\n resourceConfigurationDefinition: {\n ipResource: {\n ipAddress: \"10.0.0.1\",\n },\n },\n tags: {\n Environment: \"Example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ResourceConfiguration(\"example\",\n name=\"Example\",\n resource_gateway_identifier=example_aws_vpclattice_resource_gateway[\"id\"],\n port_ranges=[\"80\"],\n protocol=\"TCP\",\n resource_configuration_definition={\n \"ip_resource\": {\n \"ip_address\": \"10.0.0.1\",\n },\n },\n tags={\n \"Environment\": \"Example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ResourceConfiguration(\"example\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id,\n PortRanges = new[]\n {\n \"80\",\n },\n Protocol = \"TCP\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n IpResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs\n {\n IpAddress = \"10.0.0.1\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"example\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id),\n\t\t\tPortRanges: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"80\"),\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tIpResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs{\n\t\t\t\t\tIpAddress: pulumi.String(\"10.0.0.1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceConfiguration(\"example\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())\n .portRanges(\"80\")\n .protocol(\"TCP\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .ipResource(ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs.builder()\n .ipAddress(\"10.0.0.1\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${exampleAwsVpclatticeResourceGateway.id}\n portRanges:\n - '80'\n protocol: TCP\n resourceConfigurationDefinition:\n ipResource:\n ipAddress: 10.0.0.1\n tags:\n Environment: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ARN Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.vpclattice.ResourceConfiguration(\"test\", {\n name: \"Example\",\n resourceGatewayIdentifier: testAwsVpclatticeResourceGateway.id,\n type: \"ARN\",\n resourceConfigurationDefinition: {\n arnResource: {\n arn: example.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.vpclattice.ResourceConfiguration(\"test\",\n name=\"Example\",\n resource_gateway_identifier=test_aws_vpclattice_resource_gateway[\"id\"],\n type=\"ARN\",\n resource_configuration_definition={\n \"arn_resource\": {\n \"arn\": example[\"arn\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.VpcLattice.ResourceConfiguration(\"test\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = testAwsVpclatticeResourceGateway.Id,\n Type = \"ARN\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n ArnResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs\n {\n Arn = example.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"test\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(testAwsVpclatticeResourceGateway.Id),\n\t\t\tType: pulumi.String(\"ARN\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tArnResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs{\n\t\t\t\t\tArn: pulumi.Any(example.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ResourceConfiguration(\"test\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(testAwsVpclatticeResourceGateway.id())\n .type(\"ARN\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .arnResource(ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs.builder()\n .arn(example.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${testAwsVpclatticeResourceGateway.id}\n type: ARN\n resourceConfigurationDefinition:\n arnResource:\n arn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Resource Configuration using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/resourceConfiguration:ResourceConfiguration example rcfg-1234567890abcdef1\n```\n", + "description": "Resource for managing an AWS VPC Lattice Resource Configuration.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ResourceConfiguration(\"example\", {\n name: \"Example\",\n resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,\n portRanges: [\"80\"],\n protocol: \"TCP\",\n resourceConfigurationDefinition: {\n dnsResource: {\n domainName: \"example.com\",\n ipAddressType: \"IPV4\",\n },\n },\n tags: {\n Environment: \"Example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ResourceConfiguration(\"example\",\n name=\"Example\",\n resource_gateway_identifier=example_aws_vpclattice_resource_gateway[\"id\"],\n port_ranges=[\"80\"],\n protocol=\"TCP\",\n resource_configuration_definition={\n \"dns_resource\": {\n \"domain_name\": \"example.com\",\n \"ip_address_type\": \"IPV4\",\n },\n },\n tags={\n \"Environment\": \"Example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ResourceConfiguration(\"example\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id,\n PortRanges = new[]\n {\n \"80\",\n },\n Protocol = \"TCP\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n DnsResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs\n {\n DomainName = \"example.com\",\n IpAddressType = \"IPV4\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"example\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id),\n\t\t\tPortRanges: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"80\"),\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tDnsResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs{\n\t\t\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceConfiguration(\"example\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())\n .portRanges(\"80\")\n .protocol(\"TCP\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .dnsResource(ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs.builder()\n .domainName(\"example.com\")\n .ipAddressType(\"IPV4\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${exampleAwsVpclatticeResourceGateway.id}\n portRanges:\n - '80'\n protocol: TCP\n resourceConfigurationDefinition:\n dnsResource:\n domainName: example.com\n ipAddressType: IPV4\n tags:\n Environment: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Address Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.ResourceConfiguration(\"example\", {\n name: \"Example\",\n resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,\n portRanges: [\"80\"],\n protocol: \"TCP\",\n resourceConfigurationDefinition: {\n ipResource: {\n ipAddress: \"10.0.0.1\",\n },\n },\n tags: {\n Environment: \"Example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.ResourceConfiguration(\"example\",\n name=\"Example\",\n resource_gateway_identifier=example_aws_vpclattice_resource_gateway[\"id\"],\n port_ranges=[\"80\"],\n protocol=\"TCP\",\n resource_configuration_definition={\n \"ip_resource\": {\n \"ip_address\": \"10.0.0.1\",\n },\n },\n tags={\n \"Environment\": \"Example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.ResourceConfiguration(\"example\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id,\n PortRanges = new[]\n {\n \"80\",\n },\n Protocol = \"TCP\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n IpResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs\n {\n IpAddress = \"10.0.0.1\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"example\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id),\n\t\t\tPortRanges: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"80\"),\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tIpResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs{\n\t\t\t\t\tIpAddress: pulumi.String(\"10.0.0.1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceConfiguration(\"example\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())\n .portRanges(\"80\")\n .protocol(\"TCP\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .ipResource(ResourceConfigurationResourceConfigurationDefinitionIpResourceArgs.builder()\n .ipAddress(\"10.0.0.1\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${exampleAwsVpclatticeResourceGateway.id}\n portRanges:\n - '80'\n protocol: TCP\n resourceConfigurationDefinition:\n ipResource:\n ipAddress: 10.0.0.1\n tags:\n Environment: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With custom domain\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.DomainVerification(\"example\", {domainName: \"example.com\"});\nconst exampleResourceConfiguration = new aws.vpclattice.ResourceConfiguration(\"example\", {\n name: \"Example\",\n resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,\n customDomainName: \"custom.example.com\",\n domainVerificationId: example.id,\n portRanges: [\"443\"],\n protocol: \"TCP\",\n resourceConfigurationDefinition: {\n dnsResource: {\n domainName: \"test.example.com\",\n ipAddressType: \"IPV4\",\n },\n },\n tags: {\n Environment: \"Example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.DomainVerification(\"example\", domain_name=\"example.com\")\nexample_resource_configuration = aws.vpclattice.ResourceConfiguration(\"example\",\n name=\"Example\",\n resource_gateway_identifier=example_aws_vpclattice_resource_gateway[\"id\"],\n custom_domain_name=\"custom.example.com\",\n domain_verification_id=example.id,\n port_ranges=[\"443\"],\n protocol=\"TCP\",\n resource_configuration_definition={\n \"dns_resource\": {\n \"domain_name\": \"test.example.com\",\n \"ip_address_type\": \"IPV4\",\n },\n },\n tags={\n \"Environment\": \"Example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.DomainVerification(\"example\", new()\n {\n DomainName = \"example.com\",\n });\n\n var exampleResourceConfiguration = new Aws.VpcLattice.ResourceConfiguration(\"example\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id,\n CustomDomainName = \"custom.example.com\",\n DomainVerificationId = example.Id,\n PortRanges = new[]\n {\n \"443\",\n },\n Protocol = \"TCP\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n DnsResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs\n {\n DomainName = \"test.example.com\",\n IpAddressType = \"IPV4\",\n },\n },\n Tags = \n {\n { \"Environment\", \"Example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewDomainVerification(ctx, \"example\", \u0026vpclattice.DomainVerificationArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewResourceConfiguration(ctx, \"example\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id),\n\t\t\tCustomDomainName: pulumi.String(\"custom.example.com\"),\n\t\t\tDomainVerificationId: example.ID(),\n\t\t\tPortRanges: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"443\"),\n\t\t\t},\n\t\t\tProtocol: pulumi.String(\"TCP\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tDnsResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs{\n\t\t\t\t\tDomainName: pulumi.String(\"test.example.com\"),\n\t\t\t\t\tIpAddressType: pulumi.String(\"IPV4\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.DomainVerification;\nimport com.pulumi.aws.vpclattice.DomainVerificationArgs;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainVerification(\"example\", DomainVerificationArgs.builder()\n .domainName(\"example.com\")\n .build());\n\n var exampleResourceConfiguration = new ResourceConfiguration(\"exampleResourceConfiguration\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())\n .customDomainName(\"custom.example.com\")\n .domainVerificationId(example.id())\n .portRanges(\"443\")\n .protocol(\"TCP\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .dnsResource(ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs.builder()\n .domainName(\"test.example.com\")\n .ipAddressType(\"IPV4\")\n .build())\n .build())\n .tags(Map.of(\"Environment\", \"Example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:DomainVerification\n properties:\n domainName: example.com\n exampleResourceConfiguration:\n type: aws:vpclattice:ResourceConfiguration\n name: example\n properties:\n name: Example\n resourceGatewayIdentifier: ${exampleAwsVpclatticeResourceGateway.id}\n customDomainName: custom.example.com\n domainVerificationId: ${example.id}\n portRanges:\n - '443'\n protocol: TCP\n resourceConfigurationDefinition:\n dnsResource:\n domainName: test.example.com\n ipAddressType: IPV4\n tags:\n Environment: Example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### ARN Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.vpclattice.ResourceConfiguration(\"test\", {\n name: \"Example\",\n resourceGatewayIdentifier: testAwsVpclatticeResourceGateway.id,\n type: \"ARN\",\n resourceConfigurationDefinition: {\n arnResource: {\n arn: example.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.vpclattice.ResourceConfiguration(\"test\",\n name=\"Example\",\n resource_gateway_identifier=test_aws_vpclattice_resource_gateway[\"id\"],\n type=\"ARN\",\n resource_configuration_definition={\n \"arn_resource\": {\n \"arn\": example[\"arn\"],\n },\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.VpcLattice.ResourceConfiguration(\"test\", new()\n {\n Name = \"Example\",\n ResourceGatewayIdentifier = testAwsVpclatticeResourceGateway.Id,\n Type = \"ARN\",\n ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs\n {\n ArnResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs\n {\n Arn = example.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := vpclattice.NewResourceConfiguration(ctx, \"test\", \u0026vpclattice.ResourceConfigurationArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tResourceGatewayIdentifier: pulumi.Any(testAwsVpclatticeResourceGateway.Id),\n\t\t\tType: pulumi.String(\"ARN\"),\n\t\t\tResourceConfigurationDefinition: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{\n\t\t\t\tArnResource: \u0026vpclattice.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs{\n\t\t\t\t\tArn: pulumi.Any(example.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.ResourceConfiguration;\nimport com.pulumi.aws.vpclattice.ResourceConfigurationArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;\nimport com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ResourceConfiguration(\"test\", ResourceConfigurationArgs.builder()\n .name(\"Example\")\n .resourceGatewayIdentifier(testAwsVpclatticeResourceGateway.id())\n .type(\"ARN\")\n .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()\n .arnResource(ResourceConfigurationResourceConfigurationDefinitionArnResourceArgs.builder()\n .arn(example.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:vpclattice:ResourceConfiguration\n properties:\n name: Example\n resourceGatewayIdentifier: ${testAwsVpclatticeResourceGateway.id}\n type: ARN\n resourceConfigurationDefinition:\n arnResource:\n arn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Resource Configuration using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/resourceConfiguration:ResourceConfiguration example rcfg-1234567890abcdef1\n```\n", "properties": { "allowAssociationToShareableServiceNetwork": { "type": "boolean", @@ -424698,6 +425911,22 @@ "type": "string", "description": "ARN of the resource gateway.\n" }, + "customDomainName": { + "type": "string", + "description": "Custom domain name for your resource configuration. Additionally, provide a \u003cspan pulumi-lang-nodejs=\"`domainVerificationId`\" pulumi-lang-dotnet=\"`DomainVerificationId`\" pulumi-lang-go=\"`domainVerificationId`\" pulumi-lang-python=\"`domain_verification_id`\" pulumi-lang-yaml=\"`domainVerificationId`\" pulumi-lang-java=\"`domainVerificationId`\"\u003e`domain_verification_id`\u003c/span\u003e to prove your ownership of a domain.\n" + }, + "domainVerificationArn": { + "type": "string", + "description": "ARN of the domain verification.\n" + }, + "domainVerificationId": { + "type": "string", + "description": "The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.\n" + }, + "domainVerificationStatus": { + "type": "string", + "description": "Domain verification status.\n" + }, "name": { "type": "string", "description": "Name for the Resource Configuration.\n" @@ -424754,6 +425983,9 @@ "required": [ "allowAssociationToShareableServiceNetwork", "arn", + "domainVerificationArn", + "domainVerificationId", + "domainVerificationStatus", "name", "portRanges", "protocol", @@ -424767,6 +425999,14 @@ "type": "boolean", "description": "Allow or Deny the association of this resource to a shareable service network.\n" }, + "customDomainName": { + "type": "string", + "description": "Custom domain name for your resource configuration. Additionally, provide a \u003cspan pulumi-lang-nodejs=\"`domainVerificationId`\" pulumi-lang-dotnet=\"`DomainVerificationId`\" pulumi-lang-go=\"`domainVerificationId`\" pulumi-lang-python=\"`domain_verification_id`\" pulumi-lang-yaml=\"`domainVerificationId`\" pulumi-lang-java=\"`domainVerificationId`\"\u003e`domain_verification_id`\u003c/span\u003e to prove your ownership of a domain.\n" + }, + "domainVerificationId": { + "type": "string", + "description": "The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.\n" + }, "name": { "type": "string", "description": "Name for the Resource Configuration.\n" @@ -424824,6 +426064,22 @@ "type": "string", "description": "ARN of the resource gateway.\n" }, + "customDomainName": { + "type": "string", + "description": "Custom domain name for your resource configuration. Additionally, provide a \u003cspan pulumi-lang-nodejs=\"`domainVerificationId`\" pulumi-lang-dotnet=\"`DomainVerificationId`\" pulumi-lang-go=\"`domainVerificationId`\" pulumi-lang-python=\"`domain_verification_id`\" pulumi-lang-yaml=\"`domainVerificationId`\" pulumi-lang-java=\"`domainVerificationId`\"\u003e`domain_verification_id`\u003c/span\u003e to prove your ownership of a domain.\n" + }, + "domainVerificationArn": { + "type": "string", + "description": "ARN of the domain verification.\n" + }, + "domainVerificationId": { + "type": "string", + "description": "The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.\n" + }, + "domainVerificationStatus": { + "type": "string", + "description": "Domain verification status.\n" + }, "name": { "type": "string", "description": "Name for the Resource Configuration.\n" @@ -428563,7 +429819,7 @@ } }, "aws:wafv2/ruleGroup:RuleGroup": { - "description": "Creates a WAFv2 Rule Group resource.\n\n## Example Usage\n\n### Simple\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"example-rule\",\n scope: \"REGIONAL\",\n capacity: 2,\n rules: [{\n name: \"rule-1\",\n priority: 1,\n action: {\n allow: {},\n },\n statement: {\n geoMatchStatement: {\n countryCodes: [\n \"US\",\n \"NL\",\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-rule-metric-name\",\n sampledRequestsEnabled: false,\n },\n }],\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"example-rule\",\n scope=\"REGIONAL\",\n capacity=2,\n rules=[{\n \"name\": \"rule-1\",\n \"priority\": 1,\n \"action\": {\n \"allow\": {},\n },\n \"statement\": {\n \"geo_match_statement\": {\n \"country_codes\": [\n \"US\",\n \"NL\",\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-rule-metric-name\",\n \"sampled_requests_enabled\": False,\n },\n }],\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"example-rule\",\n Scope = \"REGIONAL\",\n Capacity = 2,\n Rules = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-1\",\n Priority = 1,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Allow = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n GeoMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementGeoMatchStatementArgs\n {\n CountryCodes = new[]\n {\n \"US\",\n \"NL\",\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-rule-metric-name\",\n SampledRequestsEnabled = false,\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example-rule\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(2),\n\t\t\tRules: wafv2.RuleGroupRuleArray{\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-1\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tAllow: \u0026wafv2.RuleGroupRuleActionAllowArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tGeoMatchStatement: \u0026wafv2.RuleGroupRuleStatementGeoMatchStatementArgs{\n\t\t\t\t\t\t\tCountryCodes: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"NL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"friendly-rule-metric-name\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionAllowArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementGeoMatchStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleVisibilityConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"example-rule\")\n .scope(\"REGIONAL\")\n .capacity(2)\n .rules(RuleGroupRuleArgs.builder()\n .name(\"rule-1\")\n .priority(1)\n .action(RuleGroupRuleActionArgs.builder()\n .allow(RuleGroupRuleActionAllowArgs.builder()\n .build())\n .build())\n .statement(RuleGroupRuleStatementArgs.builder()\n .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()\n .countryCodes( \n \"US\",\n \"NL\")\n .build())\n .build())\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-rule-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build())\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: example-rule\n scope: REGIONAL\n capacity: 2\n rules:\n - name: rule-1\n priority: 1\n action:\n allow: {}\n statement:\n geoMatchStatement:\n countryCodes:\n - US\n - NL\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-rule-metric-name\n sampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complex\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.wafv2.IpSet(\"test\", {\n name: \"test\",\n scope: \"REGIONAL\",\n ipAddressVersion: \"IPV4\",\n addresses: [\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n});\nconst testRegexPatternSet = new aws.wafv2.RegexPatternSet(\"test\", {\n name: \"test\",\n scope: \"REGIONAL\",\n regularExpressions: [{\n regexString: \"one\",\n }],\n});\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"complex-example\",\n description: \"An rule group containing all statements\",\n scope: \"REGIONAL\",\n capacity: 500,\n rules: [\n {\n name: \"rule-1\",\n priority: 1,\n action: {\n block: {},\n },\n statement: {\n notStatement: {\n statements: [{\n andStatement: {\n statements: [\n {\n geoMatchStatement: {\n countryCodes: [\"US\"],\n },\n },\n {\n byteMatchStatement: {\n positionalConstraint: \"CONTAINS\",\n searchString: \"word\",\n fieldToMatch: {\n allQueryArguments: {},\n },\n textTransformations: [\n {\n priority: 5,\n type: \"CMD_LINE\",\n },\n {\n priority: 2,\n type: \"LOWERCASE\",\n },\n ],\n },\n },\n ],\n },\n }],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-1\",\n sampledRequestsEnabled: false,\n },\n },\n {\n name: \"rule-2\",\n priority: 2,\n action: {\n count: {},\n },\n statement: {\n orStatement: {\n statements: [\n {\n regexMatchStatement: {\n regexString: \"a-z?\",\n fieldToMatch: {\n singleHeader: {\n name: \"user-agent\",\n },\n },\n textTransformations: [{\n priority: 6,\n type: \"NONE\",\n }],\n },\n },\n {\n sqliMatchStatement: {\n fieldToMatch: {\n body: {},\n },\n textTransformations: [\n {\n priority: 5,\n type: \"URL_DECODE\",\n },\n {\n priority: 4,\n type: \"HTML_ENTITY_DECODE\",\n },\n {\n priority: 3,\n type: \"COMPRESS_WHITE_SPACE\",\n },\n ],\n },\n },\n {\n xssMatchStatement: {\n fieldToMatch: {\n method: {},\n },\n textTransformations: [{\n priority: 2,\n type: \"NONE\",\n }],\n },\n },\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-2\",\n sampledRequestsEnabled: false,\n },\n captchaConfig: {\n immunityTimeProperty: {\n immunityTime: 240,\n },\n },\n },\n {\n name: \"rule-3\",\n priority: 3,\n action: {\n block: {},\n },\n statement: {\n sizeConstraintStatement: {\n comparisonOperator: \"GT\",\n size: 100,\n fieldToMatch: {\n singleQueryArgument: {\n name: \"username\",\n },\n },\n textTransformations: [{\n priority: 5,\n type: \"NONE\",\n }],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-3\",\n sampledRequestsEnabled: false,\n },\n },\n {\n name: \"rule-4\",\n priority: 4,\n action: {\n block: {},\n },\n statement: {\n orStatement: {\n statements: [\n {\n ipSetReferenceStatement: {\n arn: test.arn,\n },\n },\n {\n regexPatternSetReferenceStatement: {\n arn: testRegexPatternSet.arn,\n fieldToMatch: {\n singleHeader: {\n name: \"referer\",\n },\n },\n textTransformations: [{\n priority: 2,\n type: \"NONE\",\n }],\n },\n },\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-4\",\n sampledRequestsEnabled: false,\n },\n },\n ],\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n captchaConfig: [{\n immunityTimeProperty: [{\n immunityTime: 120,\n }],\n }],\n tags: {\n Name: \"example-and-statement\",\n Code: \"123456\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.wafv2.IpSet(\"test\",\n name=\"test\",\n scope=\"REGIONAL\",\n ip_address_version=\"IPV4\",\n addresses=[\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ])\ntest_regex_pattern_set = aws.wafv2.RegexPatternSet(\"test\",\n name=\"test\",\n scope=\"REGIONAL\",\n regular_expressions=[{\n \"regex_string\": \"one\",\n }])\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"complex-example\",\n description=\"An rule group containing all statements\",\n scope=\"REGIONAL\",\n capacity=500,\n rules=[\n {\n \"name\": \"rule-1\",\n \"priority\": 1,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"not_statement\": {\n \"statements\": [{\n \"and_statement\": {\n \"statements\": [\n {\n \"geo_match_statement\": {\n \"country_codes\": [\"US\"],\n },\n },\n {\n \"byte_match_statement\": {\n \"positional_constraint\": \"CONTAINS\",\n \"search_string\": \"word\",\n \"field_to_match\": {\n \"all_query_arguments\": {},\n },\n \"text_transformations\": [\n {\n \"priority\": 5,\n \"type\": \"CMD_LINE\",\n },\n {\n \"priority\": 2,\n \"type\": \"LOWERCASE\",\n },\n ],\n },\n },\n ],\n },\n }],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-1\",\n \"sampled_requests_enabled\": False,\n },\n },\n {\n \"name\": \"rule-2\",\n \"priority\": 2,\n \"action\": {\n \"count\": {},\n },\n \"statement\": {\n \"or_statement\": {\n \"statements\": [\n {\n \"regex_match_statement\": {\n \"regex_string\": \"a-z?\",\n \"field_to_match\": {\n \"single_header\": {\n \"name\": \"user-agent\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 6,\n \"type\": \"NONE\",\n }],\n },\n },\n {\n \"sqli_match_statement\": {\n \"field_to_match\": {\n \"body\": {},\n },\n \"text_transformations\": [\n {\n \"priority\": 5,\n \"type\": \"URL_DECODE\",\n },\n {\n \"priority\": 4,\n \"type\": \"HTML_ENTITY_DECODE\",\n },\n {\n \"priority\": 3,\n \"type\": \"COMPRESS_WHITE_SPACE\",\n },\n ],\n },\n },\n {\n \"xss_match_statement\": {\n \"field_to_match\": {\n \"method\": {},\n },\n \"text_transformations\": [{\n \"priority\": 2,\n \"type\": \"NONE\",\n }],\n },\n },\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-2\",\n \"sampled_requests_enabled\": False,\n },\n \"captcha_config\": {\n \"immunity_time_property\": {\n \"immunity_time\": 240,\n },\n },\n },\n {\n \"name\": \"rule-3\",\n \"priority\": 3,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"size_constraint_statement\": {\n \"comparison_operator\": \"GT\",\n \"size\": 100,\n \"field_to_match\": {\n \"single_query_argument\": {\n \"name\": \"username\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 5,\n \"type\": \"NONE\",\n }],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-3\",\n \"sampled_requests_enabled\": False,\n },\n },\n {\n \"name\": \"rule-4\",\n \"priority\": 4,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"or_statement\": {\n \"statements\": [\n {\n \"ip_set_reference_statement\": {\n \"arn\": test.arn,\n },\n },\n {\n \"regex_pattern_set_reference_statement\": {\n \"arn\": test_regex_pattern_set.arn,\n \"field_to_match\": {\n \"single_header\": {\n \"name\": \"referer\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 2,\n \"type\": \"NONE\",\n }],\n },\n },\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-4\",\n \"sampled_requests_enabled\": False,\n },\n },\n ],\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n },\n captcha_config=[{\n \"immunityTimeProperty\": [{\n \"immunityTime\": 120,\n }],\n }],\n tags={\n \"Name\": \"example-and-statement\",\n \"Code\": \"123456\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.WafV2.IpSet(\"test\", new()\n {\n Name = \"test\",\n Scope = \"REGIONAL\",\n IpAddressVersion = \"IPV4\",\n Addresses = new[]\n {\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n },\n });\n\n var testRegexPatternSet = new Aws.WafV2.RegexPatternSet(\"test\", new()\n {\n Name = \"test\",\n Scope = \"REGIONAL\",\n RegularExpressions = new[]\n {\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"one\",\n },\n },\n });\n\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"complex-example\",\n Description = \"An rule group containing all statements\",\n Scope = \"REGIONAL\",\n Capacity = 500,\n Rules = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-1\",\n Priority = 1,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n NotStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementNotStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n AndStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementAndStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n GeoMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementGeoMatchStatementArgs\n {\n CountryCodes = new[]\n {\n \"US\",\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n ByteMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementArgs\n {\n PositionalConstraint = \"CONTAINS\",\n SearchString = \"word\",\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs\n {\n AllQueryArguments = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"CMD_LINE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"LOWERCASE\",\n },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-1\",\n SampledRequestsEnabled = false,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-2\",\n Priority = 2,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Count = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n OrStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementOrStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n RegexMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementArgs\n {\n RegexString = \"a-z?\",\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs\n {\n SingleHeader = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs\n {\n Name = \"user-agent\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs\n {\n Priority = 6,\n Type = \"NONE\",\n },\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n SqliMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementArgs\n {\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs\n {\n Body = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"URL_DECODE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 4,\n Type = \"HTML_ENTITY_DECODE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 3,\n Type = \"COMPRESS_WHITE_SPACE\",\n },\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n XssMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementArgs\n {\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs\n {\n Method = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"NONE\",\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-2\",\n SampledRequestsEnabled = false,\n },\n CaptchaConfig = new Aws.WafV2.Inputs.RuleGroupRuleCaptchaConfigArgs\n {\n ImmunityTimeProperty = new Aws.WafV2.Inputs.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs\n {\n ImmunityTime = 240,\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-3\",\n Priority = 3,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n SizeConstraintStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementArgs\n {\n ComparisonOperator = \"GT\",\n Size = 100,\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs\n {\n SingleQueryArgument = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs\n {\n Name = \"username\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"NONE\",\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-3\",\n SampledRequestsEnabled = false,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-4\",\n Priority = 4,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n OrStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementOrStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n IpSetReferenceStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementIpSetReferenceStatementArgs\n {\n Arn = test.Arn,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n RegexPatternSetReferenceStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs\n {\n Arn = testRegexPatternSet.Arn,\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs\n {\n SingleHeader = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs\n {\n Name = \"referer\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"NONE\",\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-4\",\n SampledRequestsEnabled = false,\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n CaptchaConfig = new[]\n {\n \n {\n { \"immunityTimeProperty\", new[]\n {\n \n {\n { \"immunityTime\", 120 },\n },\n } },\n },\n },\n Tags = \n {\n { \"Name\", \"example-and-statement\" },\n { \"Code\", \"123456\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := wafv2.NewIpSet(ctx, \"test\", \u0026wafv2.IpSetArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tIpAddressVersion: pulumi.String(\"IPV4\"),\n\t\t\tAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.1.1.1/32\"),\n\t\t\t\tpulumi.String(\"2.2.2.2/32\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRegexPatternSet, err := wafv2.NewRegexPatternSet(ctx, \"test\", \u0026wafv2.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tRegularExpressions: wafv2.RegexPatternSetRegularExpressionArray{\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"one\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"complex-example\"),\n\t\t\tDescription: pulumi.String(\"An rule group containing all statements\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(500),\n\t\t\tRules: wafv2.RuleGroupRuleArray{\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-1\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tNotStatement: \u0026wafv2.RuleGroupRuleStatementNotStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tAndStatement: \u0026wafv2.RuleGroupRuleStatementAndStatementArgs{\n\t\t\t\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tGeoMatchStatement: \u0026wafv2.RuleGroupRuleStatementGeoMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\tCountryCodes: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tByteMatchStatement: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\tSearchString: pulumi.String(\"word\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAllQueryArguments: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs{},\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"CMD_LINE\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"LOWERCASE\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-1\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-2\"),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tCount: \u0026wafv2.RuleGroupRuleActionCountArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tOrStatement: \u0026wafv2.RuleGroupRuleStatementOrStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tRegexMatchStatement: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tRegexString: pulumi.String(\"a-z?\"),\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tSingleHeader: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"user-agent\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementRegexMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(6),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tSqliMatchStatement: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tBody: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs{},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(4),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"HTML_ENTITY_DECODE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"COMPRESS_WHITE_SPACE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tXssMatchStatement: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tMethod: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs{},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementXssMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementXssMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-2\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tCaptchaConfig: \u0026wafv2.RuleGroupRuleCaptchaConfigArgs{\n\t\t\t\t\t\tImmunityTimeProperty: \u0026wafv2.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs{\n\t\t\t\t\t\t\tImmunityTime: pulumi.Int(240),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-3\"),\n\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tSizeConstraintStatement: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementArgs{\n\t\t\t\t\t\t\tComparisonOperator: pulumi.String(\"GT\"),\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\tSingleQueryArgument: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"username\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-3\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-4\"),\n\t\t\t\t\tPriority: pulumi.Int(4),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tOrStatement: \u0026wafv2.RuleGroupRuleStatementOrStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tIpSetReferenceStatement: \u0026wafv2.RuleGroupRuleStatementIpSetReferenceStatementArgs{\n\t\t\t\t\t\t\t\t\t\tArn: test.Arn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tRegexPatternSetReferenceStatement: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs{\n\t\t\t\t\t\t\t\t\t\tArn: testRegexPatternSet.Arn,\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tSingleHeader: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-4\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tCaptchaConfig: []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"immunityTimeProperty\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"immunityTime\": 120,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-and-statement\"),\n\t\t\t\t\"Code\": pulumi.String(\"123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.IpSet;\nimport com.pulumi.aws.wafv2.IpSetArgs;\nimport com.pulumi.aws.wafv2.RegexPatternSet;\nimport com.pulumi.aws.wafv2.RegexPatternSetArgs;\nimport com.pulumi.aws.wafv2.inputs.RegexPatternSetRegularExpressionArgs;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionBlockArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementNotStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleVisibilityConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionCountArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementOrStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleCaptchaConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new IpSet(\"test\", IpSetArgs.builder()\n .name(\"test\")\n .scope(\"REGIONAL\")\n .ipAddressVersion(\"IPV4\")\n .addresses( \n \"1.1.1.1/32\",\n \"2.2.2.2/32\")\n .build());\n\n var testRegexPatternSet = new RegexPatternSet(\"testRegexPatternSet\", RegexPatternSetArgs.builder()\n .name(\"test\")\n .scope(\"REGIONAL\")\n .regularExpressions(RegexPatternSetRegularExpressionArgs.builder()\n .regexString(\"one\")\n .build())\n .build());\n\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"complex-example\")\n .description(\"An rule group containing all statements\")\n .scope(\"REGIONAL\")\n .capacity(500)\n .rules( \n RuleGroupRuleArgs.builder()\n .name(\"rule-1\")\n .priority(1)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(Map.of(\"notStatement\", Map.of(\"statements\", Map.of(\"andStatement\", RuleGroupRuleStatementAndStatementArgs.builder()\n .statements( \n RuleGroupRuleStatementArgs.builder()\n .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()\n .countryCodes(\"US\")\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .byteMatchStatement(RuleGroupRuleStatementByteMatchStatementArgs.builder()\n .positionalConstraint(\"CONTAINS\")\n .searchString(\"word\")\n .fieldToMatch(RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs.builder()\n .allQueryArguments(RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs.builder()\n .build())\n .build())\n .textTransformations( \n RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"CMD_LINE\")\n .build(),\n RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"LOWERCASE\")\n .build())\n .build())\n .build())\n .build()))))\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-1\")\n .sampledRequestsEnabled(false)\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-2\")\n .priority(2)\n .action(RuleGroupRuleActionArgs.builder()\n .count(RuleGroupRuleActionCountArgs.builder()\n .build())\n .build())\n .statement(Map.of(\"orStatement\", Map.of(\"statements\", \n RuleGroupRuleStatementArgs.builder()\n .regexMatchStatement(RuleGroupRuleStatementRegexMatchStatementArgs.builder()\n .regexString(\"a-z?\")\n .fieldToMatch(RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs.builder()\n .singleHeader(RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs.builder()\n .name(\"user-agent\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs.builder()\n .priority(6)\n .type(\"NONE\")\n .build())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .sqliMatchStatement(RuleGroupRuleStatementSqliMatchStatementArgs.builder()\n .fieldToMatch(RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs.builder()\n .body(RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs.builder()\n .build())\n .build())\n .textTransformations( \n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"URL_DECODE\")\n .build(),\n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(4)\n .type(\"HTML_ENTITY_DECODE\")\n .build(),\n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(3)\n .type(\"COMPRESS_WHITE_SPACE\")\n .build())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .xssMatchStatement(RuleGroupRuleStatementXssMatchStatementArgs.builder()\n .fieldToMatch(RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs.builder()\n .method(RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs.builder()\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementXssMatchStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"NONE\")\n .build())\n .build())\n .build())))\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-2\")\n .sampledRequestsEnabled(false)\n .build())\n .captchaConfig(RuleGroupRuleCaptchaConfigArgs.builder()\n .immunityTimeProperty(RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs.builder()\n .immunityTime(240)\n .build())\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-3\")\n .priority(3)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(RuleGroupRuleStatementArgs.builder()\n .sizeConstraintStatement(RuleGroupRuleStatementSizeConstraintStatementArgs.builder()\n .comparisonOperator(\"GT\")\n .size(100)\n .fieldToMatch(RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs.builder()\n .singleQueryArgument(RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs.builder()\n .name(\"username\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"NONE\")\n .build())\n .build())\n .build())\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-3\")\n .sampledRequestsEnabled(false)\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-4\")\n .priority(4)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(Map.of(\"orStatement\", RuleGroupRuleStatementOrStatementArgs.builder()\n .statements( \n RuleGroupRuleStatementArgs.builder()\n .ipSetReferenceStatement(RuleGroupRuleStatementIpSetReferenceStatementArgs.builder()\n .arn(test.arn())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .regexPatternSetReferenceStatement(RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs.builder()\n .arn(testRegexPatternSet.arn())\n .fieldToMatch(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs.builder()\n .singleHeader(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs.builder()\n .name(\"referer\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"NONE\")\n .build())\n .build())\n .build())\n .build()))\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-4\")\n .sampledRequestsEnabled(false)\n .build())\n .build())\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .captchaConfig(List.of(Map.of(\"immunityTimeProperty\", List.of(Map.of(\"immunityTime\", 120)))))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example-and-statement\"),\n Map.entry(\"Code\", \"123456\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:wafv2:IpSet\n properties:\n name: test\n scope: REGIONAL\n ipAddressVersion: IPV4\n addresses:\n - 1.1.1.1/32\n - 2.2.2.2/32\n testRegexPatternSet:\n type: aws:wafv2:RegexPatternSet\n name: test\n properties:\n name: test\n scope: REGIONAL\n regularExpressions:\n - regexString: one\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: complex-example\n description: An rule group containing all statements\n scope: REGIONAL\n capacity: 500\n rules:\n - name: rule-1\n priority: 1\n action:\n block: {}\n statement:\n notStatement:\n statements:\n - andStatement:\n statements:\n - geoMatchStatement:\n countryCodes:\n - US\n - byteMatchStatement:\n positionalConstraint: CONTAINS\n searchString: word\n fieldToMatch:\n allQueryArguments: {}\n textTransformations:\n - priority: 5\n type: CMD_LINE\n - priority: 2\n type: LOWERCASE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-1\n sampledRequestsEnabled: false\n - name: rule-2\n priority: 2\n action:\n count: {}\n statement:\n orStatement:\n statements:\n - regexMatchStatement:\n regexString: a-z?\n fieldToMatch:\n singleHeader:\n name: user-agent\n textTransformations:\n - priority: 6\n type: NONE\n - sqliMatchStatement:\n fieldToMatch:\n body: {}\n textTransformations:\n - priority: 5\n type: URL_DECODE\n - priority: 4\n type: HTML_ENTITY_DECODE\n - priority: 3\n type: COMPRESS_WHITE_SPACE\n - xssMatchStatement:\n fieldToMatch:\n method: {}\n textTransformations:\n - priority: 2\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-2\n sampledRequestsEnabled: false\n captchaConfig:\n immunityTimeProperty:\n immunityTime: 240\n - name: rule-3\n priority: 3\n action:\n block: {}\n statement:\n sizeConstraintStatement:\n comparisonOperator: GT\n size: 100\n fieldToMatch:\n singleQueryArgument:\n name: username\n textTransformations:\n - priority: 5\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-3\n sampledRequestsEnabled: false\n - name: rule-4\n priority: 4\n action:\n block: {}\n statement:\n orStatement:\n statements:\n - ipSetReferenceStatement:\n arn: ${test.arn}\n - regexPatternSetReferenceStatement:\n arn: ${testRegexPatternSet.arn}\n fieldToMatch:\n singleHeader:\n name: referer\n textTransformations:\n - priority: 2\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-4\n sampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n captchaConfig:\n - immunityTimeProperty:\n - immunityTime: 120\n tags:\n Name: example-and-statement\n Code: '123456'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using\u003cspan pulumi-lang-nodejs=\" rulesJson\n\" pulumi-lang-dotnet=\" RulesJson\n\" pulumi-lang-go=\" rulesJson\n\" pulumi-lang-python=\" rules_json\n\" pulumi-lang-yaml=\" rulesJson\n\" pulumi-lang-java=\" rulesJson\n\"\u003e rules_json\n\u003c/span\u003e\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"example-rule-group\",\n scope: \"REGIONAL\",\n capacity: 100,\n rulesJson: JSON.stringify([{\n Name: \"rule-1\",\n Priority: 1,\n Action: {\n Count: {},\n },\n Statement: {\n ByteMatchStatement: {\n SearchString: \"badbot\",\n FieldToMatch: {\n UriPath: {},\n },\n TextTransformations: [{\n Priority: 1,\n Type: \"NONE\",\n }],\n PositionalConstraint: \"CONTAINS\",\n },\n },\n VisibilityConfig: {\n CloudwatchMetricsEnabled: false,\n MetricName: \"friendly-rule-metric-name\",\n SampledRequestsEnabled: false,\n },\n }]),\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"example-rule-group\",\n scope=\"REGIONAL\",\n capacity=100,\n rules_json=json.dumps([{\n \"Name\": \"rule-1\",\n \"Priority\": 1,\n \"Action\": {\n \"Count\": {},\n },\n \"Statement\": {\n \"ByteMatchStatement\": {\n \"SearchString\": \"badbot\",\n \"FieldToMatch\": {\n \"UriPath\": {},\n },\n \"TextTransformations\": [{\n \"Priority\": 1,\n \"Type\": \"NONE\",\n }],\n \"PositionalConstraint\": \"CONTAINS\",\n },\n },\n \"VisibilityConfig\": {\n \"CloudwatchMetricsEnabled\": False,\n \"MetricName\": \"friendly-rule-metric-name\",\n \"SampledRequestsEnabled\": False,\n },\n }]),\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"example-rule-group\",\n Scope = \"REGIONAL\",\n Capacity = 100,\n RulesJson = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"rule-1\",\n [\"Priority\"] = 1,\n [\"Action\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Count\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n [\"Statement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ByteMatchStatement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"SearchString\"] = \"badbot\",\n [\"FieldToMatch\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"UriPath\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n [\"TextTransformations\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Priority\"] = 1,\n [\"Type\"] = \"NONE\",\n },\n },\n [\"PositionalConstraint\"] = \"CONTAINS\",\n },\n },\n [\"VisibilityConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CloudwatchMetricsEnabled\"] = false,\n [\"MetricName\"] = \"friendly-rule-metric-name\",\n [\"SampledRequestsEnabled\"] = false,\n },\n },\n }),\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Name\": \"rule-1\",\n\t\t\t\t\"Priority\": 1,\n\t\t\t\t\"Action\": map[string]interface{}{\n\t\t\t\t\t\"Count\": map[string]interface{}{},\n\t\t\t\t},\n\t\t\t\t\"Statement\": map[string]interface{}{\n\t\t\t\t\t\"ByteMatchStatement\": map[string]interface{}{\n\t\t\t\t\t\t\"SearchString\": \"badbot\",\n\t\t\t\t\t\t\"FieldToMatch\": map[string]interface{}{\n\t\t\t\t\t\t\t\"UriPath\": map[string]interface{}{},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"TextTransformations\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Priority\": 1,\n\t\t\t\t\t\t\t\t\"Type\": \"NONE\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"PositionalConstraint\": \"CONTAINS\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"VisibilityConfig\": map[string]interface{}{\n\t\t\t\t\t\"CloudwatchMetricsEnabled\": false,\n\t\t\t\t\t\"MetricName\": \"friendly-rule-metric-name\",\n\t\t\t\t\t\"SampledRequestsEnabled\": false,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example-rule-group\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tRulesJson: pulumi.String(json0),\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"example-rule-group\")\n .scope(\"REGIONAL\")\n .capacity(100)\n .rulesJson(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Name\", \"rule-1\"),\n jsonProperty(\"Priority\", 1),\n jsonProperty(\"Action\", jsonObject(\n jsonProperty(\"Count\", jsonObject(\n\n ))\n )),\n jsonProperty(\"Statement\", jsonObject(\n jsonProperty(\"ByteMatchStatement\", jsonObject(\n jsonProperty(\"SearchString\", \"badbot\"),\n jsonProperty(\"FieldToMatch\", jsonObject(\n jsonProperty(\"UriPath\", jsonObject(\n\n ))\n )),\n jsonProperty(\"TextTransformations\", jsonArray(jsonObject(\n jsonProperty(\"Priority\", 1),\n jsonProperty(\"Type\", \"NONE\")\n ))),\n jsonProperty(\"PositionalConstraint\", \"CONTAINS\")\n ))\n )),\n jsonProperty(\"VisibilityConfig\", jsonObject(\n jsonProperty(\"CloudwatchMetricsEnabled\", false),\n jsonProperty(\"MetricName\", \"friendly-rule-metric-name\"),\n jsonProperty(\"SampledRequestsEnabled\", false)\n ))\n ))))\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: example-rule-group\n scope: REGIONAL\n capacity: 100\n rulesJson:\n fn::toJSON:\n - Name: rule-1\n Priority: 1\n Action:\n Count: {}\n Statement:\n ByteMatchStatement:\n SearchString: badbot\n FieldToMatch:\n UriPath: {}\n TextTransformations:\n - Priority: 1\n Type: NONE\n PositionalConstraint: CONTAINS\n VisibilityConfig:\n CloudwatchMetricsEnabled: false\n MetricName: friendly-rule-metric-name\n SampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAFv2 Rule Group using `ID/name/scope`. For example:\n\n```sh\n$ pulumi import aws:wafv2/ruleGroup:RuleGroup example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL\n```\n", + "description": "Creates a WAFv2 Rule Group resource.\n\n## Example Usage\n\n### Simple\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"example-rule\",\n scope: \"REGIONAL\",\n capacity: 2,\n rules: [{\n name: \"rule-1\",\n priority: 1,\n action: {\n allow: {},\n },\n statement: {\n geoMatchStatement: {\n countryCodes: [\n \"US\",\n \"NL\",\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-rule-metric-name\",\n sampledRequestsEnabled: false,\n },\n }],\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"example-rule\",\n scope=\"REGIONAL\",\n capacity=2,\n rules=[{\n \"name\": \"rule-1\",\n \"priority\": 1,\n \"action\": {\n \"allow\": {},\n },\n \"statement\": {\n \"geo_match_statement\": {\n \"country_codes\": [\n \"US\",\n \"NL\",\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-rule-metric-name\",\n \"sampled_requests_enabled\": False,\n },\n }],\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"example-rule\",\n Scope = \"REGIONAL\",\n Capacity = 2,\n Rules = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-1\",\n Priority = 1,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Allow = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n GeoMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementGeoMatchStatementArgs\n {\n CountryCodes = new[]\n {\n \"US\",\n \"NL\",\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-rule-metric-name\",\n SampledRequestsEnabled = false,\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example-rule\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(2),\n\t\t\tRules: wafv2.RuleGroupRuleArray{\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-1\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tAllow: \u0026wafv2.RuleGroupRuleActionAllowArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tGeoMatchStatement: \u0026wafv2.RuleGroupRuleStatementGeoMatchStatementArgs{\n\t\t\t\t\t\t\tCountryCodes: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"NL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"friendly-rule-metric-name\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionAllowArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementGeoMatchStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleVisibilityConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"example-rule\")\n .scope(\"REGIONAL\")\n .capacity(2)\n .rules(RuleGroupRuleArgs.builder()\n .name(\"rule-1\")\n .priority(1)\n .action(RuleGroupRuleActionArgs.builder()\n .allow(RuleGroupRuleActionAllowArgs.builder()\n .build())\n .build())\n .statement(RuleGroupRuleStatementArgs.builder()\n .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()\n .countryCodes( \n \"US\",\n \"NL\")\n .build())\n .build())\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-rule-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build())\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: example-rule\n scope: REGIONAL\n capacity: 2\n rules:\n - name: rule-1\n priority: 1\n action:\n allow: {}\n statement:\n geoMatchStatement:\n countryCodes:\n - US\n - NL\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-rule-metric-name\n sampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complex\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.wafv2.IpSet(\"test\", {\n name: \"test\",\n scope: \"REGIONAL\",\n ipAddressVersion: \"IPV4\",\n addresses: [\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ],\n});\nconst testRegexPatternSet = new aws.wafv2.RegexPatternSet(\"test\", {\n name: \"test\",\n scope: \"REGIONAL\",\n regularExpressions: [{\n regexString: \"one\",\n }],\n});\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"complex-example\",\n description: \"An rule group containing all statements\",\n scope: \"REGIONAL\",\n capacity: 500,\n rules: [\n {\n name: \"rule-1\",\n priority: 1,\n action: {\n block: {},\n },\n statement: {\n notStatement: {\n statements: [{\n andStatement: {\n statements: [\n {\n geoMatchStatement: {\n countryCodes: [\"US\"],\n },\n },\n {\n byteMatchStatement: {\n positionalConstraint: \"CONTAINS\",\n searchString: \"word\",\n fieldToMatch: {\n allQueryArguments: {},\n },\n textTransformations: [\n {\n priority: 5,\n type: \"CMD_LINE\",\n },\n {\n priority: 2,\n type: \"LOWERCASE\",\n },\n ],\n },\n },\n ],\n },\n }],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-1\",\n sampledRequestsEnabled: false,\n },\n },\n {\n name: \"rule-2\",\n priority: 2,\n action: {\n count: {},\n },\n statement: {\n orStatement: {\n statements: [\n {\n regexMatchStatement: {\n regexString: \"a-z?\",\n fieldToMatch: {\n singleHeader: {\n name: \"user-agent\",\n },\n },\n textTransformations: [{\n priority: 6,\n type: \"NONE\",\n }],\n },\n },\n {\n sqliMatchStatement: {\n fieldToMatch: {\n body: {},\n },\n textTransformations: [\n {\n priority: 5,\n type: \"URL_DECODE\",\n },\n {\n priority: 4,\n type: \"HTML_ENTITY_DECODE\",\n },\n {\n priority: 3,\n type: \"COMPRESS_WHITE_SPACE\",\n },\n ],\n },\n },\n {\n xssMatchStatement: {\n fieldToMatch: {\n method: {},\n },\n textTransformations: [{\n priority: 2,\n type: \"NONE\",\n }],\n },\n },\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-2\",\n sampledRequestsEnabled: false,\n },\n captchaConfig: {\n immunityTimeProperty: {\n immunityTime: 240,\n },\n },\n },\n {\n name: \"rule-3\",\n priority: 3,\n action: {\n block: {},\n },\n statement: {\n sizeConstraintStatement: {\n comparisonOperator: \"GT\",\n size: 100,\n fieldToMatch: {\n singleQueryArgument: {\n name: \"username\",\n },\n },\n textTransformations: [{\n priority: 5,\n type: \"NONE\",\n }],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-3\",\n sampledRequestsEnabled: false,\n },\n },\n {\n name: \"rule-4\",\n priority: 4,\n action: {\n block: {},\n },\n statement: {\n orStatement: {\n statements: [\n {\n ipSetReferenceStatement: {\n arn: test.arn,\n },\n },\n {\n regexPatternSetReferenceStatement: {\n arn: testRegexPatternSet.arn,\n fieldToMatch: {\n singleHeader: {\n name: \"referer\",\n },\n },\n textTransformations: [{\n priority: 2,\n type: \"NONE\",\n }],\n },\n },\n ],\n },\n },\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"rule-4\",\n sampledRequestsEnabled: false,\n },\n },\n ],\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n captchaConfig: [{\n immunityTimeProperty: [{\n immunityTime: 120,\n }],\n }],\n tags: {\n Name: \"example-and-statement\",\n Code: \"123456\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.wafv2.IpSet(\"test\",\n name=\"test\",\n scope=\"REGIONAL\",\n ip_address_version=\"IPV4\",\n addresses=[\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n ])\ntest_regex_pattern_set = aws.wafv2.RegexPatternSet(\"test\",\n name=\"test\",\n scope=\"REGIONAL\",\n regular_expressions=[{\n \"regex_string\": \"one\",\n }])\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"complex-example\",\n description=\"An rule group containing all statements\",\n scope=\"REGIONAL\",\n capacity=500,\n rules=[\n {\n \"name\": \"rule-1\",\n \"priority\": 1,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"not_statement\": {\n \"statements\": [{\n \"and_statement\": {\n \"statements\": [\n {\n \"geo_match_statement\": {\n \"country_codes\": [\"US\"],\n },\n },\n {\n \"byte_match_statement\": {\n \"positional_constraint\": \"CONTAINS\",\n \"search_string\": \"word\",\n \"field_to_match\": {\n \"all_query_arguments\": {},\n },\n \"text_transformations\": [\n {\n \"priority\": 5,\n \"type\": \"CMD_LINE\",\n },\n {\n \"priority\": 2,\n \"type\": \"LOWERCASE\",\n },\n ],\n },\n },\n ],\n },\n }],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-1\",\n \"sampled_requests_enabled\": False,\n },\n },\n {\n \"name\": \"rule-2\",\n \"priority\": 2,\n \"action\": {\n \"count\": {},\n },\n \"statement\": {\n \"or_statement\": {\n \"statements\": [\n {\n \"regex_match_statement\": {\n \"regex_string\": \"a-z?\",\n \"field_to_match\": {\n \"single_header\": {\n \"name\": \"user-agent\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 6,\n \"type\": \"NONE\",\n }],\n },\n },\n {\n \"sqli_match_statement\": {\n \"field_to_match\": {\n \"body\": {},\n },\n \"text_transformations\": [\n {\n \"priority\": 5,\n \"type\": \"URL_DECODE\",\n },\n {\n \"priority\": 4,\n \"type\": \"HTML_ENTITY_DECODE\",\n },\n {\n \"priority\": 3,\n \"type\": \"COMPRESS_WHITE_SPACE\",\n },\n ],\n },\n },\n {\n \"xss_match_statement\": {\n \"field_to_match\": {\n \"method\": {},\n },\n \"text_transformations\": [{\n \"priority\": 2,\n \"type\": \"NONE\",\n }],\n },\n },\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-2\",\n \"sampled_requests_enabled\": False,\n },\n \"captcha_config\": {\n \"immunity_time_property\": {\n \"immunity_time\": 240,\n },\n },\n },\n {\n \"name\": \"rule-3\",\n \"priority\": 3,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"size_constraint_statement\": {\n \"comparison_operator\": \"GT\",\n \"size\": 100,\n \"field_to_match\": {\n \"single_query_argument\": {\n \"name\": \"username\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 5,\n \"type\": \"NONE\",\n }],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-3\",\n \"sampled_requests_enabled\": False,\n },\n },\n {\n \"name\": \"rule-4\",\n \"priority\": 4,\n \"action\": {\n \"block\": {},\n },\n \"statement\": {\n \"or_statement\": {\n \"statements\": [\n {\n \"ip_set_reference_statement\": {\n \"arn\": test.arn,\n },\n },\n {\n \"regex_pattern_set_reference_statement\": {\n \"arn\": test_regex_pattern_set.arn,\n \"field_to_match\": {\n \"single_header\": {\n \"name\": \"referer\",\n },\n },\n \"text_transformations\": [{\n \"priority\": 2,\n \"type\": \"NONE\",\n }],\n },\n },\n ],\n },\n },\n \"visibility_config\": {\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"rule-4\",\n \"sampled_requests_enabled\": False,\n },\n },\n ],\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n },\n captcha_config=[{\n \"immunityTimeProperty\": [{\n \"immunityTime\": 120,\n }],\n }],\n tags={\n \"Name\": \"example-and-statement\",\n \"Code\": \"123456\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.WafV2.IpSet(\"test\", new()\n {\n Name = \"test\",\n Scope = \"REGIONAL\",\n IpAddressVersion = \"IPV4\",\n Addresses = new[]\n {\n \"1.1.1.1/32\",\n \"2.2.2.2/32\",\n },\n });\n\n var testRegexPatternSet = new Aws.WafV2.RegexPatternSet(\"test\", new()\n {\n Name = \"test\",\n Scope = \"REGIONAL\",\n RegularExpressions = new[]\n {\n new Aws.WafV2.Inputs.RegexPatternSetRegularExpressionArgs\n {\n RegexString = \"one\",\n },\n },\n });\n\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"complex-example\",\n Description = \"An rule group containing all statements\",\n Scope = \"REGIONAL\",\n Capacity = 500,\n Rules = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-1\",\n Priority = 1,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n NotStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementNotStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n AndStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementAndStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n GeoMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementGeoMatchStatementArgs\n {\n CountryCodes = new[]\n {\n \"US\",\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n ByteMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementArgs\n {\n PositionalConstraint = \"CONTAINS\",\n SearchString = \"word\",\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs\n {\n AllQueryArguments = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"CMD_LINE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"LOWERCASE\",\n },\n },\n },\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-1\",\n SampledRequestsEnabled = false,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-2\",\n Priority = 2,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Count = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n OrStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementOrStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n RegexMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementArgs\n {\n RegexString = \"a-z?\",\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs\n {\n SingleHeader = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs\n {\n Name = \"user-agent\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs\n {\n Priority = 6,\n Type = \"NONE\",\n },\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n SqliMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementArgs\n {\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs\n {\n Body = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"URL_DECODE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 4,\n Type = \"HTML_ENTITY_DECODE\",\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs\n {\n Priority = 3,\n Type = \"COMPRESS_WHITE_SPACE\",\n },\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n XssMatchStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementArgs\n {\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs\n {\n Method = null,\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementXssMatchStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"NONE\",\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-2\",\n SampledRequestsEnabled = false,\n },\n CaptchaConfig = new Aws.WafV2.Inputs.RuleGroupRuleCaptchaConfigArgs\n {\n ImmunityTimeProperty = new Aws.WafV2.Inputs.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs\n {\n ImmunityTime = 240,\n },\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-3\",\n Priority = 3,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n SizeConstraintStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementArgs\n {\n ComparisonOperator = \"GT\",\n Size = 100,\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs\n {\n SingleQueryArgument = new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs\n {\n Name = \"username\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs\n {\n Priority = 5,\n Type = \"NONE\",\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-3\",\n SampledRequestsEnabled = false,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleArgs\n {\n Name = \"rule-4\",\n Priority = 4,\n Action = new Aws.WafV2.Inputs.RuleGroupRuleActionArgs\n {\n Block = null,\n },\n Statement = new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n OrStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementOrStatementArgs\n {\n Statements = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n IpSetReferenceStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementIpSetReferenceStatementArgs\n {\n Arn = test.Arn,\n },\n },\n new Aws.WafV2.Inputs.RuleGroupRuleStatementArgs\n {\n RegexPatternSetReferenceStatement = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs\n {\n Arn = testRegexPatternSet.Arn,\n FieldToMatch = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs\n {\n SingleHeader = new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs\n {\n Name = \"referer\",\n },\n },\n TextTransformations = new[]\n {\n new Aws.WafV2.Inputs.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs\n {\n Priority = 2,\n Type = \"NONE\",\n },\n },\n },\n },\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupRuleVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"rule-4\",\n SampledRequestsEnabled = false,\n },\n },\n },\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n CaptchaConfig = new[]\n {\n \n {\n { \"immunityTimeProperty\", new[]\n {\n \n {\n { \"immunityTime\", 120 },\n },\n } },\n },\n },\n Tags = \n {\n { \"Name\", \"example-and-statement\" },\n { \"Code\", \"123456\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := wafv2.NewIpSet(ctx, \"test\", \u0026wafv2.IpSetArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tIpAddressVersion: pulumi.String(\"IPV4\"),\n\t\t\tAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"1.1.1.1/32\"),\n\t\t\t\tpulumi.String(\"2.2.2.2/32\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRegexPatternSet, err := wafv2.NewRegexPatternSet(ctx, \"test\", \u0026wafv2.RegexPatternSetArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tRegularExpressions: wafv2.RegexPatternSetRegularExpressionArray{\n\t\t\t\t\u0026wafv2.RegexPatternSetRegularExpressionArgs{\n\t\t\t\t\tRegexString: pulumi.String(\"one\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"complex-example\"),\n\t\t\tDescription: pulumi.String(\"An rule group containing all statements\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(500),\n\t\t\tRules: wafv2.RuleGroupRuleArray{\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-1\"),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tNotStatement: \u0026wafv2.RuleGroupRuleStatementNotStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tAndStatement: \u0026wafv2.RuleGroupRuleStatementAndStatementArgs{\n\t\t\t\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tGeoMatchStatement: \u0026wafv2.RuleGroupRuleStatementGeoMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\tCountryCodes: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tByteMatchStatement: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\tPositionalConstraint: pulumi.String(\"CONTAINS\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\tSearchString: pulumi.String(\"word\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAllQueryArguments: \u0026wafv2.RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs{},\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"CMD_LINE\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementByteMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"LOWERCASE\"),\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-1\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-2\"),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tCount: \u0026wafv2.RuleGroupRuleActionCountArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tOrStatement: \u0026wafv2.RuleGroupRuleStatementOrStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tRegexMatchStatement: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tRegexString: pulumi.String(\"a-z?\"),\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tSingleHeader: \u0026wafv2.RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"user-agent\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementRegexMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(6),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tSqliMatchStatement: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tBody: \u0026wafv2.RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs{},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"URL_DECODE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(4),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"HTML_ENTITY_DECODE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"COMPRESS_WHITE_SPACE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tXssMatchStatement: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementArgs{\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tMethod: \u0026wafv2.RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs{},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementXssMatchStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementXssMatchStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-2\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t\tCaptchaConfig: \u0026wafv2.RuleGroupRuleCaptchaConfigArgs{\n\t\t\t\t\t\tImmunityTimeProperty: \u0026wafv2.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs{\n\t\t\t\t\t\t\tImmunityTime: pulumi.Int(240),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-3\"),\n\t\t\t\t\tPriority: pulumi.Int(3),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tSizeConstraintStatement: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementArgs{\n\t\t\t\t\t\t\tComparisonOperator: pulumi.String(\"GT\"),\n\t\t\t\t\t\t\tSize: pulumi.Int(100),\n\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\tSingleQueryArgument: \u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"username\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(5),\n\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-3\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026wafv2.RuleGroupRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"rule-4\"),\n\t\t\t\t\tPriority: pulumi.Int(4),\n\t\t\t\t\tAction: \u0026wafv2.RuleGroupRuleActionArgs{\n\t\t\t\t\t\tBlock: \u0026wafv2.RuleGroupRuleActionBlockArgs{},\n\t\t\t\t\t},\n\t\t\t\t\tStatement: \u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\tOrStatement: \u0026wafv2.RuleGroupRuleStatementOrStatementArgs{\n\t\t\t\t\t\t\tStatements: wafv2.RuleGroupRuleStatementArray{\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tIpSetReferenceStatement: \u0026wafv2.RuleGroupRuleStatementIpSetReferenceStatementArgs{\n\t\t\t\t\t\t\t\t\t\tArn: test.Arn,\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementArgs{\n\t\t\t\t\t\t\t\t\tRegexPatternSetReferenceStatement: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs{\n\t\t\t\t\t\t\t\t\t\tArn: testRegexPatternSet.Arn,\n\t\t\t\t\t\t\t\t\t\tFieldToMatch: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs{\n\t\t\t\t\t\t\t\t\t\t\tSingleHeader: \u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tName: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\tTextTransformations: wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArray{\n\t\t\t\t\t\t\t\t\t\t\t\u0026wafv2.RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs{\n\t\t\t\t\t\t\t\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\t\t\t\t\t\t\t\tType: pulumi.String(\"NONE\"),\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupRuleVisibilityConfigArgs{\n\t\t\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\t\t\tMetricName: pulumi.String(\"rule-4\"),\n\t\t\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tCaptchaConfig: []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"immunityTimeProperty\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"immunityTime\": 120,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-and-statement\"),\n\t\t\t\t\"Code\": pulumi.String(\"123456\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.IpSet;\nimport com.pulumi.aws.wafv2.IpSetArgs;\nimport com.pulumi.aws.wafv2.RegexPatternSet;\nimport com.pulumi.aws.wafv2.RegexPatternSetArgs;\nimport com.pulumi.aws.wafv2.inputs.RegexPatternSetRegularExpressionArgs;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionBlockArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementNotStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleVisibilityConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleActionCountArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementOrStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleCaptchaConfigArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new IpSet(\"test\", IpSetArgs.builder()\n .name(\"test\")\n .scope(\"REGIONAL\")\n .ipAddressVersion(\"IPV4\")\n .addresses( \n \"1.1.1.1/32\",\n \"2.2.2.2/32\")\n .build());\n\n var testRegexPatternSet = new RegexPatternSet(\"testRegexPatternSet\", RegexPatternSetArgs.builder()\n .name(\"test\")\n .scope(\"REGIONAL\")\n .regularExpressions(RegexPatternSetRegularExpressionArgs.builder()\n .regexString(\"one\")\n .build())\n .build());\n\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"complex-example\")\n .description(\"An rule group containing all statements\")\n .scope(\"REGIONAL\")\n .capacity(500)\n .rules( \n RuleGroupRuleArgs.builder()\n .name(\"rule-1\")\n .priority(1)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(RuleGroupRuleStatementArgs.builder()\n .notStatement(RuleGroupRuleStatementNotStatementArgs.builder()\n .statements(Map.of(\"andStatement\", Map.of(\"statements\", \n RuleGroupRuleStatementArgs.builder()\n .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()\n .countryCodes(\"US\")\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .byteMatchStatement(RuleGroupRuleStatementByteMatchStatementArgs.builder()\n .positionalConstraint(\"CONTAINS\")\n .searchString(\"word\")\n .fieldToMatch(RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs.builder()\n .allQueryArguments(RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs.builder()\n .build())\n .build())\n .textTransformations( \n RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"CMD_LINE\")\n .build(),\n RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"LOWERCASE\")\n .build())\n .build())\n .build())))\n .build())\n .build())\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-1\")\n .sampledRequestsEnabled(false)\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-2\")\n .priority(2)\n .action(RuleGroupRuleActionArgs.builder()\n .count(RuleGroupRuleActionCountArgs.builder()\n .build())\n .build())\n .statement(Map.of(\"orStatement\", RuleGroupRuleStatementOrStatementArgs.builder()\n .statements( \n RuleGroupRuleStatementArgs.builder()\n .regexMatchStatement(RuleGroupRuleStatementRegexMatchStatementArgs.builder()\n .regexString(\"a-z?\")\n .fieldToMatch(RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs.builder()\n .singleHeader(RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs.builder()\n .name(\"user-agent\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs.builder()\n .priority(6)\n .type(\"NONE\")\n .build())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .sqliMatchStatement(RuleGroupRuleStatementSqliMatchStatementArgs.builder()\n .fieldToMatch(RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs.builder()\n .body(RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs.builder()\n .build())\n .build())\n .textTransformations( \n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"URL_DECODE\")\n .build(),\n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(4)\n .type(\"HTML_ENTITY_DECODE\")\n .build(),\n RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()\n .priority(3)\n .type(\"COMPRESS_WHITE_SPACE\")\n .build())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .xssMatchStatement(RuleGroupRuleStatementXssMatchStatementArgs.builder()\n .fieldToMatch(RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs.builder()\n .method(RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs.builder()\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementXssMatchStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"NONE\")\n .build())\n .build())\n .build())\n .build()))\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-2\")\n .sampledRequestsEnabled(false)\n .build())\n .captchaConfig(RuleGroupRuleCaptchaConfigArgs.builder()\n .immunityTimeProperty(RuleGroupRuleCaptchaConfigImmunityTimePropertyArgs.builder()\n .immunityTime(240)\n .build())\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-3\")\n .priority(3)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(RuleGroupRuleStatementArgs.builder()\n .sizeConstraintStatement(RuleGroupRuleStatementSizeConstraintStatementArgs.builder()\n .comparisonOperator(\"GT\")\n .size(100)\n .fieldToMatch(RuleGroupRuleStatementSizeConstraintStatementFieldToMatchArgs.builder()\n .singleQueryArgument(RuleGroupRuleStatementSizeConstraintStatementFieldToMatchSingleQueryArgumentArgs.builder()\n .name(\"username\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementSizeConstraintStatementTextTransformationArgs.builder()\n .priority(5)\n .type(\"NONE\")\n .build())\n .build())\n .build())\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-3\")\n .sampledRequestsEnabled(false)\n .build())\n .build(),\n RuleGroupRuleArgs.builder()\n .name(\"rule-4\")\n .priority(4)\n .action(RuleGroupRuleActionArgs.builder()\n .block(RuleGroupRuleActionBlockArgs.builder()\n .build())\n .build())\n .statement(Map.of(\"orStatement\", Map.of(\"statements\", \n RuleGroupRuleStatementArgs.builder()\n .ipSetReferenceStatement(RuleGroupRuleStatementIpSetReferenceStatementArgs.builder()\n .arn(test.arn())\n .build())\n .build(),\n RuleGroupRuleStatementArgs.builder()\n .regexPatternSetReferenceStatement(RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs.builder()\n .arn(testRegexPatternSet.arn())\n .fieldToMatch(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs.builder()\n .singleHeader(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs.builder()\n .name(\"referer\")\n .build())\n .build())\n .textTransformations(RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs.builder()\n .priority(2)\n .type(\"NONE\")\n .build())\n .build())\n .build())))\n .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"rule-4\")\n .sampledRequestsEnabled(false)\n .build())\n .build())\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .captchaConfig(List.of(Map.of(\"immunityTimeProperty\", List.of(Map.of(\"immunityTime\", 120)))))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"example-and-statement\"),\n Map.entry(\"Code\", \"123456\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:wafv2:IpSet\n properties:\n name: test\n scope: REGIONAL\n ipAddressVersion: IPV4\n addresses:\n - 1.1.1.1/32\n - 2.2.2.2/32\n testRegexPatternSet:\n type: aws:wafv2:RegexPatternSet\n name: test\n properties:\n name: test\n scope: REGIONAL\n regularExpressions:\n - regexString: one\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: complex-example\n description: An rule group containing all statements\n scope: REGIONAL\n capacity: 500\n rules:\n - name: rule-1\n priority: 1\n action:\n block: {}\n statement:\n notStatement:\n statements:\n - andStatement:\n statements:\n - geoMatchStatement:\n countryCodes:\n - US\n - byteMatchStatement:\n positionalConstraint: CONTAINS\n searchString: word\n fieldToMatch:\n allQueryArguments: {}\n textTransformations:\n - priority: 5\n type: CMD_LINE\n - priority: 2\n type: LOWERCASE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-1\n sampledRequestsEnabled: false\n - name: rule-2\n priority: 2\n action:\n count: {}\n statement:\n orStatement:\n statements:\n - regexMatchStatement:\n regexString: a-z?\n fieldToMatch:\n singleHeader:\n name: user-agent\n textTransformations:\n - priority: 6\n type: NONE\n - sqliMatchStatement:\n fieldToMatch:\n body: {}\n textTransformations:\n - priority: 5\n type: URL_DECODE\n - priority: 4\n type: HTML_ENTITY_DECODE\n - priority: 3\n type: COMPRESS_WHITE_SPACE\n - xssMatchStatement:\n fieldToMatch:\n method: {}\n textTransformations:\n - priority: 2\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-2\n sampledRequestsEnabled: false\n captchaConfig:\n immunityTimeProperty:\n immunityTime: 240\n - name: rule-3\n priority: 3\n action:\n block: {}\n statement:\n sizeConstraintStatement:\n comparisonOperator: GT\n size: 100\n fieldToMatch:\n singleQueryArgument:\n name: username\n textTransformations:\n - priority: 5\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-3\n sampledRequestsEnabled: false\n - name: rule-4\n priority: 4\n action:\n block: {}\n statement:\n orStatement:\n statements:\n - ipSetReferenceStatement:\n arn: ${test.arn}\n - regexPatternSetReferenceStatement:\n arn: ${testRegexPatternSet.arn}\n fieldToMatch:\n singleHeader:\n name: referer\n textTransformations:\n - priority: 2\n type: NONE\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: rule-4\n sampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n captchaConfig:\n - immunityTimeProperty:\n - immunityTime: 120\n tags:\n Name: example-and-statement\n Code: '123456'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using\u003cspan pulumi-lang-nodejs=\" rulesJson\n\" pulumi-lang-dotnet=\" RulesJson\n\" pulumi-lang-go=\" rulesJson\n\" pulumi-lang-python=\" rules_json\n\" pulumi-lang-yaml=\" rulesJson\n\" pulumi-lang-java=\" rulesJson\n\"\u003e rules_json\n\u003c/span\u003e\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.wafv2.RuleGroup(\"example\", {\n name: \"example-rule-group\",\n scope: \"REGIONAL\",\n capacity: 100,\n rulesJson: JSON.stringify([{\n Name: \"rule-1\",\n Priority: 1,\n Action: {\n Count: {},\n },\n Statement: {\n ByteMatchStatement: {\n SearchString: \"badbot\",\n FieldToMatch: {\n UriPath: {},\n },\n TextTransformations: [{\n Priority: 1,\n Type: \"NONE\",\n }],\n PositionalConstraint: \"CONTAINS\",\n },\n },\n VisibilityConfig: {\n CloudwatchMetricsEnabled: false,\n MetricName: \"friendly-rule-metric-name\",\n SampledRequestsEnabled: false,\n },\n }]),\n visibilityConfig: {\n cloudwatchMetricsEnabled: false,\n metricName: \"friendly-metric-name\",\n sampledRequestsEnabled: false,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.wafv2.RuleGroup(\"example\",\n name=\"example-rule-group\",\n scope=\"REGIONAL\",\n capacity=100,\n rules_json=json.dumps([{\n \"Name\": \"rule-1\",\n \"Priority\": 1,\n \"Action\": {\n \"Count\": {},\n },\n \"Statement\": {\n \"ByteMatchStatement\": {\n \"SearchString\": \"badbot\",\n \"FieldToMatch\": {\n \"UriPath\": {},\n },\n \"TextTransformations\": [{\n \"Priority\": 1,\n \"Type\": \"NONE\",\n }],\n \"PositionalConstraint\": \"CONTAINS\",\n },\n },\n \"VisibilityConfig\": {\n \"CloudwatchMetricsEnabled\": False,\n \"MetricName\": \"friendly-rule-metric-name\",\n \"SampledRequestsEnabled\": False,\n },\n }]),\n visibility_config={\n \"cloudwatch_metrics_enabled\": False,\n \"metric_name\": \"friendly-metric-name\",\n \"sampled_requests_enabled\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.WafV2.RuleGroup(\"example\", new()\n {\n Name = \"example-rule-group\",\n Scope = \"REGIONAL\",\n Capacity = 100,\n RulesJson = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"rule-1\",\n [\"Priority\"] = 1,\n [\"Action\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Count\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n [\"Statement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ByteMatchStatement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"SearchString\"] = \"badbot\",\n [\"FieldToMatch\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"UriPath\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n [\"TextTransformations\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Priority\"] = 1,\n [\"Type\"] = \"NONE\",\n },\n },\n [\"PositionalConstraint\"] = \"CONTAINS\",\n },\n },\n [\"VisibilityConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CloudwatchMetricsEnabled\"] = false,\n [\"MetricName\"] = \"friendly-rule-metric-name\",\n [\"SampledRequestsEnabled\"] = false,\n },\n },\n }),\n VisibilityConfig = new Aws.WafV2.Inputs.RuleGroupVisibilityConfigArgs\n {\n CloudwatchMetricsEnabled = false,\n MetricName = \"friendly-metric-name\",\n SampledRequestsEnabled = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/wafv2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Name\": \"rule-1\",\n\t\t\t\t\"Priority\": 1,\n\t\t\t\t\"Action\": map[string]interface{}{\n\t\t\t\t\t\"Count\": map[string]interface{}{},\n\t\t\t\t},\n\t\t\t\t\"Statement\": map[string]interface{}{\n\t\t\t\t\t\"ByteMatchStatement\": map[string]interface{}{\n\t\t\t\t\t\t\"SearchString\": \"badbot\",\n\t\t\t\t\t\t\"FieldToMatch\": map[string]interface{}{\n\t\t\t\t\t\t\t\"UriPath\": map[string]interface{}{},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"TextTransformations\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Priority\": 1,\n\t\t\t\t\t\t\t\t\"Type\": \"NONE\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"PositionalConstraint\": \"CONTAINS\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"VisibilityConfig\": map[string]interface{}{\n\t\t\t\t\t\"CloudwatchMetricsEnabled\": false,\n\t\t\t\t\t\"MetricName\": \"friendly-rule-metric-name\",\n\t\t\t\t\t\"SampledRequestsEnabled\": false,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = wafv2.NewRuleGroup(ctx, \"example\", \u0026wafv2.RuleGroupArgs{\n\t\t\tName: pulumi.String(\"example-rule-group\"),\n\t\t\tScope: pulumi.String(\"REGIONAL\"),\n\t\t\tCapacity: pulumi.Int(100),\n\t\t\tRulesJson: pulumi.String(json0),\n\t\t\tVisibilityConfig: \u0026wafv2.RuleGroupVisibilityConfigArgs{\n\t\t\t\tCloudwatchMetricsEnabled: pulumi.Bool(false),\n\t\t\t\tMetricName: pulumi.String(\"friendly-metric-name\"),\n\t\t\t\tSampledRequestsEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafv2.RuleGroup;\nimport com.pulumi.aws.wafv2.RuleGroupArgs;\nimport com.pulumi.aws.wafv2.inputs.RuleGroupVisibilityConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RuleGroup(\"example\", RuleGroupArgs.builder()\n .name(\"example-rule-group\")\n .scope(\"REGIONAL\")\n .capacity(100)\n .rulesJson(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Name\", \"rule-1\"),\n jsonProperty(\"Priority\", 1),\n jsonProperty(\"Action\", jsonObject(\n jsonProperty(\"Count\", jsonObject(\n\n ))\n )),\n jsonProperty(\"Statement\", jsonObject(\n jsonProperty(\"ByteMatchStatement\", jsonObject(\n jsonProperty(\"SearchString\", \"badbot\"),\n jsonProperty(\"FieldToMatch\", jsonObject(\n jsonProperty(\"UriPath\", jsonObject(\n\n ))\n )),\n jsonProperty(\"TextTransformations\", jsonArray(jsonObject(\n jsonProperty(\"Priority\", 1),\n jsonProperty(\"Type\", \"NONE\")\n ))),\n jsonProperty(\"PositionalConstraint\", \"CONTAINS\")\n ))\n )),\n jsonProperty(\"VisibilityConfig\", jsonObject(\n jsonProperty(\"CloudwatchMetricsEnabled\", false),\n jsonProperty(\"MetricName\", \"friendly-rule-metric-name\"),\n jsonProperty(\"SampledRequestsEnabled\", false)\n ))\n ))))\n .visibilityConfig(RuleGroupVisibilityConfigArgs.builder()\n .cloudwatchMetricsEnabled(false)\n .metricName(\"friendly-metric-name\")\n .sampledRequestsEnabled(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:wafv2:RuleGroup\n properties:\n name: example-rule-group\n scope: REGIONAL\n capacity: 100\n rulesJson:\n fn::toJSON:\n - Name: rule-1\n Priority: 1\n Action:\n Count: {}\n Statement:\n ByteMatchStatement:\n SearchString: badbot\n FieldToMatch:\n UriPath: {}\n TextTransformations:\n - Priority: 1\n Type: NONE\n PositionalConstraint: CONTAINS\n VisibilityConfig:\n CloudwatchMetricsEnabled: false\n MetricName: friendly-rule-metric-name\n SampledRequestsEnabled: false\n visibilityConfig:\n cloudwatchMetricsEnabled: false\n metricName: friendly-metric-name\n sampledRequestsEnabled: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAFv2 Rule Group using `ID/name/scope`. For example:\n\n```sh\n$ pulumi import aws:wafv2/ruleGroup:RuleGroup example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL\n```\n", "properties": { "arn": { "type": "string", @@ -479839,32 +481095,32 @@ } }, "aws:route53/getZone:getZone": { - "description": "\u003cspan pulumi-lang-nodejs=\"`aws.route53.Zone`\" pulumi-lang-dotnet=\"`aws.route53.Zone`\" pulumi-lang-go=\"`route53.Zone`\" pulumi-lang-python=\"`route53.Zone`\" pulumi-lang-yaml=\"`aws.route53.Zone`\" pulumi-lang-java=\"`aws.route53.Zone`\"\u003e`aws.route53.Zone`\u003c/span\u003e provides details about a specific Route 53 Hosted Zone.\n\nThis data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.\n\n## Example Usage\n\nThe following example shows how to get a Hosted Zone from its name and from this data how to create a Record Set.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.route53.getZone({\n name: \"test.com.\",\n privateZone: true,\n});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: selected.then(selected =\u003e selected.zoneId),\n name: selected.then(selected =\u003e `www.${selected.name}`),\n type: aws.route53.RecordType.A,\n ttl: 300,\n records: [\"10.0.0.1\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.route53.get_zone(name=\"test.com.\",\n private_zone=True)\nwww = aws.route53.Record(\"www\",\n zone_id=selected.zone_id,\n name=f\"www.{selected.name}\",\n type=aws.route53.RecordType.A,\n ttl=300,\n records=[\"10.0.0.1\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"test.com.\",\n PrivateZone = true,\n });\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = selected.Apply(getZoneResult =\u003e getZoneResult.ZoneId),\n Name = $\"www.{selected.Apply(getZoneResult =\u003e getZoneResult.Name)}\",\n Type = Aws.Route53.RecordType.A,\n Ttl = 300,\n Records = new[]\n {\n \"10.0.0.1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: pulumi.StringRef(\"test.com.\"),\n\t\t\tPrivateZone: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.String(selected.ZoneId),\n\t\t\tName: pulumi.Sprintf(\"www.%v\", selected.Name),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Route53Functions.getZone(GetZoneArgs.builder()\n .name(\"test.com.\")\n .privateZone(true)\n .build());\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(selected.zoneId())\n .name(String.format(\"www.%s\", selected.name()))\n .type(\"A\")\n .ttl(300)\n .records(\"10.0.0.1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${selected.zoneId}\n name: www.${selected.name}\n type: A\n ttl: '300'\n records:\n - 10.0.0.1\nvariables:\n selected:\n fn::invoke:\n function: aws:route53:getZone\n arguments:\n name: test.com.\n privateZone: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "\u003cspan pulumi-lang-nodejs=\"`aws.route53.Zone`\" pulumi-lang-dotnet=\"`aws.route53.Zone`\" pulumi-lang-go=\"`route53.Zone`\" pulumi-lang-python=\"`route53.Zone`\" pulumi-lang-yaml=\"`aws.route53.Zone`\" pulumi-lang-java=\"`aws.route53.Zone`\"\u003e`aws.route53.Zone`\u003c/span\u003e provides details about a specific Route 53 Hosted Zone.\n\nThis data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.\n\n## Example Usage\n\nThe following example shows how to get a Hosted Zone from its name and from this data how to create a Record Set.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst selected = aws.route53.getZone({\n name: \"test.com.\",\n privateZone: true,\n});\nconst www = new aws.route53.Record(\"www\", {\n zoneId: selected.then(selected =\u003e selected.zoneId),\n name: selected.then(selected =\u003e `www.${selected.name}`),\n type: aws.route53.RecordType.A,\n ttl: 300,\n records: [\"10.0.0.1\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nselected = aws.route53.get_zone(name=\"test.com.\",\n private_zone=True)\nwww = aws.route53.Record(\"www\",\n zone_id=selected.zone_id,\n name=f\"www.{selected.name}\",\n type=aws.route53.RecordType.A,\n ttl=300,\n records=[\"10.0.0.1\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var selected = Aws.Route53.GetZone.Invoke(new()\n {\n Name = \"test.com.\",\n PrivateZone = true,\n });\n\n var www = new Aws.Route53.Record(\"www\", new()\n {\n ZoneId = selected.Apply(getZoneResult =\u003e getZoneResult.ZoneId),\n Name = $\"www.{selected.Apply(getZoneResult =\u003e getZoneResult.Name)}\",\n Type = Aws.Route53.RecordType.A,\n Ttl = 300,\n Records = new[]\n {\n \"10.0.0.1\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tselected, err := route53.LookupZone(ctx, \u0026route53.LookupZoneArgs{\n\t\t\tName: pulumi.StringRef(\"test.com.\"),\n\t\t\tPrivateZone: pulumi.BoolRef(true),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"www\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.String(selected.ZoneId),\n\t\t\tName: pulumi.Sprintf(\"www.%v\", selected.Name),\n\t\t\tType: pulumi.String(route53.RecordTypeA),\n\t\t\tTtl: pulumi.Int(300),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Route53Functions;\nimport com.pulumi.aws.route53.inputs.GetZoneArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var selected = Route53Functions.getZone(GetZoneArgs.builder()\n .name(\"test.com.\")\n .privateZone(true)\n .build());\n\n var www = new Record(\"www\", RecordArgs.builder()\n .zoneId(selected.zoneId())\n .name(String.format(\"www.%s\", selected.name()))\n .type(\"A\")\n .ttl(300)\n .records(\"10.0.0.1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n www:\n type: aws:route53:Record\n properties:\n zoneId: ${selected.zoneId}\n name: www.${selected.name}\n type: A\n ttl: '300'\n records:\n - 10.0.0.1\nvariables:\n selected:\n fn::invoke:\n function: aws:route53:getZone\n arguments:\n name: test.com.\n privateZone: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nThe following example shows how to get a Hosted Zone from a unique combination of its tags:\n\n", "inputs": { "description": "A collection of arguments for invoking getZone.\n", "properties": { "name": { "type": "string", - "description": "Hosted Zone name of the desired Hosted Zone.\n" + "description": "Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only \u003cspan pulumi-lang-nodejs=\"`privateZone`\" pulumi-lang-dotnet=\"`PrivateZone`\" pulumi-lang-go=\"`privateZone`\" pulumi-lang-python=\"`private_zone`\" pulumi-lang-yaml=\"`privateZone`\" pulumi-lang-java=\"`privateZone`\"\u003e`private_zone`\u003c/span\u003e, \u003cspan pulumi-lang-nodejs=\"`vpcId`\" pulumi-lang-dotnet=\"`VpcId`\" pulumi-lang-go=\"`vpcId`\" pulumi-lang-python=\"`vpc_id`\" pulumi-lang-yaml=\"`vpcId`\" pulumi-lang-java=\"`vpcId`\"\u003e`vpc_id`\u003c/span\u003e and \u003cspan pulumi-lang-nodejs=\"`tags`\" pulumi-lang-dotnet=\"`Tags`\" pulumi-lang-go=\"`tags`\" pulumi-lang-python=\"`tags`\" pulumi-lang-yaml=\"`tags`\" pulumi-lang-java=\"`tags`\"\u003e`tags`\u003c/span\u003e.\n" }, "privateZone": { "type": "boolean", - "description": "Used with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e field to get a private Hosted Zone.\n" + "description": "Filter to only private Hosted Zones.\n" }, "tags": { "type": "object", "additionalProperties": { "type": "string" }, - "description": "Used with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.\n\nThe arguments of this data source act as filters for querying the available\nHosted Zone. You have to use \u003cspan pulumi-lang-nodejs=\"`zoneId`\" pulumi-lang-dotnet=\"`ZoneId`\" pulumi-lang-go=\"`zoneId`\" pulumi-lang-python=\"`zone_id`\" pulumi-lang-yaml=\"`zoneId`\" pulumi-lang-java=\"`zoneId`\"\u003e`zone_id`\u003c/span\u003e or \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e, not both of them. The given filter must match exactly one\nHosted Zone. If you use \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e field for private Hosted Zone, you need to add \u003cspan pulumi-lang-nodejs=\"`privateZone`\" pulumi-lang-dotnet=\"`PrivateZone`\" pulumi-lang-go=\"`privateZone`\" pulumi-lang-python=\"`private_zone`\" pulumi-lang-yaml=\"`privateZone`\" pulumi-lang-java=\"`privateZone`\"\u003e`private_zone`\u003c/span\u003e field to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n" + "description": "A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.\n\nThe arguments of this data source act as filters for querying the available Hosted Zone.\n\n- The given filter must match exactly one Hosted Zone.\n" }, "vpcId": { "type": "string", - "description": "Used with \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e field to get a private Hosted Zone associated with the\u003cspan pulumi-lang-nodejs=\" vpcId \" pulumi-lang-dotnet=\" VpcId \" pulumi-lang-go=\" vpcId \" pulumi-lang-python=\" vpc_id \" pulumi-lang-yaml=\" vpcId \" pulumi-lang-java=\" vpcId \"\u003e vpc_id \u003c/span\u003e(in this case,\u003cspan pulumi-lang-nodejs=\" privateZone \" pulumi-lang-dotnet=\" PrivateZone \" pulumi-lang-go=\" privateZone \" pulumi-lang-python=\" private_zone \" pulumi-lang-yaml=\" privateZone \" pulumi-lang-java=\" privateZone \"\u003e private_zone \u003c/span\u003eis not mandatory).\n" + "description": "Filter to private Hosted Zones associated with the specified \u003cspan pulumi-lang-nodejs=\"`vpcId`\" pulumi-lang-dotnet=\"`VpcId`\" pulumi-lang-go=\"`vpcId`\" pulumi-lang-python=\"`vpc_id`\" pulumi-lang-yaml=\"`vpcId`\" pulumi-lang-java=\"`vpcId`\"\u003e`vpc_id`\u003c/span\u003e.\n" }, "zoneId": { "type": "string", - "description": "Hosted Zone id of the desired Hosted Zone.\n" + "description": "and \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e are mutually exclusive.\n- If you use the \u003cspan pulumi-lang-nodejs=\"`name`\" pulumi-lang-dotnet=\"`Name`\" pulumi-lang-go=\"`name`\" pulumi-lang-python=\"`name`\" pulumi-lang-yaml=\"`name`\" pulumi-lang-java=\"`name`\"\u003e`name`\u003c/span\u003e argument for a private Hosted Zone, you need to set the \u003cspan pulumi-lang-nodejs=\"`privateZone`\" pulumi-lang-dotnet=\"`PrivateZone`\" pulumi-lang-go=\"`privateZone`\" pulumi-lang-python=\"`private_zone`\" pulumi-lang-yaml=\"`privateZone`\" pulumi-lang-java=\"`privateZone`\"\u003e`private_zone`\u003c/span\u003e argument to \u003cspan pulumi-lang-nodejs=\"`true`\" pulumi-lang-dotnet=\"`True`\" pulumi-lang-go=\"`true`\" pulumi-lang-python=\"`true`\" pulumi-lang-yaml=\"`true`\" pulumi-lang-java=\"`true`\"\u003e`true`\u003c/span\u003e.\n" } }, "type": "object" @@ -479945,7 +481201,6 @@ "primaryNameServer", "resourceRecordSetCount", "tags", - "vpcId", "zoneId", "id" ], diff --git a/provider/go.mod b/provider/go.mod index 58a8063b060..4583f0b53ec 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -8,9 +8,9 @@ go 1.24.10 // godebug tlskyber=0 require ( - github.com/aws/aws-sdk-go-v2/config v1.31.20 + github.com/aws/aws-sdk-go-v2/config v1.31.21 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 - github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0 + github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0 github.com/golang/protobuf v1.5.4 github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.68 github.com/hashicorp/terraform-plugin-sdk/v2 v2.38.1 @@ -61,8 +61,8 @@ require ( github.com/aws/aws-sdk-go v1.55.6 // indirect github.com/aws/aws-sdk-go-v2 v1.39.6 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.18.24 // indirect - github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.18.25 // indirect + github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect @@ -73,8 +73,8 @@ require ( github.com/aws/aws-sdk-go-v2/service/acmpca v1.46.2 // indirect github.com/aws/aws-sdk-go-v2/service/amp v1.42.0 // indirect github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5 // indirect - github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3 // indirect - github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13 // indirect + github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0 // indirect + github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0 // indirect github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3 // indirect github.com/aws/aws-sdk-go-v2/service/appfabric v1.16.12 // indirect github.com/aws/aws-sdk-go-v2/service/appflow v1.51.3 // indirect @@ -84,20 +84,20 @@ require ( github.com/aws/aws-sdk-go-v2/service/applicationsignals v1.17.4 // indirect github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3 // indirect github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5 // indirect - github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2 // indirect + github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1 // indirect github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3 // indirect github.com/aws/aws-sdk-go-v2/service/arcregionswitch v1.2.14 // indirect github.com/aws/aws-sdk-go-v2/service/athena v1.55.12 // indirect github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3 // indirect - github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5 // indirect + github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0 // indirect github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5 // indirect - github.com/aws/aws-sdk-go-v2/service/backup v1.51.2 // indirect + github.com/aws/aws-sdk-go-v2/service/backup v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/batch v1.58.6 // indirect github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5 // indirect - github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6 // indirect + github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1 // indirect github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3 // indirect github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3 // indirect - github.com/aws/aws-sdk-go-v2/service/billing v1.8.6 // indirect + github.com/aws/aws-sdk-go-v2/service/billing v1.9.0 // indirect github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3 // indirect github.com/aws/aws-sdk-go-v2/service/chatbot v1.14.12 // indirect github.com/aws/aws-sdk-go-v2/service/chime v1.41.3 // indirect @@ -106,14 +106,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/cleanrooms v1.37.3 // indirect github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11 // indirect github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0 // indirect github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2 // indirect github.com/aws/aws-sdk-go-v2/service/cloudfrontkeyvaluestore v1.12.14 // indirect github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11 // indirect github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3 // indirect - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9 // indirect + github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12 // indirect github.com/aws/aws-sdk-go-v2/service/codebuild v1.68.4 // indirect github.com/aws/aws-sdk-go-v2/service/codecatalyst v1.21.3 // indirect @@ -130,22 +130,22 @@ require ( github.com/aws/aws-sdk-go-v2/service/comprehend v1.40.12 // indirect github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3 // indirect github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4 // indirect - github.com/aws/aws-sdk-go-v2/service/connect v1.145.0 // indirect + github.com/aws/aws-sdk-go-v2/service/connect v1.146.0 // indirect github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3 // indirect github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2 // indirect github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4 // indirect - github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4 // indirect - github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12 // indirect + github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0 // indirect + github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0 // indirect github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5 // indirect - github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0 // indirect + github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5 // indirect github.com/aws/aws-sdk-go-v2/service/dataexchange v1.40.5 // indirect github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11 // indirect github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6 // indirect - github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2 // indirect + github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0 // indirect github.com/aws/aws-sdk-go-v2/service/dax v1.29.7 // indirect github.com/aws/aws-sdk-go-v2/service/detective v1.38.4 // indirect - github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5 // indirect + github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0 // indirect github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3 // indirect github.com/aws/aws-sdk-go-v2/service/directconnect v1.38.5 // indirect github.com/aws/aws-sdk-go-v2/service/directoryservice v1.38.6 // indirect @@ -154,11 +154,11 @@ require ( github.com/aws/aws-sdk-go-v2/service/docdbelastic v1.20.4 // indirect github.com/aws/aws-sdk-go-v2/service/drs v1.36.4 // indirect github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2 // indirect - github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6 // indirect - github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0 // indirect - github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4 // indirect + github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0 // indirect + github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0 // indirect github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4 // indirect - github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4 // indirect + github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0 // indirect github.com/aws/aws-sdk-go-v2/service/efs v1.41.4 // indirect github.com/aws/aws-sdk-go-v2/service/eks v1.74.9 // indirect github.com/aws/aws-sdk-go-v2/service/elasticache v1.51.3 // indirect @@ -166,7 +166,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13 // indirect github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13 // indirect github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12 // indirect - github.com/aws/aws-sdk-go-v2/service/emr v1.55.6 // indirect + github.com/aws/aws-sdk-go-v2/service/emr v1.56.0 // indirect github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8 // indirect github.com/aws/aws-sdk-go-v2/service/emrserverless v1.37.3 // indirect github.com/aws/aws-sdk-go-v2/service/eventbridge v1.45.12 // indirect @@ -176,32 +176,32 @@ require ( github.com/aws/aws-sdk-go-v2/service/firehose v1.42.3 // indirect github.com/aws/aws-sdk-go-v2/service/fis v1.37.11 // indirect github.com/aws/aws-sdk-go-v2/service/fms v1.44.12 // indirect - github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2 // indirect + github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0 // indirect github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2 // indirect github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12 // indirect github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5 // indirect - github.com/aws/aws-sdk-go-v2/service/glue v1.132.3 // indirect + github.com/aws/aws-sdk-go-v2/service/glue v1.133.0 // indirect github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5 // indirect github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12 // indirect github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2 // indirect - github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2 // indirect + github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0 // indirect github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4 // indirect - github.com/aws/aws-sdk-go-v2/service/iam v1.50.2 // indirect + github.com/aws/aws-sdk-go-v2/service/iam v1.52.0 // indirect github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2 // indirect - github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6 // indirect + github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0 // indirect github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11 // indirect - github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12 // indirect + github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 // indirect github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.4 // indirect github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.11.13 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 // indirect github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13 // indirect github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4 // indirect - github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2 // indirect + github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0 // indirect github.com/aws/aws-sdk-go-v2/service/iot v1.69.11 // indirect github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5 // indirect github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11 // indirect - github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2 // indirect + github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0 // indirect github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12 // indirect github.com/aws/aws-sdk-go-v2/service/kendra v1.60.12 // indirect github.com/aws/aws-sdk-go-v2/service/keyspaces v1.24.5 // indirect @@ -211,21 +211,21 @@ require ( github.com/aws/aws-sdk-go-v2/service/kinesisvideo v1.32.11 // indirect github.com/aws/aws-sdk-go-v2/service/kms v1.48.2 // indirect github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11 // indirect - github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3 // indirect + github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0 // indirect github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12 // indirect github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5 // indirect - github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12 // indirect + github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0 // indirect github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12 // indirect github.com/aws/aws-sdk-go-v2/service/lightsail v1.50.6 // indirect github.com/aws/aws-sdk-go-v2/service/location v1.50.4 // indirect github.com/aws/aws-sdk-go-v2/service/lookoutmetrics v1.37.2 // indirect github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5 // indirect github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4 // indirect - github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6 // indirect - github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3 // indirect - github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5 // indirect + github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0 // indirect + github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0 // indirect + github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0 // indirect github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12 // indirect - github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5 // indirect + github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0 // indirect github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/mediastore v1.29.12 // indirect github.com/aws/aws-sdk-go-v2/service/memorydb v1.33.5 // indirect @@ -234,8 +234,8 @@ require ( github.com/aws/aws-sdk-go-v2/service/mwaa v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3 // indirect github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11 // indirect - github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7 // indirect - github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5 // indirect + github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0 // indirect + github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0 // indirect github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5 // indirect github.com/aws/aws-sdk-go-v2/service/networkmonitor v1.13.4 // indirect github.com/aws/aws-sdk-go-v2/service/notifications v1.7.10 // indirect @@ -243,14 +243,14 @@ require ( github.com/aws/aws-sdk-go-v2/service/oam v1.23.5 // indirect github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6 // indirect github.com/aws/aws-sdk-go-v2/service/odb v1.5.6 // indirect - github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2 // indirect + github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0 // indirect github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4 // indirect github.com/aws/aws-sdk-go-v2/service/organizations v1.46.4 // indirect github.com/aws/aws-sdk-go-v2/service/osis v1.21.5 // indirect github.com/aws/aws-sdk-go-v2/service/outposts v1.57.6 // indirect github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3 // indirect github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12 // indirect - github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6 // indirect + github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0 // indirect github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/pinpointsmsvoicev2 v1.26.2 // indirect github.com/aws/aws-sdk-go-v2/service/pipes v1.23.11 // indirect @@ -261,7 +261,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/quicksight v1.96.2 // indirect github.com/aws/aws-sdk-go-v2/service/ram v1.34.13 // indirect github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13 // indirect - github.com/aws/aws-sdk-go-v2/service/rds v1.108.9 // indirect + github.com/aws/aws-sdk-go-v2/service/rds v1.109.0 // indirect github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/redshiftdata v1.37.12 // indirect github.com/aws/aws-sdk-go-v2/service/redshiftserverless v1.31.15 // indirect @@ -269,24 +269,24 @@ require ( github.com/aws/aws-sdk-go-v2/service/resiliencehub v1.35.4 // indirect github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6 // indirect github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14 // indirect - github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13 // indirect + github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0 // indirect github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12 // indirect - github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5 // indirect + github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0 // indirect github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10 // indirect github.com/aws/aws-sdk-go-v2/service/route53profiles v1.9.12 // indirect github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5 // indirect github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12 // indirect - github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12 // indirect - github.com/aws/aws-sdk-go-v2/service/rum v1.29.4 // indirect - github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 // indirect + github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0 // indirect + github.com/aws/aws-sdk-go-v2/service/rum v1.30.0 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0 // indirect github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9 // indirect github.com/aws/aws-sdk-go-v2/service/s3outposts v1.34.3 // indirect github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0 // indirect github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2 // indirect - github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0 // indirect + github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0 // indirect github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12 // indirect github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3 // indirect - github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13 // indirect + github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0 // indirect github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4 // indirect github.com/aws/aws-sdk-go-v2/service/securitylake v1.25.4 // indirect github.com/aws/aws-sdk-go-v2/service/serverlessapplicationrepository v1.30.3 // indirect @@ -296,7 +296,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/servicequotas v1.33.7 // indirect github.com/aws/aws-sdk-go-v2/service/ses v1.34.11 // indirect github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4 // indirect - github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13 // indirect + github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0 // indirect github.com/aws/aws-sdk-go-v2/service/shield v1.34.12 // indirect github.com/aws/aws-sdk-go-v2/service/signer v1.31.12 // indirect github.com/aws/aws-sdk-go-v2/service/sns v1.39.5 // indirect @@ -310,7 +310,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ssoadmin v1.36.8 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 // indirect github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.41.0 // indirect github.com/aws/aws-sdk-go-v2/service/swf v1.33.6 // indirect github.com/aws/aws-sdk-go-v2/service/synthetics v1.42.4 // indirect github.com/aws/aws-sdk-go-v2/service/taxsettings v1.16.12 // indirect @@ -323,11 +323,11 @@ require ( github.com/aws/aws-sdk-go-v2/service/vpclattice v1.20.2 // indirect github.com/aws/aws-sdk-go-v2/service/waf v1.30.11 // indirect github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12 // indirect - github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2 // indirect + github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0 // indirect github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12 // indirect github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10 // indirect github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4 // indirect - github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5 // indirect + github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0 // indirect github.com/aws/aws-sdk-go-v2/service/xray v1.36.11 // indirect github.com/aws/smithy-go v1.23.2 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect @@ -486,7 +486,7 @@ require ( go.opentelemetry.io/otel/metric v1.38.0 // indirect go.opentelemetry.io/otel/trace v1.38.0 // indirect go.uber.org/atomic v1.9.0 // indirect - golang.org/x/crypto v0.44.0 // indirect + golang.org/x/crypto v0.45.0 // indirect golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect golang.org/x/mod v0.30.0 // indirect golang.org/x/net v0.47.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index 5d0b793a987..cec70020414 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1479,14 +1479,14 @@ github.com/aws/aws-sdk-go-v2 v1.39.6 h1:2JrPCVgWJm7bm83BDwY5z8ietmeJUbh3O2ACnn+X github.com/aws/aws-sdk-go-v2 v1.39.6/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 h1:DHctwEM8P8iTXFxC/QK0MRjwEpWQeM9yzidCRjldUz0= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3/go.mod h1:xdCzcZEtnSTKVDOmUZs4l/j3pSV6rpo1WXl5ugNsL8Y= -github.com/aws/aws-sdk-go-v2/config v1.31.20 h1:/jWF4Wu90EhKCgjTdy1DGxcbcbNrjfBHvksEL79tfQc= -github.com/aws/aws-sdk-go-v2/config v1.31.20/go.mod h1:95Hh1Tc5VYKL9NJ7tAkDcqeKt+MCXQB1hQZaRdJIZE0= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24 h1:iJ2FmPT35EaIB0+kMa6TnQ+PwG5A1prEdAw+PsMzfHg= -github.com/aws/aws-sdk-go-v2/credentials v1.18.24/go.mod h1:U91+DrfjAiXPDEGYhh/x29o4p0qHX5HDqG7y5VViv64= +github.com/aws/aws-sdk-go-v2/config v1.31.21 h1:gH/y+NphLGIVuNHXNkTQir3PmL44Efe8OpPAsbDms0o= +github.com/aws/aws-sdk-go-v2/config v1.31.21/go.mod h1:P6I8guuLej6F2++fKUlo9OIhI59LuEsyEZZMMmgqh/4= +github.com/aws/aws-sdk-go-v2/credentials v1.18.25 h1:MvtSN3ECsQbgEHcux1pZQhuMjZnShlsqcS0Pqlan4Vw= +github.com/aws/aws-sdk-go-v2/credentials v1.18.25/go.mod h1:YATyDPzlHucr1cxEE9rsZl7ZG3gQsxpjD6o5of/8qXE= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 h1:T1brd5dR3/fzNFAQch/iBKeX07/ffu/cLu+q+RuzEWk= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13/go.mod h1:Peg/GBAQ6JDt+RoBf4meB1wylmAipb7Kg2ZFakZTlwk= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7 h1:u8danF+A2Zv//pFZvj5V23v/6XG4AxuSVup5s6nxSnI= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.7/go.mod h1:uvLIvU8iJPEU5so7b6lLDNArWpOX6sRBfL5wBABmlfc= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8 h1:R1Ws+p6Gyk0mdVvMI8zruUFnqaFouKKKDOdadtKbHbI= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.20.8/go.mod h1:VPrEBa+zT9J2x+HHdeq5SwTMd7tbhcBQH3sYPiKORfY= github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 h1:a+8/MLcWlIxo1lF9xaGt3J/u3yOZx+CdSveSNwjhD40= github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13/go.mod h1:oGnKwIYZ4XttyU2JWxFrwvhF6YKiK/9/wmE3v3Iu9K8= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 h1:HBSI2kDkMdWz4ZM7FjwE7e/pWDEZ+nR95x8Ztet1ooY= @@ -1507,10 +1507,10 @@ github.com/aws/aws-sdk-go-v2/service/amp v1.42.0 h1:eBxruXVqrfytiVJIqxGVW4kGlbxl github.com/aws/aws-sdk-go-v2/service/amp v1.42.0/go.mod h1:uwNPmGivmh+4kJecS8OuYtMQTeZCGoBxdLLAGv+13r0= github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5 h1:uqG80MBs+aYwh6V2bpD3p4EAN3+23H9zDF+kyQNmbgo= github.com/aws/aws-sdk-go-v2/service/amplify v1.38.5/go.mod h1:ieZIB8x+q5G3azy9SUtyGzGxXGHCVsTK4YvnADiCBZQ= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3 h1:EfTwIZPF4Q5lXgBkqbiVXpDZkc66fhqowdpy4UIEaA0= -github.com/aws/aws-sdk-go-v2/service/apigateway v1.36.3/go.mod h1:9tT261wkl3uME2BWp/a3nzGNe9BM7jLWZdrXW1eX3BA= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13 h1:X0cUJQKKQ69LtstWj3jjXRBaaCARs5FnS+xb2EedJEQ= -github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.32.13/go.mod h1:vr6hE/YGoQQa8PPwsB1uKt9wHjNZZcbXN+ww6lBXVhY= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0 h1:yGW8ujCEpbex84kfx9KL6HkzfSC3pTiUOwNgrCB/Tek= +github.com/aws/aws-sdk-go-v2/service/apigateway v1.37.0/go.mod h1:9tT261wkl3uME2BWp/a3nzGNe9BM7jLWZdrXW1eX3BA= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0 h1:jFWRglDVLlQcANMwsdFp/lJ6RAsc/mFLopFlTw9IeXs= +github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.33.0/go.mod h1:vr6hE/YGoQQa8PPwsB1uKt9wHjNZZcbXN+ww6lBXVhY= github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3 h1:CiSitRcp8P68+JoA9cNuBL6H2cdDtNr1w1pkHyRXFKE= github.com/aws/aws-sdk-go-v2/service/appconfig v1.43.3/go.mod h1:rvGHrN6a1lCypZrV0gDsJNPP5w51XIzr6manLptGnZg= github.com/aws/aws-sdk-go-v2/service/appfabric v1.16.12 h1:CKuViUgkrDY63niR+Jg2UBylJOSOrMx83NbOFKT0I7o= @@ -1529,8 +1529,8 @@ github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3 h1:IsdFy0YkFhSo1nPjw9WcPpm3 github.com/aws/aws-sdk-go-v2/service/appmesh v1.35.3/go.mod h1:xcEbbUjLqajeslIydrSJhESXNlGMtfXmu7MLY6ONlzY= github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5 h1:+fyOW8hT7uLzKQgkmKeqyq6Z8Y4+qiGsAOvbXYXmpdQ= github.com/aws/aws-sdk-go-v2/service/apprunner v1.39.5/go.mod h1:rI1byQGgb9tUXBvo3uLFrRXRzaCJayw+CiqAnDgYSKw= -github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2 h1:UwlSspIx0BSkiZfN4pX0EK2NlNTPXXu6jT3ljIf0/us= -github.com/aws/aws-sdk-go-v2/service/appstream v1.51.2/go.mod h1:flCm0TnAjuMbHs8YaGjVjQjUUsa5EP5O6nC4Zpt080E= +github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1 h1:wP/OGyNS8YMeNf1nqNMl3zPkyl3Vp2UJ171ykt2Vkvc= +github.com/aws/aws-sdk-go-v2/service/appstream v1.52.1/go.mod h1:flCm0TnAjuMbHs8YaGjVjQjUUsa5EP5O6nC4Zpt080E= github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3 h1:ANP9cl/DMLE1BewJU7eg25Ipq2gdrBtzd3k7nIcfq3A= github.com/aws/aws-sdk-go-v2/service/appsync v1.52.3/go.mod h1:uCcHMGXa27Gp8b/hlAI0JbqmXeZp16E2FDWNz5nX0cQ= github.com/aws/aws-sdk-go-v2/service/arcregionswitch v1.2.14 h1:wRm3ZJkjRHNiTRFGPLR9xTzXpAG8l1h5ywGY9b5tN5I= @@ -1539,24 +1539,24 @@ github.com/aws/aws-sdk-go-v2/service/athena v1.55.12 h1:upjiOGrCbvVk/kgSvE8oRE5S github.com/aws/aws-sdk-go-v2/service/athena v1.55.12/go.mod h1:1bY3ff3w7nTDnyGgOAOEZpO7e7bUiG2iDM2tXbCzxjg= github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3 h1:gus+gJbIngKvaL6Q3PH7e2tjO1Isx+kp+ldWIvysiY0= github.com/aws/aws-sdk-go-v2/service/auditmanager v1.46.3/go.mod h1:6U6XFWocDXxVtEZsjDajhNtAxNJzZRs9k7CJHuTMJCY= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5 h1:smgtD5JUyZERxHgs0j5entQFfdmKtKzt4UlIyaf2WUc= -github.com/aws/aws-sdk-go-v2/service/autoscaling v1.60.5/go.mod h1:6E1AiecbY52kVBl8lKkdaO759rbGK3TBBBNnfxJezTM= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0 h1:L4+Ts9JbR5Bb92eyQunFFAB6TfTobcfFne8+fNPGFX0= +github.com/aws/aws-sdk-go-v2/service/autoscaling v1.61.0/go.mod h1:6E1AiecbY52kVBl8lKkdaO759rbGK3TBBBNnfxJezTM= github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5 h1:/Gf9lbM1ce3h5SswLp0dCzWz3Lb8wHdlQvD9okQFnKs= github.com/aws/aws-sdk-go-v2/service/autoscalingplans v1.30.5/go.mod h1:NkStIqURmzgUVyoB3YkmU1HUtIPECrExIastd5QbXIk= -github.com/aws/aws-sdk-go-v2/service/backup v1.51.2 h1:8fMelnQAIyKuEX8dQ3S36C+GNYe5Q0tpzdPb4j8CfDE= -github.com/aws/aws-sdk-go-v2/service/backup v1.51.2/go.mod h1:Sqiqu5Ws64P9IYY+0mQ4OafDKK1LK6sRWQqw89dZZYA= +github.com/aws/aws-sdk-go-v2/service/backup v1.54.0 h1:irUsF+2pK8u1YfiH1SC265XCRR81txSLGOca1s8Dh88= +github.com/aws/aws-sdk-go-v2/service/backup v1.54.0/go.mod h1:Sqiqu5Ws64P9IYY+0mQ4OafDKK1LK6sRWQqw89dZZYA= github.com/aws/aws-sdk-go-v2/service/batch v1.58.6 h1:/SWr0iPuPFm90sbJwTowOCD63ZtbdFYmp67XlXygwxo= github.com/aws/aws-sdk-go-v2/service/batch v1.58.6/go.mod h1:zaUBHLEVy5UjLlFt996XZMXLza3teA7f0IhAoV7+3mg= github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5 h1:otJvRakif5zPNVJ2sRcayQFqYh8QMj3ukVNred28uTw= github.com/aws/aws-sdk-go-v2/service/bcmdataexports v1.12.5/go.mod h1:PJ5iWye10CA9cYAeVL4RUSkZvAwVK/WrOnTSHLztNAI= -github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6 h1:DnJwjQxyl4TnpkmTufPeIheReWrgiV9oOwu9vLA3878= -github.com/aws/aws-sdk-go-v2/service/bedrock v1.48.6/go.mod h1:xJ84P+JCcEkzkMjqBKmImWl/zlwEwBmbjc9QR+tcACQ= +github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1 h1:Da6sk9ZLlC2PXBWRPENz9msEkn5fYE6MOSWKPTjoMRg= +github.com/aws/aws-sdk-go-v2/service/bedrock v1.49.1/go.mod h1:xJ84P+JCcEkzkMjqBKmImWl/zlwEwBmbjc9QR+tcACQ= github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3 h1:UArcFWYHtdk5QWOTteqRZwF/tAoaYx+ArreUakHx8K0= github.com/aws/aws-sdk-go-v2/service/bedrockagent v1.51.3/go.mod h1:R5jkUdemrZt6+90gq4JFyxHKldEMH88F6wdxquDLa4Q= github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3 h1:lskoaAo1V+KpDYgS6lWMGvnxGhA0eX/bUQ6Xm7TEJM8= github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol v1.13.3/go.mod h1:MvhjtEWL5RO1w6AMrt4d9k//kZxZUsLrTSipRM9Q0/8= -github.com/aws/aws-sdk-go-v2/service/billing v1.8.6 h1:oMhm/snkg54HV1a//J0aBn7riYXDp2QH08oW9IK12j4= -github.com/aws/aws-sdk-go-v2/service/billing v1.8.6/go.mod h1:7WI9oHeKA76HgGtTaUeKToGO/rRH9/fx7WLCw1QLJt4= +github.com/aws/aws-sdk-go-v2/service/billing v1.9.0 h1:xbdlsW9TVa7AVpqB8CzaX6cM4qQQ/9RLrx6GGuBoSHE= +github.com/aws/aws-sdk-go-v2/service/billing v1.9.0/go.mod h1:7WI9oHeKA76HgGtTaUeKToGO/rRH9/fx7WLCw1QLJt4= github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3 h1:9cQXqYwHzp4fcKCHOAlHeMm/m/K+dcZS2D5SB+4ZA9s= github.com/aws/aws-sdk-go-v2/service/budgets v1.41.3/go.mod h1:wjQL1whunmAT3ZhqQGZq0lPGNmU27Uu8RjGmT12wLNg= github.com/aws/aws-sdk-go-v2/service/chatbot v1.14.12 h1:WAVCaNagdhnjzFUUsrYADbR6NF1RVG9LAZj2+oY8gAg= @@ -1573,8 +1573,8 @@ github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11 h1:iR8n4gvDdN2hrUjXgETp76p/ github.com/aws/aws-sdk-go-v2/service/cloud9 v1.33.11/go.mod h1:kyuiuFhvDWwqLGNWmwbIr/amPIFQWrA7KkbxRQvP0JU= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3 h1:6ZTiyJCqVLE5CjuCZ6h9kKEbWOTbFxlBFXZ0fvTZK+s= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.29.3/go.mod h1:6kx+wmHMUP1fQBUpXN2N9xRt2sQUlloxwyF5cMIvDOc= -github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5 h1:YzV4YtVLxSUE1SvyMZui4s8oAc3cz/qg3B05UqLmrNw= -github.com/aws/aws-sdk-go-v2/service/cloudformation v1.68.5/go.mod h1:llucikq1Q6I1Ps8rNV3St0bOY5RQMxYh1lpCaskyhPw= +github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0 h1:w9Yx0QWNhU2615kugQRIYSSR27GpZHkyRVdEHGi5PIY= +github.com/aws/aws-sdk-go-v2/service/cloudformation v1.70.0/go.mod h1:llucikq1Q6I1Ps8rNV3St0bOY5RQMxYh1lpCaskyhPw= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2 h1:1Ipv5nooFuWg3iPGQPeh1WkUSJ96QFTqZQKMHPw9WHc= github.com/aws/aws-sdk-go-v2/service/cloudfront v1.56.2/go.mod h1:UtP1sSXq2FHHO7Lvn4mNplFS4x7oP4+uMIJIQ8+3JyY= github.com/aws/aws-sdk-go-v2/service/cloudfrontkeyvaluestore v1.12.14 h1:AfC0uaSoMsz32lAOMkTjyfSX1PZRYniqzyt6pJmf+00= @@ -1583,12 +1583,12 @@ github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11 h1:w+afQ/tvYUVdTiX1LhIm github.com/aws/aws-sdk-go-v2/service/cloudhsmv2 v1.34.11/go.mod h1:w13K+4E6mjE6m5w3tDBZCs+S0zUiAse7M3qZg5ugecw= github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3 h1:AUYRw6eRXp6MjvKpTGRbNBmlfVRY7kEuClnMGv/zQQI= github.com/aws/aws-sdk-go-v2/service/cloudsearch v1.32.3/go.mod h1:6hxErkN8bbEtojNMVdGQPpL7j9+A/QKL+eDljfRIKMM= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13 h1:iGAveDY6U2fz2HhcrTqpPrQeo0yCKHWYnSjHcYsvCOQ= -github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.53.13/go.mod h1:yPef5Em35Sb/89IIHAOarpsld8EuxyxuDVDlHj32LVA= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0 h1:dbSrsAKSNOOwNd1rtaZwiRSzjc6U9yIRMfymrEeCM9g= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.54.0/go.mod h1:yPef5Em35Sb/89IIHAOarpsld8EuxyxuDVDlHj32LVA= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3 h1:fD9/X9n4O6fauKLp9BE848I3JcXVEliwlgliernxUhs= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.52.3/go.mod h1:KSWhI1V5x80r8NUqs8QDkOazDolFqFUAjsyE5nYjKro= -github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9 h1:+NSIzl59vBK3g3nLUuLSb/I2F2OIucW6hX/B+NAPWDg= -github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.58.9/go.mod h1:9/Q0/HtqBTLMksFse42wZjUq0jJrUuo4XlnXy/uSoeg= +github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0 h1:jqF36cdImXcEo63d52Wpdi2qTXOLTZSJF/71h9MP5jo= +github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.60.0/go.mod h1:9/Q0/HtqBTLMksFse42wZjUq0jJrUuo4XlnXy/uSoeg= github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12 h1:j75xPdSialz4ipsvOpCtKl2VFb/ugc2PMgOfVvWjt6o= github.com/aws/aws-sdk-go-v2/service/codeartifact v1.38.12/go.mod h1:9R9pEHnoKOjLs5dDREGyV1Ui2kWZgPPKz0VZd3juZhY= github.com/aws/aws-sdk-go-v2/service/codebuild v1.68.4 h1:rp7p7dTLS1qix2pVRT168GfZevumq0HoiytyrRG5e9o= @@ -1621,22 +1621,22 @@ github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3 h1:0oum8CeAFRcovMs github.com/aws/aws-sdk-go-v2/service/computeoptimizer v1.48.3/go.mod h1:PzK50LObvBt9Mb2YxwsocMuck07wSMSR+eVU9CiV05M= github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4 h1:dY6ktQ8OfUkI6fTs0R9/3mAbYC6N1wEbjsGq2PLFms4= github.com/aws/aws-sdk-go-v2/service/configservice v1.59.4/go.mod h1:8pBCQK4k6Qpff8QKM6gcCt2ZsluQFsNtNaa8ouEZLFc= -github.com/aws/aws-sdk-go-v2/service/connect v1.145.0 h1:6/a2kK8p4mwkgOBI/pynm9JOAcErojPUeK66X8YDhDo= -github.com/aws/aws-sdk-go-v2/service/connect v1.145.0/go.mod h1:4S/3f30iB9LArrLNHVRw/IWyGEGturV5Z5DF1rp3NsE= +github.com/aws/aws-sdk-go-v2/service/connect v1.146.0 h1:fL4XXNHdfBmVWSGgsBzoezErUf7knnLK5cCUe1F3eoQ= +github.com/aws/aws-sdk-go-v2/service/connect v1.146.0/go.mod h1:4S/3f30iB9LArrLNHVRw/IWyGEGturV5Z5DF1rp3NsE= github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3 h1:ZcrD31NLG/brevUHw8XSn74VHShleHUm5xy8uJC/1ek= github.com/aws/aws-sdk-go-v2/service/connectcases v1.34.3/go.mod h1:g0V7qnDiTliogqzfAiJrhrOAEKnY+XY3u7/FJ8sZEYU= github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2 h1:D5zM7WP5IWp4DMbtY8NdTemanN/MxGyp2vm8Eis0gQE= github.com/aws/aws-sdk-go-v2/service/controltower v1.27.2/go.mod h1:ZQuFo9/qnryEiHaDdXGo0pgsC+uHYHheHzGq+Vem8xM= github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4 h1:aCPRvahOg+fH79Sk9wOZslIrQVAAPgC1JpGzj1s5ZBo= github.com/aws/aws-sdk-go-v2/service/costandusagereportservice v1.34.4/go.mod h1:z4Y8J/t7ktcqMxLtf4korP74Tg42Ov97FjuTDyFfJKw= -github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4 h1:4+ndtUixNsgYuPo2gdscLuHD4+fjXD2+qkUDNbXZKJw= -github.com/aws/aws-sdk-go-v2/service/costexplorer v1.59.4/go.mod h1:sP89eC3imDzTgMk/N+gDwDqjeQgLLEt0PuU5NMBHBCo= -github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12 h1:l6SiywJK8lU2c8+gggG/SYRT3rKkZwD6acvn1j7DtiM= -github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.20.12/go.mod h1:Ouo0lXAlK9jTlJeMt6LTL+G6kKOfoK7xks0TT5AwdlQ= +github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0 h1:nZrsl4tViAlW9+xkUpc4GXa9t0p3RIzGz9csmRrXR/s= +github.com/aws/aws-sdk-go-v2/service/costexplorer v1.60.0/go.mod h1:sP89eC3imDzTgMk/N+gDwDqjeQgLLEt0PuU5NMBHBCo= +github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0 h1:8oTOAr895uaekGOozHzfH1zHGfBhSHZwpardvitnaCI= +github.com/aws/aws-sdk-go-v2/service/costoptimizationhub v1.21.0/go.mod h1:Ouo0lXAlK9jTlJeMt6LTL+G6kKOfoK7xks0TT5AwdlQ= github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5 h1:XJUCroqsUAG80W0jVK/Rb4QPF/YbZu/oVtmiGvF8gjI= github.com/aws/aws-sdk-go-v2/service/customerprofiles v1.54.5/go.mod h1:86sgcd46latOOSvQKbctenNsiEHnow3vip0OnwSqC54= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0 h1:adVVHirGpPxDlxeQDsxbz34EcYl1QrBJ0PDXsz0jdEU= -github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.59.0/go.mod h1:Sc22CT1GPF61n0yJdqquFNvqoyfnQCZ+WS7Uz8daW8c= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0 h1:cJZPHHPjft5N0BNv9X0bsUdDNGGbTQiT2b7jiN+NYv4= +github.com/aws/aws-sdk-go-v2/service/databasemigrationservice v1.60.0/go.mod h1:Sc22CT1GPF61n0yJdqquFNvqoyfnQCZ+WS7Uz8daW8c= github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5 h1:gQDXbDgv5AW3treUAsfQGEeU3+ZmSEfb1TTpiDD7Gc8= github.com/aws/aws-sdk-go-v2/service/databrew v1.39.5/go.mod h1:hu5s2BoJ9fqmyMoVVvYbAtTFOFg8lsr4TzgJnK58n2Q= github.com/aws/aws-sdk-go-v2/service/dataexchange v1.40.5 h1:P9xrOXwbBxBzq30eiCFUlVE8lUUe6YnHs8j9dQx4YEM= @@ -1645,14 +1645,14 @@ github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11 h1:ZmEqPDpJsiqkVqsRD7 github.com/aws/aws-sdk-go-v2/service/datapipeline v1.30.11/go.mod h1:WZjvFO/jWbSRaxdkTmbL5GZu1HmPV2+DrDFmUCH0BKk= github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6 h1:pxK2rp4xZ073UMj7KUIX3Bwao02V6P+GXwvhOJW2Qkg= github.com/aws/aws-sdk-go-v2/service/datasync v1.55.6/go.mod h1:35IO7OkYfIGQJeJ8IOFN7dPrregYgMMxBlSGpR0dEj8= -github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2 h1:z7XP0lFXJ88sFK13Erqt/9KoRGOyY9R9vpP278aNNvs= -github.com/aws/aws-sdk-go-v2/service/datazone v1.46.2/go.mod h1:ELpY+QIvAO5sH048NMmxDNMDuAKWbRmHCl0rrNR4V5s= +github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0 h1:ON4CIIi/LgvXPKl+9FcuHI6evqfbFWbKvpngpS2IqvY= +github.com/aws/aws-sdk-go-v2/service/datazone v1.48.0/go.mod h1:ELpY+QIvAO5sH048NMmxDNMDuAKWbRmHCl0rrNR4V5s= github.com/aws/aws-sdk-go-v2/service/dax v1.29.7 h1:d+Iq53DFhoJ4m+PKRCCosIodRTuWvlsh+LAWuOe7zWE= github.com/aws/aws-sdk-go-v2/service/dax v1.29.7/go.mod h1:LqCHisA88LmdWAT7R/FsvLksZZs7ghdIUwZsZSu0xKs= github.com/aws/aws-sdk-go-v2/service/detective v1.38.4 h1:iR9Cjiohq4R9veZr6DadbXEbKj1FADofRNJZ3hEjuwY= github.com/aws/aws-sdk-go-v2/service/detective v1.38.4/go.mod h1:cOhEIcmxoL4V4Uavp0LRUV30gYNTGiTd2G0/ECJlIls= -github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5 h1:SdjTtglkwBokc8S4ASXl4RHM9klZr0TS+Xm+ZGwvmyk= -github.com/aws/aws-sdk-go-v2/service/devicefarm v1.36.5/go.mod h1:DOlSchQTITKhdLgShZBymT+x+kX6jSJx8ArGf2jvFVs= +github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0 h1:VdU+oiTksNqUwRw5xv6AkoVKq6RecX6HrZmWGm/7lpY= +github.com/aws/aws-sdk-go-v2/service/devicefarm v1.37.0/go.mod h1:DOlSchQTITKhdLgShZBymT+x+kX6jSJx8ArGf2jvFVs= github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3 h1:pyh8Q7gwaW9mKsPG52ql7tarNkBn7jiYKmhXwzOAEO0= github.com/aws/aws-sdk-go-v2/service/devopsguru v1.40.3/go.mod h1:pOx5GDFaf6hXYuvqq18r+Op5BCfuMuZKX2ZJgacqWNk= github.com/aws/aws-sdk-go-v2/service/directconnect v1.38.5 h1:XLpifFvzfFmQ0i4EX/xosiSt/yYEN7Wtw1LqffT3o0c= @@ -1669,16 +1669,16 @@ github.com/aws/aws-sdk-go-v2/service/drs v1.36.4 h1:HH+yOVt1hVdw3q5OyG6dYjMi5mg+ github.com/aws/aws-sdk-go-v2/service/drs v1.36.4/go.mod h1:qO9+wcb7meZj7R8VQd8QnHb+ZPRWdODsexKGr3ru7cA= github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2 h1:+dLCcQdBv+JiLDp25/cDm5GiK2vKg5+y1n+Lm+ve3zY= github.com/aws/aws-sdk-go-v2/service/dsql v1.11.2/go.mod h1:qAIMlh9aATA3n6dbs3aHQD7MOCAN8km548KABpaxqUs= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6 h1:jlPkBSbMSpqVk47u9kqblihtXlmzYv3ZFXtuNKUNwDc= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.52.6/go.mod h1:6eUUnWOJ8sucL5Uk8rPkFo8FYioM0CTNGHga8hwzXVc= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0 h1:WDY9IcD4z/ZCQP6YkZoTX/ck7mDGly88EmQV4VKidK4= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.267.0/go.mod h1:NDdDLLW5PtLLXN661gKcvJvqAH5OBXsfhMlmKVu1/pY= -github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4 h1:Tlrn39J499be8wCeAzNTV3P8jdNSgZArLqJpRHRLd/k= -github.com/aws/aws-sdk-go-v2/service/ecr v1.51.4/go.mod h1:1NVD1KuMjH2GqnPwMotPndQaT/MreKkWpjkF12d6oKU= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0 h1:oyaZ6mvMgqy3Vm2RMD6ni2sQi4G9T6ntOXP5/PFtnVs= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.0/go.mod h1:6eUUnWOJ8sucL5Uk8rPkFo8FYioM0CTNGHga8hwzXVc= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0 h1:zWYlsIUX88ZSDiKQR4603gVjPLR7Wn1+/hv76lsrMvA= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.272.0/go.mod h1:NDdDLLW5PtLLXN661gKcvJvqAH5OBXsfhMlmKVu1/pY= +github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0 h1:ReOAhAmW/8c2yLfr7fuLeD6WgXrp12yL27CCQMP6eQM= +github.com/aws/aws-sdk-go-v2/service/ecr v1.53.0/go.mod h1:1NVD1KuMjH2GqnPwMotPndQaT/MreKkWpjkF12d6oKU= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4 h1:0rqbFeBlrTHNEIdrcH9g1yW0QjBOaCrGcTQ6sLcsH9w= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.4/go.mod h1:x7gU4CAyAz4BsM9hlRkhHiYw2GIr1QCmN45uwQw9l/E= -github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4 h1:5tbrRKMqXCiMg0+7E21TiAvVJEt8uB+7d5FQ8+Fusqo= -github.com/aws/aws-sdk-go-v2/service/ecs v1.67.4/go.mod h1:rrhqfkXfa2DSNq0RyFhnnFEAyI+yJB4+2QlZKeJvMjs= +github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0 h1:eKgxT+0Aj9zkdw2qcfCP9FyfrQlQwsfH7lQyeqwODmY= +github.com/aws/aws-sdk-go-v2/service/ecs v1.68.0/go.mod h1:rrhqfkXfa2DSNq0RyFhnnFEAyI+yJB4+2QlZKeJvMjs= github.com/aws/aws-sdk-go-v2/service/efs v1.41.4 h1:Uk/tvWjdaeVQxmKTjleCJ05SPoXL5Upgq+rffBcolZI= github.com/aws/aws-sdk-go-v2/service/efs v1.41.4/go.mod h1:ddWcpZJhvKugMHfwzBsq3dtaBLH7PsTgtAyiL3BEdxo= github.com/aws/aws-sdk-go-v2/service/eks v1.74.9 h1:ugqH9Vu52QlUhpTbW75rsv0WA9k704DEwOCoxWsLy+4= @@ -1689,14 +1689,14 @@ github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.33.13 h1:l4FFXPDGzjr3bX github.com/aws/aws-sdk-go-v2/service/elasticbeanstalk v1.33.13/go.mod h1:V3Yl2vXro/+nzAmexAXOc1GdkTmEE+UHp0YMuTn5G5k= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13 h1:VygvbUZq3ancO3iutKRr5zsdVR3X5wQPFoYMD1P8hhg= github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.33.13/go.mod h1:ImGbJ8W4fb8KZekLSWCnuuabYN5WusCD7cnW4Nz7i14= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0 h1:ZEXlVNHNM5R4BCrK79Y/cXEEmkGFDhBBKz4YlEfgNRk= -github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.52.0/go.mod h1:Uyo8wjqYyZaHVqoe+APHe4+THRGv4pctJzItYYnRe5Q= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0 h1:FW40Wq7eYkzoBc/7X4Ds7OLKXv+CM5w7n1mMN+qxSRI= +github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.53.0/go.mod h1:Uyo8wjqYyZaHVqoe+APHe4+THRGv4pctJzItYYnRe5Q= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13 h1:hqyzd5cRYxvjVLa9FmmR39IM76hSNf+ROudLUpZviSE= github.com/aws/aws-sdk-go-v2/service/elasticsearchservice v1.37.13/go.mod h1:GXyWYhCWYQQhGzxzNDU6CRL++zIsBgguWJFTa/iTOqI= github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12 h1:Aqvjf0SzPHFEq7stD7515Osa/l8dXxnkdZiwjTrGE6c= github.com/aws/aws-sdk-go-v2/service/elastictranscoder v1.32.12/go.mod h1:hV8KFAz+flqQ0eHBEJYGU4NWzTqQBtrRyqVwfm3Gi2Q= -github.com/aws/aws-sdk-go-v2/service/emr v1.55.6 h1:OVHBFoQjAtZRkqZAHE0Jzj/0MQETOD74fx4+I85q8J8= -github.com/aws/aws-sdk-go-v2/service/emr v1.55.6/go.mod h1:NZatCe1XK65DogTuEG2emmEN3NIZtwLsXtJzWpkqSx0= +github.com/aws/aws-sdk-go-v2/service/emr v1.56.0 h1:g185SYMRcklpYhul88jlO00EMsuOpfAwcXoys9KaeNk= +github.com/aws/aws-sdk-go-v2/service/emr v1.56.0/go.mod h1:NZatCe1XK65DogTuEG2emmEN3NIZtwLsXtJzWpkqSx0= github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8 h1:h4R+o2xRhtn4SPIao+6aU1TVTYBk0CfoLd9bhXZ3OTw= github.com/aws/aws-sdk-go-v2/service/emrcontainers v1.40.8/go.mod h1:ncWhqV69Tim5BrNp98qdJfLvlD/WwCs5X3lBPgV62rs= github.com/aws/aws-sdk-go-v2/service/emrserverless v1.37.3 h1:axxXrvkaQcqcmEfNoIhU5oRLX7ufI2sAX+2a1j8xN1k= @@ -1715,36 +1715,36 @@ github.com/aws/aws-sdk-go-v2/service/fis v1.37.11 h1:Z0sI7NcI76E0ok3s29O5TVM0ye2 github.com/aws/aws-sdk-go-v2/service/fis v1.37.11/go.mod h1:Ja2eowkEbK8dfjWqxg96k4lkVjnf7YTUpEtQKHflynQ= github.com/aws/aws-sdk-go-v2/service/fms v1.44.12 h1:wqtKrEUifaZHVItsMfgAcHzHce8UUQfOvP6vDb2XqpY= github.com/aws/aws-sdk-go-v2/service/fms v1.44.12/go.mod h1:qKGD0P+Hxcbq4w6Q6PUrDDLd0C2PcgwLtIS2BT6+2yo= -github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2 h1:D8kSlmz5DdbmT34u5KLClYNBxYFqPP78zFOSNQGugqw= -github.com/aws/aws-sdk-go-v2/service/fsx v1.63.2/go.mod h1:MCyHv+eBeciHOldY/pOKwp7j02Jo2HS1cpvThq2hSqs= +github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0 h1:pIzBzYXgK8naqPgQ0H7VDd6hEi05rZG6DCrAxsn9f2Q= +github.com/aws/aws-sdk-go-v2/service/fsx v1.64.0/go.mod h1:MCyHv+eBeciHOldY/pOKwp7j02Jo2HS1cpvThq2hSqs= github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2 h1:cdqUPiNlaSdNumcrBGIag7Qpi6rHwLZHxBvjP08LDBs= github.com/aws/aws-sdk-go-v2/service/gamelift v1.48.2/go.mod h1:dcVPaAeS/WE1PQeOldz0EuPud1gttdoQXajAKhNf0rE= github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12 h1:8Az5fIk1L9pRU81KubxXn8QzUZJbticx8KBbTrc+s5c= github.com/aws/aws-sdk-go-v2/service/glacier v1.31.12/go.mod h1:qkG1pn5qsa79Ovau5ZJ3DpYa9Ar534RyQU8PjjMalCM= github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5 h1:h80nAJssBG0S3yD8ZHoigFjmVFJIiL6jfx5FTUihdwo= github.com/aws/aws-sdk-go-v2/service/globalaccelerator v1.35.5/go.mod h1:La9wJnRUasTkBLOLqH2JVrApk1WG0vui4MVyr+rGS8Y= -github.com/aws/aws-sdk-go-v2/service/glue v1.132.3 h1:0fKX7z08n3i9jI3m862Ktr4WJ+Re4a3XNv/wi/hHiis= -github.com/aws/aws-sdk-go-v2/service/glue v1.132.3/go.mod h1:KBo/tKQu4KUTMQ88jWZR79PNgEeDCD8QrO8oMmAq8ng= +github.com/aws/aws-sdk-go-v2/service/glue v1.133.0 h1:bIzOBSUg62ENeRK0t7p8TjdXDhGgVZppSVrSNYSzSgQ= +github.com/aws/aws-sdk-go-v2/service/glue v1.133.0/go.mod h1:KBo/tKQu4KUTMQ88jWZR79PNgEeDCD8QrO8oMmAq8ng= github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5 h1:eTAfP6KrOmbUK4at7wlX8vG7qc8Ao110th4/Lw7xxI4= github.com/aws/aws-sdk-go-v2/service/grafana v1.32.5/go.mod h1:6tjVI48fzvjSAKY486cvKQPNeuIcV5YULNlFyAPZ+UU= github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12 h1:0OhsswAs8h4vSCyGYx283pH+3Ks4Qngui0/g/KOhUYc= github.com/aws/aws-sdk-go-v2/service/greengrass v1.32.12/go.mod h1:wXnnE8KHU07d8VHPGTibk+Kx2TXFaCsL92wJoPPvCvM= github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2 h1:BsyqAKq5RduYyz1muDRvvsKwXHd6yG/C+9TpdD+8O/o= github.com/aws/aws-sdk-go-v2/service/groundstation v1.39.2/go.mod h1:mg5Mut9Q671xNH+VvfaPBVvS4U9vLw1R5wz4bJvPjd4= -github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2 h1:jsD/jF8iLwdg6aVfQ9DwW7UUxr/sd4Mci0lG4y6Dv5w= -github.com/aws/aws-sdk-go-v2/service/guardduty v1.66.2/go.mod h1:U8kxZNr/dDtSqvr9L8e+fyqVmU/BNyI9fKWAatpu1CE= +github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0 h1:CMWFVQQDypdxhS1d4V19fP/Y3XNB72WLyteyafQMCsI= +github.com/aws/aws-sdk-go-v2/service/guardduty v1.68.0/go.mod h1:U8kxZNr/dDtSqvr9L8e+fyqVmU/BNyI9fKWAatpu1CE= github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4 h1:Dt34+Yu6fRgiZgSMoO6J65IMKawDGjJn7BkPvjrI0ns= github.com/aws/aws-sdk-go-v2/service/healthlake v1.36.4/go.mod h1:1GUJHZK3s9RIYhn/cLwh5/08/EfcnpCllSHWeJ23nVg= -github.com/aws/aws-sdk-go-v2/service/iam v1.50.2 h1:A03KM3Mo3IitRdM6dg1x5P+/POvDwAYD02YfoYkDgok= -github.com/aws/aws-sdk-go-v2/service/iam v1.50.2/go.mod h1:cuEMbL1mNtO1sUyT+DYDNIA8Y7aJG1oIdgHqUk29Uzk= +github.com/aws/aws-sdk-go-v2/service/iam v1.52.0 h1:tXH4OrcRq053tqoWcmk9V3yfeedhgoa8o1J04S5JeYc= +github.com/aws/aws-sdk-go-v2/service/iam v1.52.0/go.mod h1:cuEMbL1mNtO1sUyT+DYDNIA8Y7aJG1oIdgHqUk29Uzk= github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2 h1:Ch+EIqM8RIEtVQqQl14XazfYBCzzxiZ1f7jbrOJ5D+8= github.com/aws/aws-sdk-go-v2/service/identitystore v1.34.2/go.mod h1:uuQmaV23i5w+5Jy2XFnquY0Z41iR6oDDdu+Sqz6bsNg= -github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6 h1:FkOAC3Cf4lTzY/ucQxI8f3G1fZOfbj82JM6O+EmqT84= -github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.48.6/go.mod h1:VD7bLCk88KQgyRB+yIQH9BNmtmSpwgRQ0Q7Wp1bsCuk= +github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0 h1:VTKPR2R1q0o7N7T0ilqSajWWTlKNjsSzxvu319pLitc= +github.com/aws/aws-sdk-go-v2/service/imagebuilder v1.49.0/go.mod h1:VD7bLCk88KQgyRB+yIQH9BNmtmSpwgRQ0Q7Wp1bsCuk= github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11 h1:I2WBSlw0rFVTTMDdg+7a77/kQFNKxJh1lJDZyI77ZTc= github.com/aws/aws-sdk-go-v2/service/inspector v1.30.11/go.mod h1:Ce8Iac726mzXgIOgFkMllAZsgb5XTOjzC5og1vPkHu0= -github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12 h1:KC35deDW2vbbXPW14nUGgpf1lv3Qdg1wHhD9a1c2WDY= -github.com/aws/aws-sdk-go-v2/service/inspector2 v1.44.12/go.mod h1:btzexzBLvYxamIptsxWMmHhXXx/FFmdKGgH96IM6HE8= +github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0 h1:gQW64ZGON3XG+UX2hDSHEXyRGd0YRxEqnyAYQRBK8tQ= +github.com/aws/aws-sdk-go-v2/service/inspector2 v1.45.0/go.mod h1:btzexzBLvYxamIptsxWMmHhXXx/FFmdKGgH96IM6HE8= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 h1:x2Ibm/Af8Fi+BH+Hsn9TXGdT+hKbDd5XOTZxTMxDk7o= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3/go.mod h1:IW1jwyrQgMdhisceG8fQLmQIydcT/jWY21rFhzgaKwo= github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.4 h1:NvMjwvv8hpGUILarKw7Z4Q0w1H9anXKsesMxtw++MA4= @@ -1757,16 +1757,16 @@ github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13 h1:zhBJXdhWIFZ1a github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13/go.mod h1:JaaOeCE368qn2Hzi3sEzY6FgAZVCIYcC2nwbro2QCh8= github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4 h1:i0+jLDeUbGVMnbM062bNuqXSRGvxChArs5Z/HcetByo= github.com/aws/aws-sdk-go-v2/service/internetmonitor v1.26.4/go.mod h1:1J+jvIbqr9u7BwNyDWrriI1BsFBVMBEi6XP2T8QSAXw= -github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2 h1:hTmBpa2Wd6rg24XaW9Uw2d+gD/sTKuEBiYs60Y4XnBo= -github.com/aws/aws-sdk-go-v2/service/invoicing v1.7.2/go.mod h1:077SFzwNIDjtHm35vjTtBHkweLVXtd3ahiPqfxo9Jms= +github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0 h1:GmwiBzG6DhuL9w4MgrbUUHE+GFCJ9diSxbTAX27zTdo= +github.com/aws/aws-sdk-go-v2/service/invoicing v1.8.0/go.mod h1:077SFzwNIDjtHm35vjTtBHkweLVXtd3ahiPqfxo9Jms= github.com/aws/aws-sdk-go-v2/service/iot v1.69.11 h1:E1iadLmKaX8iqk4lIOenXnd52iORtxQItB5kOID2J48= github.com/aws/aws-sdk-go-v2/service/iot v1.69.11/go.mod h1:Qsm1SgHzgKxy9TPqGfVBL+ULu/LW1iIOTn7kbsFhWE8= github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5 h1:S7hZ3yWMpTG7jDJIQhWoob0vjAbS7g8VMmqDs+Rr0v8= github.com/aws/aws-sdk-go-v2/service/ivs v1.48.5/go.mod h1:LWpDgCXaAZgKF5EH2xincNziWa0GkknDhx+ig0pAWzo= github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11 h1:3O57ECBVWgTITHZTmIsDdpaUUxGN2YULXDhBtea4A+Q= github.com/aws/aws-sdk-go-v2/service/ivschat v1.21.11/go.mod h1:gHijQmBJujk/KV3Y+trzDPVZ16MS5JkITQX5MqO3wiA= -github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2 h1:+h9k2C0aNDHttULtVkFlWyuQxE8ILi23gLDUDApJDGU= -github.com/aws/aws-sdk-go-v2/service/kafka v1.45.2/go.mod h1:Duj0BV8XyPzvoVF2LYtLDTCoQkIJ+NU1ui7QyMyCM/Y= +github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0 h1:hOOY9fQ95Rfv/L6XRFiJTZlcf52dFQ5txxw49VbFT5k= +github.com/aws/aws-sdk-go-v2/service/kafka v1.46.0/go.mod h1:Duj0BV8XyPzvoVF2LYtLDTCoQkIJ+NU1ui7QyMyCM/Y= github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12 h1:7ZayGxzuj2qFwCTUUVGHYS6hxHb5Uly1W4Lbau4BTXs= github.com/aws/aws-sdk-go-v2/service/kafkaconnect v1.27.12/go.mod h1:wnbOw77+1dcXjlDl1JhSQmsO0+r3np9nFxvaX4HgUQ0= github.com/aws/aws-sdk-go-v2/service/kendra v1.60.12 h1:MSoRxnPxbIaotIGof/+4CCw1ftfVnvTfB0h+0xDuAJA= @@ -1785,14 +1785,14 @@ github.com/aws/aws-sdk-go-v2/service/kms v1.48.2 h1:aL8Y/AbB6I+uw0MjLbdo68NQ8t5l github.com/aws/aws-sdk-go-v2/service/kms v1.48.2/go.mod h1:VJcNH6BLr+3VJwinRKdotLOMglHO8mIKlD3ea5c7hbw= github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11 h1:hF1Qozl8Fh6C1bUeNaL0xLbTlsHaKmxHKFfA08q5mU8= github.com/aws/aws-sdk-go-v2/service/lakeformation v1.45.11/go.mod h1:1oR3VqBIi345fZEqaBh7HbB/GKLZU5F1+nbXQV5csnY= -github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3 h1:s07xiAG7SmiCWPG7OyPMsZ2OR9J4NvHsoI+1l2fjCZE= -github.com/aws/aws-sdk-go-v2/service/lambda v1.81.3/go.mod h1:X9xD+03BeNMi9vA0zcJ0rL4jaGRaBpB/54ukKjhz6ik= +github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0 h1:MrStO25Ef1TbXFzZr2pZPdwcFHyUgPxCX7MXz09Qk7k= +github.com/aws/aws-sdk-go-v2/service/lambda v1.82.0/go.mod h1:X9xD+03BeNMi9vA0zcJ0rL4jaGRaBpB/54ukKjhz6ik= github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12 h1:dN62fbhBm0z/WOjTqQm7+vRpAPrLjFQd08TIhjvOhlA= github.com/aws/aws-sdk-go-v2/service/launchwizard v1.13.12/go.mod h1://3iRAUIqql/dPeYQI4lIv4JA8FiZzgIifX0EiX+9uU= github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5 h1:C/Qq1lPIUMssyiBXzlhvOEEMPuLBuSqarHoXpRvML1M= github.com/aws/aws-sdk-go-v2/service/lexmodelbuildingservice v1.34.5/go.mod h1:iE4e1/ovGtt3keD9WWXuHfjoascElN+sEwN0Ff5Tys4= -github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12 h1:pF5armn0G9bASuoIJWuHIXcsZGXmnBRrT5JspaIkkhY= -github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.56.12/go.mod h1:jcWBQtwCe0xBJLEVkz4ny1N+SRNRQQdpPUT1MKRwyu0= +github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0 h1:alZjWGUSbcTTNYTrOhbFVh7B1mSgMuXEvmsxFybSKYo= +github.com/aws/aws-sdk-go-v2/service/lexmodelsv2 v1.57.0/go.mod h1:jcWBQtwCe0xBJLEVkz4ny1N+SRNRQQdpPUT1MKRwyu0= github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12 h1:e6Q/2pgy/KKhpG8uBEq51rboXTepDcMKqmJTn1sv/Hg= github.com/aws/aws-sdk-go-v2/service/licensemanager v1.36.12/go.mod h1:jXdt+CSYTcfzhA60pRhvdlBEGWkHdb96/4+v8hJrYxU= github.com/aws/aws-sdk-go-v2/service/lightsail v1.50.6 h1:cMYT6YsNkZjo4vguBxkgGCVffhaS0Dc2BZs/nGr4uLs= @@ -1805,16 +1805,16 @@ github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5 h1:36dEuPAWGx9dmFvxAbsaoueMqEx24 github.com/aws/aws-sdk-go-v2/service/m2 v1.26.5/go.mod h1:TcXLSXdIt/knslZsVOxLz85TXJHYftEnZp2Pkqcmd/g= github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4 h1:9RF/3sDLXY55O2MJJl9iejd1IDuTMztpNdpYe9BigVk= github.com/aws/aws-sdk-go-v2/service/macie2 v1.50.4/go.mod h1:UqgjJRAxzo2p/JJAaa4U10r468sb5dB7XdTojQM3J6I= -github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6 h1:I/Eeyj62yurTCVSnDYOx29RamF4y905uqPHNBsd2jVc= -github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.45.6/go.mod h1:h8kJMoJzHMU0zZWycpQpGmcxYLKhrhfC8RI1O4E4lv0= -github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3 h1:E/NpGJvshPtx3EQBdpPkKjlXNZLBuQlqmyQUY/AnTM0= -github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.84.3/go.mod h1:69w+ev30uz0EQ+Z3brr3IecMA4D7Pkr3PtnQc0VGEZs= -github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5 h1:iJH598Dnl07aBdbNOj1jrAgvOQ7BVBDaqNZZYZxhkH4= -github.com/aws/aws-sdk-go-v2/service/medialive v1.85.5/go.mod h1:SRJh9enbB1Urr1hv5+LKTbRlmXlhbjzvy3AwZkB7AHY= +github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0 h1:ZISa5LjOv1UP8/i0NZiFVFn0TRcLI8iceeW4MzyWOlk= +github.com/aws/aws-sdk-go-v2/service/mediaconnect v1.46.0/go.mod h1:h8kJMoJzHMU0zZWycpQpGmcxYLKhrhfC8RI1O4E4lv0= +github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0 h1:IQwKEYP9sQ4USJc+xX5N/P85SyLAsWk0Kxx2Bx/xz4k= +github.com/aws/aws-sdk-go-v2/service/mediaconvert v1.85.0/go.mod h1:69w+ev30uz0EQ+Z3brr3IecMA4D7Pkr3PtnQc0VGEZs= +github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0 h1:nkvCXOE1zFYMaq9A7SMAeY+TWPQ/fe0BTkls8SrfyDM= +github.com/aws/aws-sdk-go-v2/service/medialive v1.87.0/go.mod h1:SRJh9enbB1Urr1hv5+LKTbRlmXlhbjzvy3AwZkB7AHY= github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12 h1:jw/o+ERI9EecbrQLGzrzHCPlpjd52ysHRkHV2G3T0lw= github.com/aws/aws-sdk-go-v2/service/mediapackage v1.39.12/go.mod h1:7As8fD4Tr7DZAKWm0YOPFaoNymtw3xsCUkjQobfsZ7E= -github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5 h1:aYwnY2h9RS2PGixXD7ujCtTzPLuYGzgnmsaQBpsuD9s= -github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.32.5/go.mod h1:w/Cotl6ORtnl+0i3hsOfzeV3bq5msbjgTrDhN57KTQU= +github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0 h1:0kXTtfY0fCyncN3yEf6UjeVRyouqUPLzrDCF/sRJqsE= +github.com/aws/aws-sdk-go-v2/service/mediapackagev2 v1.33.0/go.mod h1:w/Cotl6ORtnl+0i3hsOfzeV3bq5msbjgTrDhN57KTQU= github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12 h1:3uZcDQNSq2K8+l26JGiI5ruvs8C4ZjG/uiUDU81LLok= github.com/aws/aws-sdk-go-v2/service/mediapackagevod v1.39.12/go.mod h1:eiBfqNKAQK1rLuvKJOc6n5r9JZjgvdcMjxHHJlQwO3o= github.com/aws/aws-sdk-go-v2/service/mediastore v1.29.12 h1:NcvtI4JsJXem0VZSkt2u7ODCF7GZpoXr6hakfgOdbqs= @@ -1831,10 +1831,10 @@ github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3 h1:PFGZA4R64W8ZvC+MF4qE7Qka github.com/aws/aws-sdk-go-v2/service/neptune v1.43.3/go.mod h1:zZ58Zd5x0GGqnSgDLV4R3C1Xazzg3htNhg3kUpNB94M= github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11 h1:aHQda8rOysKlF7xSoPu9Qk5t2Ph5fyvrh/HWNEuNwYA= github.com/aws/aws-sdk-go-v2/service/neptunegraph v1.21.11/go.mod h1:dUFhAeruwm9ZYvMRk2JU6AR+YFcQ+4h34C3yNmz4T88= -github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7 h1:onil62NaIBJfreD+WSPQGDVaa/MCmgeUqk/fa7SWyBc= -github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.57.7/go.mod h1:wCjIj4guias8uhaV3dqeSag/7v04X3xJQa4Ur9zJttc= -github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5 h1:Lctop1deQprhkm9mt/M8/7di8Zetaa3JmYgMG7XH/tI= -github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.10.5/go.mod h1:jIxhoFIXY3j5+i8UsPKY1jSMSGP8wKG4rHh1nF8fmzw= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0 h1:gH0mo9odFg6ZI2g6pHcvihWMfCEjyOF0U271zEprUoc= +github.com/aws/aws-sdk-go-v2/service/networkfirewall v1.58.0/go.mod h1:wCjIj4guias8uhaV3dqeSag/7v04X3xJQa4Ur9zJttc= +github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0 h1:UiALLI9ec1KVMT+AJcXXIaknC3zkC7zzYoR/9DaX5K4= +github.com/aws/aws-sdk-go-v2/service/networkflowmonitor v1.11.0/go.mod h1:jIxhoFIXY3j5+i8UsPKY1jSMSGP8wKG4rHh1nF8fmzw= github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5 h1:yVU4b7twe9pLU5dxkC0D6lUEgcZa7zWizXuRbvHp/d8= github.com/aws/aws-sdk-go-v2/service/networkmanager v1.40.5/go.mod h1:nikytN6kEOGDn0q0o2NzpF93khMy4sO69ZVnh7D0owM= github.com/aws/aws-sdk-go-v2/service/networkmonitor v1.13.4 h1:PmyRpUoTfR2J1CfvGB2qz6kBiOROgDoR95N6CWG2SbA= @@ -1849,8 +1849,8 @@ github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6 h1:MsffOU8pULJVmQ github.com/aws/aws-sdk-go-v2/service/observabilityadmin v1.8.6/go.mod h1:2GvP5es3RAok0PA4Fx95x5fJ0Xn7muSESZFHw1vp1BM= github.com/aws/aws-sdk-go-v2/service/odb v1.5.6 h1:JLUu5UEdUX210Ojg5uTjzeRw5auZe6/10dd1vuCFlso= github.com/aws/aws-sdk-go-v2/service/odb v1.5.6/go.mod h1:jhCkBILzvRrCEyX2Wl+xn2BOBmrBedW7On1p1gzf3rA= -github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2 h1:fqcuJ3Pz8M2oPxOw4obh1Ua8jOfSkH2YEtSHFk7/Alg= -github.com/aws/aws-sdk-go-v2/service/opensearch v1.53.2/go.mod h1:iVj8M5s79sFaX4eWUnBihWn+7PPHSdmCH6EqWQoySE4= +github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0 h1:hN7HAN0qO5eLnh08ezJPfqsBBdNj6AWD7w5YQSLtYiM= +github.com/aws/aws-sdk-go-v2/service/opensearch v1.54.0/go.mod h1:iVj8M5s79sFaX4eWUnBihWn+7PPHSdmCH6EqWQoySE4= github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4 h1:7ijoIap1uO5GkJR6lzllEYYJxYp31nGQbKuyCbMMCZs= github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.27.4/go.mod h1:oLdL9Vhmp6N8H/f8Ttak+0SdUKk1E7Iwe84z9doZ87Q= github.com/aws/aws-sdk-go-v2/service/organizations v1.46.4 h1:a8FVhpNC4CSPnlXcgHzyIxm2/8LpQ9F60WPV6+tyFmU= @@ -1863,8 +1863,8 @@ github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3 h1:Cws5mb47NYtq github.com/aws/aws-sdk-go-v2/service/paymentcryptography v1.26.3/go.mod h1:GqTw5UV5AIwHTpaKzHzt2KjETEO+hoBdIxbA/s7Fxzc= github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12 h1:VIxyAXmasuMqPn26ayhxZX6FK2yD+1iHHL0WDcGVIgk= github.com/aws/aws-sdk-go-v2/service/pcaconnectorad v1.15.12/go.mod h1:GeIQIKjm5JhrcR/BB7x5DWPo2Bfhfm+Ui4w8x5TFz0I= -github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6 h1:T82fxRex2+YuYTx/PbKNCpCfEJY9A5c3aM2A7+t+HFg= -github.com/aws/aws-sdk-go-v2/service/pcs v1.14.6/go.mod h1:lG3E3PuHFsK508yCPxHBtDoM7S5bVuZOCaqECHkEM64= +github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0 h1:jODJJvvzp3BtBc2rREK0foH2e8vyEhaCZ2z+nnOI/oE= +github.com/aws/aws-sdk-go-v2/service/pcs v1.15.0/go.mod h1:lG3E3PuHFsK508yCPxHBtDoM7S5bVuZOCaqECHkEM64= github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12 h1:fvCN4jZKj+gNhl/miNYBAs0OnVDKYwqrWLjpWdIV/zU= github.com/aws/aws-sdk-go-v2/service/pinpoint v1.39.12/go.mod h1:TmcGUQZpICbZKTvzURsi73eQMl/psfpgY/xse7pPf/4= github.com/aws/aws-sdk-go-v2/service/pinpointsmsvoicev2 v1.26.2 h1:LUeDu/bWhIz1eO8ANBlxcxm7bjv3BY6r4fF7p2CIDQE= @@ -1885,8 +1885,8 @@ github.com/aws/aws-sdk-go-v2/service/ram v1.34.13 h1:cr/kal5RvNdcBTmjjzOaRoBALpH github.com/aws/aws-sdk-go-v2/service/ram v1.34.13/go.mod h1:XVmWvCpgKVITq+ThzyDzJkCbVycgzv8P8KzdhwijsyQ= github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13 h1:NHQqKZhCNB6K7hNanxoMKZQ9ZSY7Osg9wJ/4JFmY4lU= github.com/aws/aws-sdk-go-v2/service/rbin v1.26.13/go.mod h1:HSYlwezMfkOFle385IG72Np892kUVbGvYsdM+BEG+9U= -github.com/aws/aws-sdk-go-v2/service/rds v1.108.9 h1:KUw21X9a29jsgnYQSl9P85ya5AbOlIM151e7/FgdPO8= -github.com/aws/aws-sdk-go-v2/service/rds v1.108.9/go.mod h1:mGQNxzRLKlj1cQU5uaMIjAhle0HkSeZDwoPfP+/nRYk= +github.com/aws/aws-sdk-go-v2/service/rds v1.109.0 h1:kAHatNQ1iaWVqVoFcZr5k0+o3dNSrnd+QZRFq4uTvZY= +github.com/aws/aws-sdk-go-v2/service/rds v1.109.0/go.mod h1:mGQNxzRLKlj1cQU5uaMIjAhle0HkSeZDwoPfP+/nRYk= github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0 h1:Kmh10uuGvak38mlg3FcveihltgP5rXbVcguCj9j3Ms8= github.com/aws/aws-sdk-go-v2/service/redshift v1.60.0/go.mod h1:nroSRWOCQNS3b/vooHNsxwT5KRXzO+A8ouHyKsQenRc= github.com/aws/aws-sdk-go-v2/service/redshiftdata v1.37.12 h1:oGiE4s2UAJmarRMSjui8/um4sqXnk2LFwPL+A1KV3UI= @@ -1901,12 +1901,12 @@ github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6 h1:kkoaQ06wQZ5Alq github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.22.6/go.mod h1:3A/lTLOEWLwbIFsOrriZuVdhibD0E4riboU0VaoV1mc= github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14 h1:257Y5fn4QZOqofLk8ckt9yJT8LV57lpDEHKO4lchu6U= github.com/aws/aws-sdk-go-v2/service/resourcegroups v1.33.14/go.mod h1:6k9FPdJPkYmyrO0PFg1R+k3Rw5RYJT4MGdNqvodIGGY= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13 h1:bgZMYv1wMOsV1ug0/Hx/rs4fxbcFVipvOAwgsbhIons= -github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.30.13/go.mod h1:+nL0z6xUm9NK9bOAkam66NQDgNH8Qa6T6SS3f8dkzXU= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0 h1:W8c1GPeHBlwIeuz+DuwvYaoRBrSDy1Cp8DwXIzXTAWg= +github.com/aws/aws-sdk-go-v2/service/resourcegroupstaggingapi v1.31.0/go.mod h1:+nL0z6xUm9NK9bOAkam66NQDgNH8Qa6T6SS3f8dkzXU= github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12 h1:voPlA/Poy1EatBhjehk4yVWnC+os9+Wn0VwxAB6aPzs= github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.21.12/go.mod h1:/WVeeJKvbKmaTWEtt7y2005MHRKlh+Ee5Nr3qmPMQpY= -github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5 h1:4Uy8lhrh4E9jS/MtmzjuEuvX7zOZTbNuPe+zkvtvRRU= -github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag= +github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0 h1:UlmdpHo/xdaEB/80wOqcBVkzsPdmct02FuOfg5Rrd3U= +github.com/aws/aws-sdk-go-v2/service/route53 v1.60.0/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag= github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10 h1:+eeUZjA6+GoTYmFjOlfx21du3eljT6fea39jI3TWjDw= github.com/aws/aws-sdk-go-v2/service/route53domains v1.34.10/go.mod h1:lxTo/orhKjYQIgzo0ED2KQyU5yC7zPw6vgImZBp5Opc= github.com/aws/aws-sdk-go-v2/service/route53profiles v1.9.12 h1:6W3ERfxp0q+oNMinc59z4Uzcd5vDC4NOsIxFl71CNmI= @@ -1915,12 +1915,12 @@ github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5 h1:hT6 github.com/aws/aws-sdk-go-v2/service/route53recoverycontrolconfig v1.32.5/go.mod h1:uuKkzsDRNyxWABenHqS3Ms7KoEUf+3EHsNCnMBVMslo= github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12 h1:Iury32NIQy7GGFzQzPAUJlydeeo6O+Gf1iheLW8Ax9Y= github.com/aws/aws-sdk-go-v2/service/route53recoveryreadiness v1.26.12/go.mod h1:FPoma320xUxwC7BRaqJPYjpyIgbuxrAF//JdP9ybfjQ= -github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12 h1:6wIe7NqUr7//uLEra4C3Nj+qBYDgkZGuOSkKbAHk6LU= -github.com/aws/aws-sdk-go-v2/service/route53resolver v1.40.12/go.mod h1:RtTRuj33VUDMd7i7eDEuhX2x69JWtPkWODE2b2TeiS4= -github.com/aws/aws-sdk-go-v2/service/rum v1.29.4 h1:BovZ2M7ho3rbf66dp8Qw/0nGFQgeGofU30Svst1rrew= -github.com/aws/aws-sdk-go-v2/service/rum v1.29.4/go.mod h1:aoij2zkJWvNtGzPvyaOZtNazKNjMBEVOmdDystHnh8g= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 h1:DhdbtDl4FdNlj31+xiRXANxEE+eC7n8JQz+/ilwQ8Uc= -github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= +github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0 h1:8dRPme2++LKhXPTD3VbiCGkwZ1tfPgwjkFwhpiMF1Yk= +github.com/aws/aws-sdk-go-v2/service/route53resolver v1.41.0/go.mod h1:RtTRuj33VUDMd7i7eDEuhX2x69JWtPkWODE2b2TeiS4= +github.com/aws/aws-sdk-go-v2/service/rum v1.30.0 h1:EVwrOhq7sTe0luu/k/blau3VyU4ub/Mkw8yuTbF4yuU= +github.com/aws/aws-sdk-go-v2/service/rum v1.30.0/go.mod h1:aoij2zkJWvNtGzPvyaOZtNazKNjMBEVOmdDystHnh8g= +github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0 h1:b8FQI84BFRqCHjInLKS7bo+iSH8oVJ9C2noKC2H3jwY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.91.0/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw= github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9 h1:1GWUaLfzsa0AzsRQW3KUNkO1ZnD7ngR1aPedX9HwqxY= github.com/aws/aws-sdk-go-v2/service/s3control v1.66.9/go.mod h1:c+ERB7DbWT1uR6QvBn7W0gB2YczXacCEoLegFLwPAE8= github.com/aws/aws-sdk-go-v2/service/s3outposts v1.34.3 h1:iCv2rBKUo+ZbWwZW+/sEjmAX+X0HsT9bgs9DqORRaPc= @@ -1929,14 +1929,14 @@ github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0 h1:11XumI/hI9fLn3MXs0rAAzU github.com/aws/aws-sdk-go-v2/service/s3tables v1.12.0/go.mod h1:t1l6loaBQWttife9bosS3OspbGv+CP18UbGxMIQie4A= github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2 h1:QX1IetutOdnutzPJ+FD9YnkguYqnIKGv9wDcZLaphWM= github.com/aws/aws-sdk-go-v2/service/s3vectors v1.5.2/go.mod h1:+sgMaDJqPLY3w2QXsvbhgSlvIaQ4+4cYk6Cdp388Swg= -github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0 h1:jssTKZCJOasRgX5tOAFAJW31FbecOfmodXXB4HxrQzk= -github.com/aws/aws-sdk-go-v2/service/sagemaker v1.222.0/go.mod h1:JnrlXHI1oM/gVNI0/NH1Ru4UZr4sWx/WZclCsJtbmCM= +github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0 h1:HJdoaripEfZVveELxCCgNdMsRXc9/5zNNMpr++nB2Lk= +github.com/aws/aws-sdk-go-v2/service/sagemaker v1.224.0/go.mod h1:JnrlXHI1oM/gVNI0/NH1Ru4UZr4sWx/WZclCsJtbmCM= github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12 h1:VOBt5H2SeS7yGq7YIOp38dW2cLeEMjIULi68tvP6iE0= github.com/aws/aws-sdk-go-v2/service/scheduler v1.17.12/go.mod h1:UohrBXfiKjUlaqaMzj3jtBBfrNFSCjq+LLwDbtsvAIo= github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3 h1:s+siGYfqvmOJGiQJRRz/eUzsDJDZoQ6oN3F5m+AEL0I= github.com/aws/aws-sdk-go-v2/service/schemas v1.34.3/go.mod h1:ipui3c5k/ozPT734rqfqsFgieDEny9ABk4sp7zCWjkM= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13 h1:fObpETM4TWD58Uqp9QiMVnYP7gT/IT3r/D+5m/K5MdI= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.39.13/go.mod h1:QgVIY03/XoQs2iFr0MbQuQ/Tf1RwlkOvuySWMh1wph4= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0 h1:Wm8i2WjGbemRw3adxuKQAbzi3Uq7DgynajCxVnKGQyQ= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.40.0/go.mod h1:QgVIY03/XoQs2iFr0MbQuQ/Tf1RwlkOvuySWMh1wph4= github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4 h1:PkMuUN9eBC5BrK3msGCz5lajFeCjG8qBJsK3e81pUzo= github.com/aws/aws-sdk-go-v2/service/securityhub v1.65.4/go.mod h1:QaXNTOs7OkNR7y9uFWajUymXwUh28Q7cTz3tqWiE6sc= github.com/aws/aws-sdk-go-v2/service/securitylake v1.25.4 h1:8wd+JhD0YwePy+QiMLpm/jMwNKhN6SdCZTJtB/nDiWI= @@ -1955,8 +1955,8 @@ github.com/aws/aws-sdk-go-v2/service/ses v1.34.11 h1:DZpXGSoAP6ZB0//dl31ZkRCrEVw github.com/aws/aws-sdk-go-v2/service/ses v1.34.11/go.mod h1:CeGX4LAFCsrBp24qazKmO/dwxghNCGbAoTbi64dGSEM= github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4 h1:T8XudbCBzHztu2uYYUzlAQhSMxWJVk7zya/7/RLocZE= github.com/aws/aws-sdk-go-v2/service/sesv2 v1.54.4/go.mod h1:uxpQTTvKs2FUajNzmQic0lqMB5X0zjX8jpalkvkhIQI= -github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13 h1:5fNvCSe8ZIRoyoYpiio2bJ+wK2yKUbABYD5du+XEGT8= -github.com/aws/aws-sdk-go-v2/service/sfn v1.39.13/go.mod h1:fhG61r7sW7WsxXcZAips5CFQta1i2sQwRaEQeQwSrks= +github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0 h1:nbTZ7tF36OMkm6anz5M35t9iqRKYGSInHCrHRWMvQQE= +github.com/aws/aws-sdk-go-v2/service/sfn v1.40.0/go.mod h1:fhG61r7sW7WsxXcZAips5CFQta1i2sQwRaEQeQwSrks= github.com/aws/aws-sdk-go-v2/service/shield v1.34.12 h1:+TCfMnn82wi0zO4NzoqRNHlFIwWn0nQVGYxUZggnSFM= github.com/aws/aws-sdk-go-v2/service/shield v1.34.12/go.mod h1:6B2EvRYLO2QsWbNoEsxazaKhVufZBDPApqPkpQ2arJI= github.com/aws/aws-sdk-go-v2/service/signer v1.31.12 h1:HieRc7Lr0KPod0rv7dIa3F51/cGcV5yYCaUZNocJ6SA= @@ -1983,8 +1983,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 h1:gTsnx0xXNQ6SBbymoDvcoRHL github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo= github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4 h1:bz3k661WLBZIXESAlqqumtcYSQp2m8rjT8m1/b0QLUE= github.com/aws/aws-sdk-go-v2/service/storagegateway v1.43.4/go.mod h1:JKIFhh/dRv/Ft85RarJH3G3ewl419X6gmD/1fEXjDnI= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 h1:HK5ON3KmQV2HcAunnx4sKLB9aPf3gKGwVAf7xnx0QT0= -github.com/aws/aws-sdk-go-v2/service/sts v1.40.2/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.0 h1:JoO/STlEltv5nSbzbg709MLNW0/BWgyK2t/R9OWcCyQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.0/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk= github.com/aws/aws-sdk-go-v2/service/swf v1.33.6 h1:VsuWtkucF7FwWd7cBXwXPx5BOU853UEws1maHKmY0iQ= github.com/aws/aws-sdk-go-v2/service/swf v1.33.6/go.mod h1:mmUGhXHOTZ0YLexnps/Zn0u5T+p9QkpGRpXuf5L2b7A= github.com/aws/aws-sdk-go-v2/service/synthetics v1.42.4 h1:XO316jX9V7JywHSsmjhgp19K0NUzFAXbGRUSIl5zABU= @@ -2009,16 +2009,16 @@ github.com/aws/aws-sdk-go-v2/service/waf v1.30.11 h1:Lq4PpRIWw/3HSansKRRhycylCwp github.com/aws/aws-sdk-go-v2/service/waf v1.30.11/go.mod h1:/wwPzZRBcPxG/kAOAzei/UX/FKo2H+aZcx0x99xJPpA= github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12 h1:kkie0K7P3VOnwJhaaofC4lbJpc82e3rbGKmXW+PjhHE= github.com/aws/aws-sdk-go-v2/service/wafregional v1.30.12/go.mod h1:eaFrizONYIw5QJPDxoBUr8NNM21ISTZDjFhkGVt4NZY= -github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2 h1:r7VvhLQqVmdjwxOZPD9xO72kLKo/lQyQTCXHgWWNuf0= -github.com/aws/aws-sdk-go-v2/service/wafv2 v1.69.2/go.mod h1:RtLkquPOQfQASVPWLuXr4hJgaZ5ChNq7eWahkj/CoCQ= +github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0 h1:mZMnchrgTVjUinijiTKDh0tvz5HhzAoMXfIjOAWpdB4= +github.com/aws/aws-sdk-go-v2/service/wafv2 v1.70.0/go.mod h1:RtLkquPOQfQASVPWLuXr4hJgaZ5ChNq7eWahkj/CoCQ= github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12 h1:niwCZWFfIaglbSRA1Cbc7fMCOfsmAfeaWX8ll25sfOI= github.com/aws/aws-sdk-go-v2/service/wellarchitected v1.39.12/go.mod h1:t6nyl94d8gQdt34LEo0SH4uGPNruy0T3oMaxcOHdWUU= github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10 h1:lznZYmkvDu6gHqSKpornaZw2WCwYDN/NYSpfziIgsr8= github.com/aws/aws-sdk-go-v2/service/workmail v1.36.10/go.mod h1:JW6rMNuboHOnWx7I1fZfHAG1kcUiBZfTkZuD69oNw2w= github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4 h1:yX/JSkp/zildXMrGuqm7VRUn+S8an7dZt0Jyy8L6DVg= github.com/aws/aws-sdk-go-v2/service/workspaces v1.64.4/go.mod h1:TmJI48Dm4ftRxBmMoZOeC8Et2WEStJoPpv8BoXZ/eZw= -github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5 h1:GfSUfJZ6hKliKeaAGbFDREHxb63OGFu4l4h1jDN+viA= -github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.33.5/go.mod h1:V4nPCxgIBn6Yf5JhnI3Cs0iKVTB+wkzXG8fEGYqLYkU= +github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0 h1:gfDV7Oa2SA+xTJxWZwPiGF/aBew2/OVIGRZ1qipeZ6Q= +github.com/aws/aws-sdk-go-v2/service/workspacesweb v1.34.0/go.mod h1:V4nPCxgIBn6Yf5JhnI3Cs0iKVTB+wkzXG8fEGYqLYkU= github.com/aws/aws-sdk-go-v2/service/xray v1.36.11 h1:K0g9kBUVHv8da1OpfeLbvteZyTy2dUWBO2ZfwYXw1D8= github.com/aws/aws-sdk-go-v2/service/xray v1.36.11/go.mod h1:JghyUyM7u0syGGk+S5Res2mLfceuyLigCgtcrpsEESM= github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM= @@ -3270,8 +3270,8 @@ golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632 golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8= -golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU= -golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc= +golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= +golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= diff --git a/provider/replacements.json b/provider/replacements.json index f2686808d82..3f0e22a634a 100644 --- a/provider/replacements.json +++ b/provider/replacements.json @@ -1455,6 +1455,10 @@ { "old": "Invokes an AWS Lambda Function and returns its results. Use this data source to execute Lambda functions during Terraform operations and use their results in other resources or outputs.\n", "new": "Invokes an AWS Lambda Function and returns its results. Use this data source to execute Lambda functions during Pulumi operations and use their results in other resources or outputs.\n" + }, + { + "old": "Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function.\n", + "new": "Because it is not possible to retrieve previous invocations, during the next apply `TODO` will update the resource calling again the function.\n" } ], "lambda_layer_version.html.markdown": [ diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionArgs.cs index 62e043f95f7..4c397cfaf8d 100644 --- a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionArgs.cs +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionArgs.cs @@ -36,6 +36,12 @@ public sealed class ListenerDefaultActionArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// @@ -55,7 +61,7 @@ public sealed class ListenerDefaultActionArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionGetArgs.cs index 0b2d4b5a2f5..c0e5ff6739e 100644 --- a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionGetArgs.cs +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionGetArgs.cs @@ -36,6 +36,12 @@ public sealed class ListenerDefaultActionGetArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// @@ -55,7 +61,7 @@ public sealed class ListenerDefaultActionGetArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs new file mode 100644 index 00000000000..a9ece4c323f --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationAdditionalClaimArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerDefaultActionJwtValidationAdditionalClaimArgs() + { + } + public static new ListenerDefaultActionJwtValidationAdditionalClaimArgs Empty => new ListenerDefaultActionJwtValidationAdditionalClaimArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs new file mode 100644 index 00000000000..d9cdbc709c8 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationAdditionalClaimGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerDefaultActionJwtValidationAdditionalClaimGetArgs() + { + } + public static new ListenerDefaultActionJwtValidationAdditionalClaimGetArgs Empty => new ListenerDefaultActionJwtValidationAdditionalClaimGetArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationArgs.cs new file mode 100644 index 00000000000..63f27fbc9b6 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationArgs.cs @@ -0,0 +1,46 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerDefaultActionJwtValidationArgs() + { + } + public static new ListenerDefaultActionJwtValidationArgs Empty => new ListenerDefaultActionJwtValidationArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs new file mode 100644 index 00000000000..77c2f1e3117 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs @@ -0,0 +1,46 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationGetArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerDefaultActionJwtValidationGetArgs() + { + } + public static new ListenerDefaultActionJwtValidationGetArgs Empty => new ListenerDefaultActionJwtValidationGetArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionArgs.cs index 6deab52d5b4..8ddd8f9874d 100644 --- a/sdk/dotnet/Alb/Inputs/ListenerRuleActionArgs.cs +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionArgs.cs @@ -38,6 +38,12 @@ public sealed class ListenerRuleActionArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. /// The action with the lowest value for order is performed first. @@ -63,7 +69,7 @@ public sealed class ListenerRuleActionArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionGetArgs.cs index 4b045540778..34c04031a02 100644 --- a/sdk/dotnet/Alb/Inputs/ListenerRuleActionGetArgs.cs +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionGetArgs.cs @@ -38,6 +38,12 @@ public sealed class ListenerRuleActionGetArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. /// The action with the lowest value for order is performed first. @@ -63,7 +69,7 @@ public sealed class ListenerRuleActionGetArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs new file mode 100644 index 00000000000..bf98790e675 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationAdditionalClaimArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerRuleActionJwtValidationAdditionalClaimArgs() + { + } + public static new ListenerRuleActionJwtValidationAdditionalClaimArgs Empty => new ListenerRuleActionJwtValidationAdditionalClaimArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs new file mode 100644 index 00000000000..d29991952d7 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationAdditionalClaimGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerRuleActionJwtValidationAdditionalClaimGetArgs() + { + } + public static new ListenerRuleActionJwtValidationAdditionalClaimGetArgs Empty => new ListenerRuleActionJwtValidationAdditionalClaimGetArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationArgs.cs new file mode 100644 index 00000000000..3f973d61ee8 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerRuleActionJwtValidationArgs() + { + } + public static new ListenerRuleActionJwtValidationArgs Empty => new ListenerRuleActionJwtValidationArgs(); + } +} diff --git a/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationGetArgs.cs b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationGetArgs.cs new file mode 100644 index 00000000000..92b9b7f79a0 --- /dev/null +++ b/sdk/dotnet/Alb/Inputs/ListenerRuleActionJwtValidationGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationGetArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerRuleActionJwtValidationGetArgs() + { + } + public static new ListenerRuleActionJwtValidationGetArgs Empty => new ListenerRuleActionJwtValidationGetArgs(); + } +} diff --git a/sdk/dotnet/Alb/Listener.cs b/sdk/dotnet/Alb/Listener.cs index 05366095c42..9a3e53f8e85 100644 --- a/sdk/dotnet/Alb/Listener.cs +++ b/sdk/dotnet/Alb/Listener.cs @@ -295,6 +295,67 @@ namespace Pulumi.Aws.Alb /// }); /// ``` /// + /// ### JWT Validation Action + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var test = new Aws.LB.Listener("test", new() + /// { + /// LoadBalancerArn = testAwsLb.Id, + /// Protocol = "HTTPS", + /// Port = 443, + /// SslPolicy = "ELBSecurityPolicy-2016-08", + /// CertificateArn = testAwsIamServerCertificate.Arn, + /// DefaultActions = new[] + /// { + /// new Aws.LB.Inputs.ListenerDefaultActionArgs + /// { + /// Type = "jwt-validation", + /// JwtValidation = new Aws.LB.Inputs.ListenerDefaultActionJwtValidationArgs + /// { + /// Issuer = "https://example.com", + /// JwksEndpoint = "https://example.com/.well-known/jwks.json", + /// AdditionalClaims = new[] + /// { + /// new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs + /// { + /// Format = "string-array", + /// Name = "claim_name1", + /// Values = new[] + /// { + /// "value1", + /// "value2", + /// }, + /// }, + /// new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs + /// { + /// Format = "single-string", + /// Name = "claim_name2", + /// Values = new[] + /// { + /// "value1", + /// }, + /// }, + /// }, + /// }, + /// }, + /// new Aws.LB.Inputs.ListenerDefaultActionArgs + /// { + /// TargetGroupArn = testAwsLbTargetGroup.Id, + /// Type = "forward", + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ### Gateway Load Balancer Listener /// /// ```csharp diff --git a/sdk/dotnet/Alb/ListenerRule.cs b/sdk/dotnet/Alb/ListenerRule.cs index 7fec004e5fc..280f6f40b16 100644 --- a/sdk/dotnet/Alb/ListenerRule.cs +++ b/sdk/dotnet/Alb/ListenerRule.cs @@ -13,331 +13,6 @@ namespace Pulumi.Aws.Alb /// Provides a Load Balancer Listener Rule resource. /// /// > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical. - /// - /// ## Example Usage - /// - /// ```csharp - /// using System.Collections.Generic; - /// using System.Linq; - /// using Pulumi; - /// using Aws = Pulumi.Aws; - /// - /// return await Deployment.RunAsync(() => - /// { - /// var frontEnd = new Aws.LB.LoadBalancer("front_end"); - /// - /// var frontEndListener = new Aws.LB.Listener("front_end"); - /// - /// var @static = new Aws.LB.ListenerRule("static", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 100, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs - /// { - /// Values = new[] - /// { - /// "/static/*", - /// }, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "example.com", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Forward action - /// var hostBasedWeightedRouting = new Aws.LB.ListenerRule("host_based_weighted_routing", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 99, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "my-service.*.mycompany.io", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Weighted Forward action - /// var hostBasedRouting = new Aws.LB.ListenerRule("host_based_routing", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 99, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs - /// { - /// TargetGroups = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs - /// { - /// Arn = main.Arn, - /// Weight = 80, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs - /// { - /// Arn = canary.Arn, - /// Weight = 20, - /// }, - /// }, - /// Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs - /// { - /// Enabled = true, - /// Duration = 600, - /// }, - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "my-service.*.mycompany.io", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Redirect action - /// var redirectHttpToHttps = new Aws.LB.ListenerRule("redirect_http_to_https", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "redirect", - /// Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs - /// { - /// Port = "443", - /// Protocol = "HTTPS", - /// StatusCode = "HTTP_301", - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs - /// { - /// HttpHeaderName = "X-Forwarded-For", - /// Values = new[] - /// { - /// "192.168.1.*", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Fixed-response action - /// var healthCheck = new Aws.LB.ListenerRule("health_check", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "fixed-response", - /// FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs - /// { - /// ContentType = "text/plain", - /// MessageBody = "HEALTHY", - /// StatusCode = "200", - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// QueryStrings = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs - /// { - /// Key = "health", - /// Value = "check", - /// }, - /// new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs - /// { - /// Value = "bar", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Authenticate-cognito Action - /// var pool = new Aws.Cognito.UserPool("pool"); - /// - /// var client = new Aws.Cognito.UserPoolClient("client"); - /// - /// var domain = new Aws.Cognito.UserPoolDomain("domain"); - /// - /// var admin = new Aws.LB.ListenerRule("admin", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "authenticate-cognito", - /// AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs - /// { - /// UserPoolArn = pool.Arn, - /// UserPoolClientId = client.Id, - /// UserPoolDomain = domain.Domain, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// }); - /// - /// // Authenticate-oidc Action - /// var oidc = new Aws.LB.ListenerRule("oidc", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "authenticate-oidc", - /// AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs - /// { - /// AuthorizationEndpoint = "https://example.com/authorization_endpoint", - /// ClientId = "client_id", - /// ClientSecret = "client_secret", - /// Issuer = "https://example.com", - /// TokenEndpoint = "https://example.com/token_endpoint", - /// UserInfoEndpoint = "https://example.com/user_info_endpoint", - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// }); - /// - /// // With transform - /// var transform = new Aws.LB.ListenerRule("transform", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs - /// { - /// Values = new[] - /// { - /// "*", - /// }, - /// }, - /// }, - /// }, - /// Transforms = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleTransformArgs - /// { - /// Type = "host-header-rewrite", - /// HostHeaderRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs - /// { - /// Rewrite = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs - /// { - /// Regex = "^mywebsite-(.+).com$", - /// Replace = "internal.dev.$1.myweb.com", - /// }, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleTransformArgs - /// { - /// Type = "url-rewrite", - /// UrlRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigArgs - /// { - /// Rewrite = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs - /// { - /// Regex = "^/dp/([A-Za-z0-9]+)/?$", - /// Replace = "/product.php?id=$1", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// }); - /// ``` - /// - /// ## Import - /// - /// ### Identity Schema - /// - /// #### Required - /// - /// - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule. - /// - /// Using `pulumi import`, import rules using their ARN. For example: - /// - /// console - /// - /// % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b /// [AwsResourceType("aws:alb/listenerRule:ListenerRule")] public partial class ListenerRule : global::Pulumi.CustomResource diff --git a/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs new file mode 100644 index 00000000000..a0dad841e91 --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class GetListenerDefaultActionJwtValidationAdditionalClaimResult + { + public readonly string Format; + public readonly string Name; + public readonly ImmutableArray Values; + + [OutputConstructor] + private GetListenerDefaultActionJwtValidationAdditionalClaimResult( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationResult.cs b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationResult.cs new file mode 100644 index 00000000000..591447d1b9b --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionJwtValidationResult.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class GetListenerDefaultActionJwtValidationResult + { + public readonly ImmutableArray AdditionalClaims; + public readonly string Issuer; + public readonly string JwksEndpoint; + + [OutputConstructor] + private GetListenerDefaultActionJwtValidationResult( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionResult.cs b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionResult.cs index 2c312c9c01d..a3bd1036732 100644 --- a/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionResult.cs +++ b/sdk/dotnet/Alb/Outputs/GetListenerDefaultActionResult.cs @@ -17,6 +17,7 @@ public sealed class GetListenerDefaultActionResult public readonly ImmutableArray AuthenticateOidcs; public readonly ImmutableArray FixedResponses; public readonly ImmutableArray Forwards; + public readonly ImmutableArray JwtValidations; public readonly int Order; public readonly ImmutableArray Redirects; public readonly string TargetGroupArn; @@ -32,6 +33,8 @@ private GetListenerDefaultActionResult( ImmutableArray forwards, + ImmutableArray jwtValidations, + int order, ImmutableArray redirects, @@ -44,6 +47,7 @@ private GetListenerDefaultActionResult( AuthenticateOidcs = authenticateOidcs; FixedResponses = fixedResponses; Forwards = forwards; + JwtValidations = jwtValidations; Order = order; Redirects = redirects; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/Alb/Outputs/ListenerDefaultAction.cs b/sdk/dotnet/Alb/Outputs/ListenerDefaultAction.cs index 567fc51a88e..118b19390f2 100644 --- a/sdk/dotnet/Alb/Outputs/ListenerDefaultAction.cs +++ b/sdk/dotnet/Alb/Outputs/ListenerDefaultAction.cs @@ -30,6 +30,10 @@ public sealed class ListenerDefaultAction /// public readonly Outputs.ListenerDefaultActionForward? Forward; /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + public readonly Outputs.ListenerDefaultActionJwtValidation? JwtValidation; + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// public readonly int? Order; @@ -42,7 +46,7 @@ public sealed class ListenerDefaultAction /// public readonly string? TargetGroupArn; /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// @@ -58,6 +62,8 @@ private ListenerDefaultAction( Outputs.ListenerDefaultActionForward? forward, + Outputs.ListenerDefaultActionJwtValidation? jwtValidation, + int? order, Outputs.ListenerDefaultActionRedirect? redirect, @@ -70,6 +76,7 @@ private ListenerDefaultAction( AuthenticateOidc = authenticateOidc; FixedResponse = fixedResponse; Forward = forward; + JwtValidation = jwtValidation; Order = order; Redirect = redirect; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidation.cs b/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidation.cs new file mode 100644 index 00000000000..8b8dbe8856d --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidation.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class ListenerDefaultActionJwtValidation + { + /// + /// Repeatable configuration block for additional claims to validate. + /// + public readonly ImmutableArray AdditionalClaims; + /// + /// Issuer of the JWT. + /// + public readonly string Issuer; + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + public readonly string JwksEndpoint; + + [OutputConstructor] + private ListenerDefaultActionJwtValidation( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs b/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs new file mode 100644 index 00000000000..155b971b419 --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class ListenerDefaultActionJwtValidationAdditionalClaim + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + public readonly string Format; + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + public readonly string Name; + /// + /// List of expected values of the claim. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ListenerDefaultActionJwtValidationAdditionalClaim( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/Alb/Outputs/ListenerRuleAction.cs b/sdk/dotnet/Alb/Outputs/ListenerRuleAction.cs index a1caada7902..4b23250133a 100644 --- a/sdk/dotnet/Alb/Outputs/ListenerRuleAction.cs +++ b/sdk/dotnet/Alb/Outputs/ListenerRuleAction.cs @@ -32,6 +32,10 @@ public sealed class ListenerRuleAction /// public readonly Outputs.ListenerRuleActionForward? Forward; /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + public readonly Outputs.ListenerRuleActionJwtValidation? JwtValidation; + /// /// Order for the action. /// The action with the lowest value for order is performed first. /// Valid values are between `1` and `50000`. @@ -50,7 +54,7 @@ public sealed class ListenerRuleAction /// public readonly string? TargetGroupArn; /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// public readonly string Type; @@ -64,6 +68,8 @@ private ListenerRuleAction( Outputs.ListenerRuleActionForward? forward, + Outputs.ListenerRuleActionJwtValidation? jwtValidation, + int? order, Outputs.ListenerRuleActionRedirect? redirect, @@ -76,6 +82,7 @@ private ListenerRuleAction( AuthenticateOidc = authenticateOidc; FixedResponse = fixedResponse; Forward = forward; + JwtValidation = jwtValidation; Order = order; Redirect = redirect; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidation.cs b/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidation.cs new file mode 100644 index 00000000000..59505db08df --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidation.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class ListenerRuleActionJwtValidation + { + /// + /// Repeatable configuration block for additional claims to validate. + /// + public readonly ImmutableArray AdditionalClaims; + /// + /// Issuer of the JWT. + /// + public readonly string Issuer; + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + public readonly string JwksEndpoint; + + [OutputConstructor] + private ListenerRuleActionJwtValidation( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs b/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs new file mode 100644 index 00000000000..dafb35b68e2 --- /dev/null +++ b/sdk/dotnet/Alb/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Alb.Outputs +{ + + [OutputType] + public sealed class ListenerRuleActionJwtValidationAdditionalClaim + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + public readonly string Format; + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + public readonly string Name; + /// + /// List of expected values of the claim. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ListenerRuleActionJwtValidationAdditionalClaim( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.cs b/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.cs index 82d85629eaf..edeff7d1892 100644 --- a/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.cs +++ b/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Amp.Inputs public sealed class QueryLoggingConfigurationDestinationCloudwatchLogsArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of the CloudWatch log group to which query logs will be sent. + /// The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsGetArgs.cs b/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsGetArgs.cs index 4629082ba04..3559fe02e98 100644 --- a/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsGetArgs.cs +++ b/sdk/dotnet/Amp/Inputs/QueryLoggingConfigurationDestinationCloudwatchLogsGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Amp.Inputs public sealed class QueryLoggingConfigurationDestinationCloudwatchLogsGetArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of the CloudWatch log group to which query logs will be sent. + /// The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationArgs.cs b/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationArgs.cs index c7cec260d60..0ce651e4238 100644 --- a/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationArgs.cs +++ b/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Amp.Inputs public sealed class WorkspaceLoggingConfigurationArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. + /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationGetArgs.cs b/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationGetArgs.cs index f355e2c5522..74a9b013fc2 100644 --- a/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationGetArgs.cs +++ b/sdk/dotnet/Amp/Inputs/WorkspaceLoggingConfigurationGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Amp.Inputs public sealed class WorkspaceLoggingConfigurationGetArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. + /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Amp/Outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.cs b/sdk/dotnet/Amp/Outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.cs index 5d9551c743d..0f023f6b6cd 100644 --- a/sdk/dotnet/Amp/Outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.cs +++ b/sdk/dotnet/Amp/Outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Amp.Outputs public sealed class QueryLoggingConfigurationDestinationCloudwatchLogs { /// - /// The ARN of the CloudWatch log group to which query logs will be sent. + /// The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` /// public readonly string LogGroupArn; diff --git a/sdk/dotnet/Amp/Outputs/WorkspaceLoggingConfiguration.cs b/sdk/dotnet/Amp/Outputs/WorkspaceLoggingConfiguration.cs index d3ff8cd74cb..ac8952a6e5f 100644 --- a/sdk/dotnet/Amp/Outputs/WorkspaceLoggingConfiguration.cs +++ b/sdk/dotnet/Amp/Outputs/WorkspaceLoggingConfiguration.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Amp.Outputs public sealed class WorkspaceLoggingConfiguration { /// - /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. + /// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` /// public readonly string LogGroupArn; diff --git a/sdk/dotnet/Backup/LogicallyAirGappedVault.cs b/sdk/dotnet/Backup/LogicallyAirGappedVault.cs index 22d365fd053..7ca2218c401 100644 --- a/sdk/dotnet/Backup/LogicallyAirGappedVault.cs +++ b/sdk/dotnet/Backup/LogicallyAirGappedVault.cs @@ -51,6 +51,12 @@ public partial class LogicallyAirGappedVault : global::Pulumi.CustomResource [Output("arn")] public Output Arn { get; private set; } = null!; + /// + /// The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + /// + [Output("encryptionKeyArn")] + public Output EncryptionKeyArn { get; private set; } = null!; + /// /// Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. /// @@ -136,6 +142,12 @@ public static LogicallyAirGappedVault Get(string name, Input id, Logical public sealed class LogicallyAirGappedVaultArgs : global::Pulumi.ResourceArgs { + /// + /// The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + /// + [Input("encryptionKeyArn")] + public Input? EncryptionKeyArn { get; set; } + /// /// Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. /// @@ -189,6 +201,12 @@ public sealed class LogicallyAirGappedVaultState : global::Pulumi.ResourceArgs [Input("arn")] public Input? Arn { get; set; } + /// + /// The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + /// + [Input("encryptionKeyArn")] + public Input? EncryptionKeyArn { get; set; } + /// /// Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. /// diff --git a/sdk/dotnet/Bedrock/AgentcoreAgentRuntime.cs b/sdk/dotnet/Bedrock/AgentcoreAgentRuntime.cs index 7912f17f643..de7c0baee0b 100644 --- a/sdk/dotnet/Bedrock/AgentcoreAgentRuntime.cs +++ b/sdk/dotnet/Bedrock/AgentcoreAgentRuntime.cs @@ -171,6 +171,48 @@ namespace Pulumi.Aws.Bedrock /// }); /// ``` /// + /// ### Agent runtime artifact from S3 with Code Configuration + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.Bedrock.AgentcoreAgentRuntime("example", new() + /// { + /// AgentRuntimeName = "example_agent_runtime", + /// RoleArn = exampleAwsIamRole.Arn, + /// AgentRuntimeArtifact = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs + /// { + /// CodeConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs + /// { + /// EntryPoints = new[] + /// { + /// "main.py", + /// }, + /// Runtime = "PYTHON_3_13", + /// Code = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs + /// { + /// S3 = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args + /// { + /// Bucket = "example-bucket", + /// Prefix = "example-agent-runtime-code.zip", + /// }, + /// }, + /// }, + /// }, + /// NetworkConfiguration = new Aws.Bedrock.Inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs + /// { + /// NetworkMode = "PUBLIC", + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example: diff --git a/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.cs index 6bb56f37da6..3b44f11bd20 100644 --- a/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.cs @@ -12,6 +12,12 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs : global::Pulumi.ResourceArgs { + /// + /// Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + /// + [Input("customMetadataField")] + public Input? CustomMetadataField { get; set; } + /// /// Name of the field in which Amazon Bedrock stores metadata about the vector store. /// diff --git a/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingGetArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingGetArgs.cs index 8a0aa3e7a73..8a99609d443 100644 --- a/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingGetArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingGetArgs.cs @@ -12,6 +12,12 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingGetArgs : global::Pulumi.ResourceArgs { + /// + /// Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + /// + [Input("customMetadataField")] + public Input? CustomMetadataField { get; set; } + /// /// Name of the field in which Amazon Bedrock stores metadata about the vector store. /// diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.cs index d1cf53793cc..5f15a4caacc 100644 --- a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.cs @@ -13,7 +13,13 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactArgs : global::Pulumi.ResourceArgs { /// - /// Container configuration block. See `ContainerConfiguration` below. + /// Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `CodeConfiguration` below. + /// + [Input("codeConfiguration")] + public Input? CodeConfiguration { get; set; } + + /// + /// Container configuration block for the agent artifact. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `ContainerConfiguration` below. /// [Input("containerConfiguration")] public Input? ContainerConfiguration { get; set; } diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs.cs new file mode 100644 index 00000000000..dd5bab06a05 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration block for the source code location and configuration details. See `Code` below. + /// + [Input("code")] + public Input? Code { get; set; } + + [Input("entryPoints", required: true)] + private InputList? _entryPoints; + + /// + /// Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + /// + public InputList EntryPoints + { + get => _entryPoints ?? (_entryPoints = new InputList()); + set => _entryPoints = value; + } + + /// + /// Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + /// + [Input("runtime", required: true)] + public Input Runtime { get; set; } = null!; + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.cs new file mode 100644 index 00000000000..947acfb27cd --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `S3` below. + /// + [Input("s3")] + public Input? S3 { get; set; } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs.cs new file mode 100644 index 00000000000..4073a814b40 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `S3` below. + /// + [Input("s3")] + public Input? S3 { get; set; } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeGetArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.cs new file mode 100644 index 00000000000..99e8e619894 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args : global::Pulumi.ResourceArgs + { + /// + /// Name of the Amazon S3 bucket. + /// + [Input("bucket", required: true)] + public Input Bucket { get; set; } = null!; + + /// + /// Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + /// + [Input("prefix", required: true)] + public Input Prefix { get; set; } = null!; + + /// + /// Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + /// + [Input("versionId")] + public Input? VersionId { get; set; } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs.cs new file mode 100644 index 00000000000..901eaf7f5ff --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs : global::Pulumi.ResourceArgs + { + /// + /// Name of the Amazon S3 bucket. + /// + [Input("bucket", required: true)] + public Input Bucket { get; set; } = null!; + + /// + /// Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + /// + [Input("prefix", required: true)] + public Input Prefix { get; set; } = null!; + + /// + /// Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + /// + [Input("versionId")] + public Input? VersionId { get; set; } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3GetArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs.cs new file mode 100644 index 00000000000..2418a6db751 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Inputs +{ + + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration block for the source code location and configuration details. See `Code` below. + /// + [Input("code")] + public Input? Code { get; set; } + + [Input("entryPoints", required: true)] + private InputList? _entryPoints; + + /// + /// Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + /// + public InputList EntryPoints + { + get => _entryPoints ?? (_entryPoints = new InputList()); + set => _entryPoints = value; + } + + /// + /// Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + /// + [Input("runtime", required: true)] + public Input Runtime { get; set; } = null!; + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs() + { + } + public static new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs Empty => new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationGetArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactGetArgs.cs b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactGetArgs.cs index fb7c992f2bd..22601607a20 100644 --- a/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactGetArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactGetArgs.cs @@ -13,7 +13,13 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactGetArgs : global::Pulumi.ResourceArgs { /// - /// Container configuration block. See `ContainerConfiguration` below. + /// Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `CodeConfiguration` below. + /// + [Input("codeConfiguration")] + public Input? CodeConfiguration { get; set; } + + /// + /// Container configuration block for the agent artifact. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `ContainerConfiguration` below. /// [Input("containerConfiguration")] public Input? ContainerConfiguration { get; set; } diff --git a/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigArgs.cs b/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigArgs.cs index eb4e76347c1..0763a795f2c 100644 --- a/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigArgs.cs @@ -13,13 +13,61 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class GuardrailContentPolicyConfigFiltersConfigArgs : global::Pulumi.ResourceArgs { /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + [Input("inputAction")] + public Input? InputAction { get; set; } + + /// + /// Toggles guardrail evaluation on input. + /// + [Input("inputEnabled")] + public Input? InputEnabled { get; set; } + + [Input("inputModalities")] + private InputList? _inputModalities; + + /// + /// List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + /// + public InputList InputModalities + { + get => _inputModalities ?? (_inputModalities = new InputList()); + set => _inputModalities = value; + } + + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// [Input("inputStrength", required: true)] public Input InputStrength { get; set; } = null!; /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + [Input("outputAction")] + public Input? OutputAction { get; set; } + + /// + /// Toggles guardrail evaluation on output. + /// + [Input("outputEnabled")] + public Input? OutputEnabled { get; set; } + + [Input("outputModalities")] + private InputList? _outputModalities; + + /// + /// List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + /// + public InputList OutputModalities + { + get => _outputModalities ?? (_outputModalities = new InputList()); + set => _outputModalities = value; + } + + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// [Input("outputStrength", required: true)] public Input OutputStrength { get; set; } = null!; diff --git a/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigGetArgs.cs b/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigGetArgs.cs index 86419868873..e7c3a35a444 100644 --- a/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigGetArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/GuardrailContentPolicyConfigFiltersConfigGetArgs.cs @@ -13,13 +13,61 @@ namespace Pulumi.Aws.Bedrock.Inputs public sealed class GuardrailContentPolicyConfigFiltersConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + [Input("inputAction")] + public Input? InputAction { get; set; } + + /// + /// Toggles guardrail evaluation on input. + /// + [Input("inputEnabled")] + public Input? InputEnabled { get; set; } + + [Input("inputModalities")] + private InputList? _inputModalities; + + /// + /// List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + /// + public InputList InputModalities + { + get => _inputModalities ?? (_inputModalities = new InputList()); + set => _inputModalities = value; + } + + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// [Input("inputStrength", required: true)] public Input InputStrength { get; set; } = null!; /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + [Input("outputAction")] + public Input? OutputAction { get; set; } + + /// + /// Toggles guardrail evaluation on output. + /// + [Input("outputEnabled")] + public Input? OutputEnabled { get; set; } + + [Input("outputModalities")] + private InputList? _outputModalities; + + /// + /// List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + /// + public InputList OutputModalities + { + get => _outputModalities ?? (_outputModalities = new InputList()); + set => _outputModalities = value; + } + + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// [Input("outputStrength", required: true)] public Input OutputStrength { get; set; } = null!; diff --git a/sdk/dotnet/Bedrock/Outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.cs b/sdk/dotnet/Bedrock/Outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.cs index 3141fc6e98c..702c42c087d 100644 --- a/sdk/dotnet/Bedrock/Outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.cs +++ b/sdk/dotnet/Bedrock/Outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.cs @@ -13,6 +13,10 @@ namespace Pulumi.Aws.Bedrock.Outputs [OutputType] public sealed class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping { + /// + /// Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + /// + public readonly string? CustomMetadataField; /// /// Name of the field in which Amazon Bedrock stores metadata about the vector store. /// @@ -32,6 +36,8 @@ public sealed class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldM [OutputConstructor] private AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping( + string? customMetadataField, + string metadataField, string primaryKeyField, @@ -40,6 +46,7 @@ private AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping( string vectorField) { + CustomMetadataField = customMetadataField; MetadataField = metadataField; PrimaryKeyField = primaryKeyField; TextField = textField; diff --git a/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.cs b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.cs index c607449b3f3..d8291c6faff 100644 --- a/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.cs +++ b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.cs @@ -14,13 +14,21 @@ namespace Pulumi.Aws.Bedrock.Outputs public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifact { /// - /// Container configuration block. See `ContainerConfiguration` below. + /// Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `CodeConfiguration` below. + /// + public readonly Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration? CodeConfiguration; + /// + /// Container configuration block for the agent artifact. Exactly one of `CodeConfiguration` or `ContainerConfiguration` must be specified. See `ContainerConfiguration` below. /// public readonly Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration? ContainerConfiguration; [OutputConstructor] - private AgentcoreAgentRuntimeAgentRuntimeArtifact(Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration? containerConfiguration) + private AgentcoreAgentRuntimeAgentRuntimeArtifact( + Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration? codeConfiguration, + + Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration? containerConfiguration) { + CodeConfiguration = codeConfiguration; ContainerConfiguration = containerConfiguration; } } diff --git a/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.cs new file mode 100644 index 00000000000..3e98d475559 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Outputs +{ + + [OutputType] + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration + { + /// + /// Configuration block for the source code location and configuration details. See `Code` below. + /// + public readonly Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode? Code; + /// + /// Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + /// + public readonly ImmutableArray EntryPoints; + /// + /// Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + /// + public readonly string Runtime; + + [OutputConstructor] + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration( + Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode? code, + + ImmutableArray entryPoints, + + string runtime) + { + Code = code; + EntryPoints = entryPoints; + Runtime = runtime; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.cs b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.cs new file mode 100644 index 00000000000..5f8e68e73d5 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Outputs +{ + + [OutputType] + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode + { + /// + /// Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `S3` below. + /// + public readonly Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3? S3; + + [OutputConstructor] + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode(Outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3? s3) + { + S3 = s3; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.cs b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.cs new file mode 100644 index 00000000000..d87527e355b --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Bedrock.Outputs +{ + + [OutputType] + public sealed class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 + { + /// + /// Name of the Amazon S3 bucket. + /// + public readonly string Bucket; + /// + /// Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + /// + public readonly string Prefix; + /// + /// Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + /// + public readonly string? VersionId; + + [OutputConstructor] + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3( + string bucket, + + string prefix, + + string? versionId) + { + Bucket = bucket; + Prefix = prefix; + VersionId = versionId; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/GuardrailContentPolicyConfigFiltersConfig.cs b/sdk/dotnet/Bedrock/Outputs/GuardrailContentPolicyConfigFiltersConfig.cs index 3598cc6e2eb..d387b1b3335 100644 --- a/sdk/dotnet/Bedrock/Outputs/GuardrailContentPolicyConfigFiltersConfig.cs +++ b/sdk/dotnet/Bedrock/Outputs/GuardrailContentPolicyConfigFiltersConfig.cs @@ -14,11 +14,35 @@ namespace Pulumi.Aws.Bedrock.Outputs public sealed class GuardrailContentPolicyConfigFiltersConfig { /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + public readonly string? InputAction; + /// + /// Toggles guardrail evaluation on input. + /// + public readonly bool? InputEnabled; + /// + /// List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + /// + public readonly ImmutableArray InputModalities; + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// public readonly string InputStrength; /// - /// Strength for filters. + /// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + /// + public readonly string? OutputAction; + /// + /// Toggles guardrail evaluation on output. + /// + public readonly bool? OutputEnabled; + /// + /// List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + /// + public readonly ImmutableArray OutputModalities; + /// + /// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. /// public readonly string OutputStrength; /// @@ -28,13 +52,31 @@ public sealed class GuardrailContentPolicyConfigFiltersConfig [OutputConstructor] private GuardrailContentPolicyConfigFiltersConfig( + string? inputAction, + + bool? inputEnabled, + + ImmutableArray inputModalities, + string inputStrength, + string? outputAction, + + bool? outputEnabled, + + ImmutableArray outputModalities, + string outputStrength, string type) { + InputAction = inputAction; + InputEnabled = inputEnabled; + InputModalities = inputModalities; InputStrength = inputStrength; + OutputAction = outputAction; + OutputEnabled = outputEnabled; + OutputModalities = outputModalities; OutputStrength = outputStrength; Type = type; } diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionArgs.cs new file mode 100644 index 00000000000..abb9f8cfbca --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionArgs : global::Pulumi.ResourceArgs + { + /// + /// Dimension to use for `Expression`. Refer to #dimensions for more details. + /// + [Input("dimensions")] + public Input? Dimensions { get; set; } + + [Input("tags")] + private InputList? _tags; + + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + public InputList Tags + { + get => _tags ?? (_tags = new InputList()); + set => _tags = value; + } + + /// + /// Time range to use for `Expression`. Refer to #time-range for more details. + /// + [Input("timeRange")] + public Input? TimeRange { get; set; } + + public ViewDataFilterExpressionArgs() + { + } + public static new ViewDataFilterExpressionArgs Empty => new ViewDataFilterExpressionArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsArgs.cs new file mode 100644 index 00000000000..17dacf0e5f1 --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionDimensionsArgs : global::Pulumi.ResourceArgs + { + /// + /// Key of the dimension. Possible values are `LINKED_ACCOUNT`. + /// + [Input("key", required: true)] + public Input Key { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of metadata values that you can use to filter and group your results. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ViewDataFilterExpressionDimensionsArgs() + { + } + public static new ViewDataFilterExpressionDimensionsArgs Empty => new ViewDataFilterExpressionDimensionsArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsGetArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsGetArgs.cs new file mode 100644 index 00000000000..2bba6ab4736 --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionDimensionsGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionDimensionsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Key of the dimension. Possible values are `LINKED_ACCOUNT`. + /// + [Input("key", required: true)] + public Input Key { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of metadata values that you can use to filter and group your results. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ViewDataFilterExpressionDimensionsGetArgs() + { + } + public static new ViewDataFilterExpressionDimensionsGetArgs Empty => new ViewDataFilterExpressionDimensionsGetArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionGetArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionGetArgs.cs new file mode 100644 index 00000000000..d6e5a481fed --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Dimension to use for `Expression`. Refer to #dimensions for more details. + /// + [Input("dimensions")] + public Input? Dimensions { get; set; } + + [Input("tags")] + private InputList? _tags; + + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + public InputList Tags + { + get => _tags ?? (_tags = new InputList()); + set => _tags = value; + } + + /// + /// Time range to use for `Expression`. Refer to #time-range for more details. + /// + [Input("timeRange")] + public Input? TimeRange { get; set; } + + public ViewDataFilterExpressionGetArgs() + { + } + public static new ViewDataFilterExpressionGetArgs Empty => new ViewDataFilterExpressionGetArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagArgs.cs new file mode 100644 index 00000000000..938b8e44701 --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionTagArgs : global::Pulumi.ResourceArgs + { + /// + /// Key of the tag. + /// + [Input("key", required: true)] + public Input Key { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of values for the tag. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ViewDataFilterExpressionTagArgs() + { + } + public static new ViewDataFilterExpressionTagArgs Empty => new ViewDataFilterExpressionTagArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagGetArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagGetArgs.cs new file mode 100644 index 00000000000..3bdbf59c98a --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTagGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionTagGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Key of the tag. + /// + [Input("key", required: true)] + public Input Key { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of values for the tag. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ViewDataFilterExpressionTagGetArgs() + { + } + public static new ViewDataFilterExpressionTagGetArgs Empty => new ViewDataFilterExpressionTagGetArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeArgs.cs new file mode 100644 index 00000000000..ac2af90c2dd --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionTimeRangeArgs : global::Pulumi.ResourceArgs + { + /// + /// Inclusive end date of the time range. + /// + [Input("beginDateInclusive", required: true)] + public Input BeginDateInclusive { get; set; } = null!; + + [Input("endDateInclusive", required: true)] + public Input EndDateInclusive { get; set; } = null!; + + public ViewDataFilterExpressionTimeRangeArgs() + { + } + public static new ViewDataFilterExpressionTimeRangeArgs Empty => new ViewDataFilterExpressionTimeRangeArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeGetArgs.cs b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeGetArgs.cs new file mode 100644 index 00000000000..aaa753b2c8c --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewDataFilterExpressionTimeRangeGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewDataFilterExpressionTimeRangeGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Inclusive end date of the time range. + /// + [Input("beginDateInclusive", required: true)] + public Input BeginDateInclusive { get; set; } = null!; + + [Input("endDateInclusive", required: true)] + public Input EndDateInclusive { get; set; } = null!; + + public ViewDataFilterExpressionTimeRangeGetArgs() + { + } + public static new ViewDataFilterExpressionTimeRangeGetArgs Empty => new ViewDataFilterExpressionTimeRangeGetArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewTimeoutsArgs.cs b/sdk/dotnet/Billing/Inputs/ViewTimeoutsArgs.cs new file mode 100644 index 00000000000..43a5ac98fb6 --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewTimeoutsArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewTimeoutsArgs : global::Pulumi.ResourceArgs + { + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + [Input("create")] + public Input? Create { get; set; } + + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + /// + [Input("delete")] + public Input? Delete { get; set; } + + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + [Input("update")] + public Input? Update { get; set; } + + public ViewTimeoutsArgs() + { + } + public static new ViewTimeoutsArgs Empty => new ViewTimeoutsArgs(); + } +} diff --git a/sdk/dotnet/Billing/Inputs/ViewTimeoutsGetArgs.cs b/sdk/dotnet/Billing/Inputs/ViewTimeoutsGetArgs.cs new file mode 100644 index 00000000000..677bfdfe561 --- /dev/null +++ b/sdk/dotnet/Billing/Inputs/ViewTimeoutsGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Inputs +{ + + public sealed class ViewTimeoutsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + [Input("create")] + public Input? Create { get; set; } + + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + /// + [Input("delete")] + public Input? Delete { get; set; } + + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + [Input("update")] + public Input? Update { get; set; } + + public ViewTimeoutsGetArgs() + { + } + public static new ViewTimeoutsGetArgs Empty => new ViewTimeoutsGetArgs(); + } +} diff --git a/sdk/dotnet/Billing/Outputs/ViewDataFilterExpression.cs b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpression.cs new file mode 100644 index 00000000000..8c4c301394f --- /dev/null +++ b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpression.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Outputs +{ + + [OutputType] + public sealed class ViewDataFilterExpression + { + /// + /// Dimension to use for `Expression`. Refer to #dimensions for more details. + /// + public readonly Outputs.ViewDataFilterExpressionDimensions? Dimensions; + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + public readonly ImmutableArray Tags; + /// + /// Time range to use for `Expression`. Refer to #time-range for more details. + /// + public readonly Outputs.ViewDataFilterExpressionTimeRange? TimeRange; + + [OutputConstructor] + private ViewDataFilterExpression( + Outputs.ViewDataFilterExpressionDimensions? dimensions, + + ImmutableArray tags, + + Outputs.ViewDataFilterExpressionTimeRange? timeRange) + { + Dimensions = dimensions; + Tags = tags; + TimeRange = timeRange; + } + } +} diff --git a/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionDimensions.cs b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionDimensions.cs new file mode 100644 index 00000000000..40eb7fc0a19 --- /dev/null +++ b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionDimensions.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Outputs +{ + + [OutputType] + public sealed class ViewDataFilterExpressionDimensions + { + /// + /// Key of the dimension. Possible values are `LINKED_ACCOUNT`. + /// + public readonly string Key; + /// + /// List of metadata values that you can use to filter and group your results. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ViewDataFilterExpressionDimensions( + string key, + + ImmutableArray values) + { + Key = key; + Values = values; + } + } +} diff --git a/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTag.cs b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTag.cs new file mode 100644 index 00000000000..ec516319ae4 --- /dev/null +++ b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTag.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Outputs +{ + + [OutputType] + public sealed class ViewDataFilterExpressionTag + { + /// + /// Key of the tag. + /// + public readonly string Key; + /// + /// List of values for the tag. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ViewDataFilterExpressionTag( + string key, + + ImmutableArray values) + { + Key = key; + Values = values; + } + } +} diff --git a/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTimeRange.cs b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTimeRange.cs new file mode 100644 index 00000000000..8419330ec20 --- /dev/null +++ b/sdk/dotnet/Billing/Outputs/ViewDataFilterExpressionTimeRange.cs @@ -0,0 +1,32 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Outputs +{ + + [OutputType] + public sealed class ViewDataFilterExpressionTimeRange + { + /// + /// Inclusive end date of the time range. + /// + public readonly string BeginDateInclusive; + public readonly string EndDateInclusive; + + [OutputConstructor] + private ViewDataFilterExpressionTimeRange( + string beginDateInclusive, + + string endDateInclusive) + { + BeginDateInclusive = beginDateInclusive; + EndDateInclusive = endDateInclusive; + } + } +} diff --git a/sdk/dotnet/Billing/Outputs/ViewTimeouts.cs b/sdk/dotnet/Billing/Outputs/ViewTimeouts.cs new file mode 100644 index 00000000000..104cf62eb4c --- /dev/null +++ b/sdk/dotnet/Billing/Outputs/ViewTimeouts.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing.Outputs +{ + + [OutputType] + public sealed class ViewTimeouts + { + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + public readonly string? Create; + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + /// + public readonly string? Delete; + /// + /// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + /// + public readonly string? Update; + + [OutputConstructor] + private ViewTimeouts( + string? create, + + string? delete, + + string? update) + { + Create = create; + Delete = delete; + Update = update; + } + } +} diff --git a/sdk/dotnet/Billing/View.cs b/sdk/dotnet/Billing/View.cs new file mode 100644 index 00000000000..92aaeff578c --- /dev/null +++ b/sdk/dotnet/Billing/View.cs @@ -0,0 +1,365 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Billing +{ + /// + /// Manages an AWS Billing View. + /// + /// ## Example Usage + /// + /// ### Basic Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.Billing.View("example", new() + /// { + /// Name = "example", + /// Description = "example description", + /// SourceViews = new[] + /// { + /// "arn:aws:billing::123456789012:billingview/example", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// Using `pulumi import`, import Billing View using the `arn`. For example: + /// + /// ```sh + /// $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example + /// ``` + /// + [AwsResourceType("aws:billing/view:View")] + public partial class View : global::Pulumi.CustomResource + { + /// + /// ARN of the View. + /// + [Output("arn")] + public Output Arn { get; private set; } = null!; + + /// + /// Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + /// + [Output("billingViewType")] + public Output BillingViewType { get; private set; } = null!; + + /// + /// Timestamp when the billing view was created. + /// + [Output("createdAt")] + public Output CreatedAt { get; private set; } = null!; + + /// + /// Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + /// + [Output("dataFilterExpression")] + public Output DataFilterExpression { get; private set; } = null!; + + /// + /// Number of billing views that use this billing view as a source. + /// + [Output("derivedViewCount")] + public Output DerivedViewCount { get; private set; } = null!; + + /// + /// Description of the custom billing view. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// Name of the custom billing view to be created. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// Account owner of the billing view. + /// + [Output("ownerAccountId")] + public Output OwnerAccountId { get; private set; } = null!; + + /// + /// AWS account ID that owns the source billing view, if this is a derived billing view. + /// + [Output("sourceAccountId")] + public Output SourceAccountId { get; private set; } = null!; + + /// + /// Number of source views associated with this billing view. + /// + [Output("sourceViewCount")] + public Output SourceViewCount { get; private set; } = null!; + + /// + /// List of ARNs of the source data views for the custom billing view. + /// + /// The following arguments are optional: + /// + [Output("sourceViews")] + public Output> SourceViews { get; private set; } = null!; + + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + [Output("tags")] + public Output?> Tags { get; private set; } = null!; + + /// + /// List of key value map specifying tags associated to the billing view. + /// + [Output("tagsAll")] + public Output> TagsAll { get; private set; } = null!; + + [Output("timeouts")] + public Output Timeouts { get; private set; } = null!; + + /// + /// Time when the billing view was last updated. + /// + [Output("updatedAt")] + public Output UpdatedAt { get; private set; } = null!; + + /// + /// Timestamp of when the billing view definition was last updated. + /// + [Output("viewDefinitionLastUpdatedAt")] + public Output ViewDefinitionLastUpdatedAt { get; private set; } = null!; + + + /// + /// Create a View resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public View(string name, ViewArgs? args = null, CustomResourceOptions? options = null) + : base("aws:billing/view:View", name, args ?? new ViewArgs(), MakeResourceOptions(options, "")) + { + } + + private View(string name, Input id, ViewState? state = null, CustomResourceOptions? options = null) + : base("aws:billing/view:View", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing View resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static View Get(string name, Input id, ViewState? state = null, CustomResourceOptions? options = null) + { + return new View(name, id, state, options); + } + } + + public sealed class ViewArgs : global::Pulumi.ResourceArgs + { + /// + /// Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + /// + [Input("dataFilterExpression")] + public Input? DataFilterExpression { get; set; } + + /// + /// Description of the custom billing view. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// Name of the custom billing view to be created. + /// + [Input("name")] + public Input? Name { get; set; } + + [Input("sourceViews")] + private InputList? _sourceViews; + + /// + /// List of ARNs of the source data views for the custom billing view. + /// + /// The following arguments are optional: + /// + public InputList SourceViews + { + get => _sourceViews ?? (_sourceViews = new InputList()); + set => _sourceViews = value; + } + + [Input("tags")] + private InputMap? _tags; + + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + + [Input("timeouts")] + public Input? Timeouts { get; set; } + + public ViewArgs() + { + } + public static new ViewArgs Empty => new ViewArgs(); + } + + public sealed class ViewState : global::Pulumi.ResourceArgs + { + /// + /// ARN of the View. + /// + [Input("arn")] + public Input? Arn { get; set; } + + /// + /// Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + /// + [Input("billingViewType")] + public Input? BillingViewType { get; set; } + + /// + /// Timestamp when the billing view was created. + /// + [Input("createdAt")] + public Input? CreatedAt { get; set; } + + /// + /// Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + /// + [Input("dataFilterExpression")] + public Input? DataFilterExpression { get; set; } + + /// + /// Number of billing views that use this billing view as a source. + /// + [Input("derivedViewCount")] + public Input? DerivedViewCount { get; set; } + + /// + /// Description of the custom billing view. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// Name of the custom billing view to be created. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// Account owner of the billing view. + /// + [Input("ownerAccountId")] + public Input? OwnerAccountId { get; set; } + + /// + /// AWS account ID that owns the source billing view, if this is a derived billing view. + /// + [Input("sourceAccountId")] + public Input? SourceAccountId { get; set; } + + /// + /// Number of source views associated with this billing view. + /// + [Input("sourceViewCount")] + public Input? SourceViewCount { get; set; } + + [Input("sourceViews")] + private InputList? _sourceViews; + + /// + /// List of ARNs of the source data views for the custom billing view. + /// + /// The following arguments are optional: + /// + public InputList SourceViews + { + get => _sourceViews ?? (_sourceViews = new InputList()); + set => _sourceViews = value; + } + + [Input("tags")] + private InputMap? _tags; + + /// + /// List of key value map specifying tags associated to the billing view being created. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + + [Input("tagsAll")] + private InputMap? _tagsAll; + + /// + /// List of key value map specifying tags associated to the billing view. + /// + public InputMap TagsAll + { + get => _tagsAll ?? (_tagsAll = new InputMap()); + set => _tagsAll = value; + } + + [Input("timeouts")] + public Input? Timeouts { get; set; } + + /// + /// Time when the billing view was last updated. + /// + [Input("updatedAt")] + public Input? UpdatedAt { get; set; } + + /// + /// Timestamp of when the billing view definition was last updated. + /// + [Input("viewDefinitionLastUpdatedAt")] + public Input? ViewDefinitionLastUpdatedAt { get; set; } + + public ViewState() + { + } + public static new ViewState Empty => new ViewState(); + } +} diff --git a/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetArgs.cs b/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetArgs.cs index 96c6536756f..279d79c3fc7 100644 --- a/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetArgs.cs +++ b/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.CodeStarNotifications.Inputs public sealed class NotificationRuleTargetArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of notification rule target. For example, a SNS Topic ARN. + /// The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. /// [Input("address", required: true)] public Input Address { get; set; } = null!; @@ -25,7 +25,7 @@ public sealed class NotificationRuleTargetArgs : global::Pulumi.ResourceArgs public Input? Status { get; set; } /// - /// The type of the notification target. Default value is `SNS`. + /// The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. /// [Input("type")] public Input? Type { get; set; } diff --git a/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetGetArgs.cs b/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetGetArgs.cs index 1899d683e20..cf7e875b168 100644 --- a/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetGetArgs.cs +++ b/sdk/dotnet/CodeStarNotifications/Inputs/NotificationRuleTargetGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.CodeStarNotifications.Inputs public sealed class NotificationRuleTargetGetArgs : global::Pulumi.ResourceArgs { /// - /// The ARN of notification rule target. For example, a SNS Topic ARN. + /// The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. /// [Input("address", required: true)] public Input Address { get; set; } = null!; @@ -25,7 +25,7 @@ public sealed class NotificationRuleTargetGetArgs : global::Pulumi.ResourceArgs public Input? Status { get; set; } /// - /// The type of the notification target. Default value is `SNS`. + /// The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. /// [Input("type")] public Input? Type { get; set; } diff --git a/sdk/dotnet/CodeStarNotifications/Outputs/NotificationRuleTarget.cs b/sdk/dotnet/CodeStarNotifications/Outputs/NotificationRuleTarget.cs index 18aa7a7ce0f..20b9a50f7c5 100644 --- a/sdk/dotnet/CodeStarNotifications/Outputs/NotificationRuleTarget.cs +++ b/sdk/dotnet/CodeStarNotifications/Outputs/NotificationRuleTarget.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.CodeStarNotifications.Outputs public sealed class NotificationRuleTarget { /// - /// The ARN of notification rule target. For example, a SNS Topic ARN. + /// The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. /// public readonly string Address; /// @@ -22,7 +22,7 @@ public sealed class NotificationRuleTarget /// public readonly string? Status; /// - /// The type of the notification target. Default value is `SNS`. + /// The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. /// public readonly string? Type; diff --git a/sdk/dotnet/Config/Config.cs b/sdk/dotnet/Config/Config.cs index 8993bb79bc9..13c28daf84b 100644 --- a/sdk/dotnet/Config/Config.cs +++ b/sdk/dotnet/Config/Config.cs @@ -317,6 +317,16 @@ public static string? StsRegion set => _stsRegion.Set(value); } + private static readonly __Value _tagPolicyCompliance = new __Value(() => __config.Get("tagPolicyCompliance")); + /// + /// The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + /// + public static string? TagPolicyCompliance + { + get => _tagPolicyCompliance.Get(); + set => _tagPolicyCompliance.Set(value); + } + private static readonly __Value _token = new __Value(() => __config.Get("token")); /// /// session token. A session token is only required if you are diff --git a/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessArgs.cs b/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessArgs.cs new file mode 100644 index 00000000000..be2aaf80c98 --- /dev/null +++ b/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.DynamoDB.Inputs +{ + + public sealed class TableGlobalTableWitnessArgs : global::Pulumi.ResourceArgs + { + /// + /// Name of the AWS Region that serves as a witness for the MRSC global table. + /// + [Input("regionName")] + public Input? RegionName { get; set; } + + public TableGlobalTableWitnessArgs() + { + } + public static new TableGlobalTableWitnessArgs Empty => new TableGlobalTableWitnessArgs(); + } +} diff --git a/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessGetArgs.cs b/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessGetArgs.cs new file mode 100644 index 00000000000..b8fd27afe60 --- /dev/null +++ b/sdk/dotnet/DynamoDB/Inputs/TableGlobalTableWitnessGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.DynamoDB.Inputs +{ + + public sealed class TableGlobalTableWitnessGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Name of the AWS Region that serves as a witness for the MRSC global table. + /// + [Input("regionName")] + public Input? RegionName { get; set; } + + public TableGlobalTableWitnessGetArgs() + { + } + public static new TableGlobalTableWitnessGetArgs Empty => new TableGlobalTableWitnessGetArgs(); + } +} diff --git a/sdk/dotnet/DynamoDB/Outputs/TableGlobalTableWitness.cs b/sdk/dotnet/DynamoDB/Outputs/TableGlobalTableWitness.cs new file mode 100644 index 00000000000..b38a63b3895 --- /dev/null +++ b/sdk/dotnet/DynamoDB/Outputs/TableGlobalTableWitness.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.DynamoDB.Outputs +{ + + [OutputType] + public sealed class TableGlobalTableWitness + { + /// + /// Name of the AWS Region that serves as a witness for the MRSC global table. + /// + public readonly string? RegionName; + + [OutputConstructor] + private TableGlobalTableWitness(string? regionName) + { + RegionName = regionName; + } + } +} diff --git a/sdk/dotnet/DynamoDB/Table.cs b/sdk/dotnet/DynamoDB/Table.cs index b10bd50eb92..305bcaff6c3 100644 --- a/sdk/dotnet/DynamoDB/Table.cs +++ b/sdk/dotnet/DynamoDB/Table.cs @@ -145,9 +145,13 @@ namespace Pulumi.Aws.DynamoDB /// /// A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read. /// + /// You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas. + /// /// **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html). /// - /// Consistency Mode (`ConsistencyMode`) is a new argument on the embedded `Replica` that allows you to configure consistency mode for Global Tables. + /// Consistency Mode (`ConsistencyMode`) on the embedded `Replica` allows you to configure consistency mode for Global Tables. + /// + /// ##### Consistency mode with 3 Replicas /// /// ```csharp /// using System.Collections.Generic; @@ -190,6 +194,48 @@ namespace Pulumi.Aws.DynamoDB /// }); /// ``` /// + /// ##### Consistency Mode with 2 Replicas and Witness Region + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.DynamoDB.Table("example", new() + /// { + /// Name = "example", + /// HashKey = "TestTableHashKey", + /// BillingMode = "PAY_PER_REQUEST", + /// StreamEnabled = true, + /// StreamViewType = "NEW_AND_OLD_IMAGES", + /// Attributes = new[] + /// { + /// new Aws.DynamoDB.Inputs.TableAttributeArgs + /// { + /// Name = "TestTableHashKey", + /// Type = "S", + /// }, + /// }, + /// Replicas = new[] + /// { + /// new Aws.DynamoDB.Inputs.TableReplicaArgs + /// { + /// RegionName = "us-east-2", + /// ConsistencyMode = "STRONG", + /// }, + /// }, + /// GlobalTableWitness = new Aws.DynamoDB.Inputs.TableGlobalTableWitnessArgs + /// { + /// RegionName = "us-west-2", + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ### Replica Tagging /// /// You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `aws.dynamodb.Tag` resource for the other. @@ -305,6 +351,12 @@ public partial class Table : global::Pulumi.CustomResource [Output("globalSecondaryIndexes")] public Output> GlobalSecondaryIndexes { get; private set; } = null!; + /// + /// Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `Replica` with `ConsistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + /// + [Output("globalTableWitness")] + public Output GlobalTableWitness { get; private set; } = null!; + /// /// Attribute to use as the hash (partition) key. Must also be defined as an `Attribute`. See below. /// @@ -541,6 +593,12 @@ public InputList GlobalSecondaryIndexes set => _globalSecondaryIndexes = value; } + /// + /// Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `Replica` with `ConsistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + /// + [Input("globalTableWitness")] + public Input? GlobalTableWitness { get; set; } + /// /// Attribute to use as the hash (partition) key. Must also be defined as an `Attribute`. See below. /// @@ -745,6 +803,12 @@ public InputList GlobalSecondaryIndexes set => _globalSecondaryIndexes = value; } + /// + /// Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `Replica` with `ConsistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + /// + [Input("globalTableWitness")] + public Input? GlobalTableWitness { get; set; } + /// /// Attribute to use as the hash (partition) key. Must also be defined as an `Attribute`. See below. /// diff --git a/sdk/dotnet/Ec2/VpnConnection.cs b/sdk/dotnet/Ec2/VpnConnection.cs index 81f98db869f..4d831ef3b32 100644 --- a/sdk/dotnet/Ec2/VpnConnection.cs +++ b/sdk/dotnet/Ec2/VpnConnection.cs @@ -591,6 +591,12 @@ public partial class VpnConnection : global::Pulumi.CustomResource [Output("tunnel2VgwInsideAddress")] public Output Tunnel2VgwInsideAddress { get; private set; } = null!; + /// + /// Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `Standard` supports up to 1.25 Gbps per tunnel, while `Large` supports up to 5 Gbps per tunnel. Not supported when `VpnGatewayId` is specified, or `EnableAcceleration` is `True`. + /// + [Output("tunnelBandwidth")] + public Output TunnelBandwidth { get; private set; } = null!; + /// /// Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `Ipv6` Supports only EC2 Transit Gateway. /// @@ -1095,6 +1101,12 @@ public Input? Tunnel2PresharedKey [Input("tunnel2StartupAction")] public Input? Tunnel2StartupAction { get; set; } + /// + /// Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `Standard` supports up to 1.25 Gbps per tunnel, while `Large` supports up to 5 Gbps per tunnel. Not supported when `VpnGatewayId` is specified, or `EnableAcceleration` is `True`. + /// + [Input("tunnelBandwidth")] + public Input? TunnelBandwidth { get; set; } + /// /// Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `Ipv6` Supports only EC2 Transit Gateway. /// @@ -1679,6 +1691,12 @@ public Input? Tunnel2PresharedKey [Input("tunnel2VgwInsideAddress")] public Input? Tunnel2VgwInsideAddress { get; set; } + /// + /// Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `Standard` supports up to 1.25 Gbps per tunnel, while `Large` supports up to 5 Gbps per tunnel. Not supported when `VpnGatewayId` is specified, or `EnableAcceleration` is `True`. + /// + [Input("tunnelBandwidth")] + public Input? TunnelBandwidth { get; set; } + /// /// Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `Ipv6` Supports only EC2 Transit Gateway. /// diff --git a/sdk/dotnet/Emr/ManagedScalingPolicy.cs b/sdk/dotnet/Emr/ManagedScalingPolicy.cs index 788455fbb4f..4bf43c0ddab 100644 --- a/sdk/dotnet/Emr/ManagedScalingPolicy.cs +++ b/sdk/dotnet/Emr/ManagedScalingPolicy.cs @@ -84,6 +84,18 @@ public partial class ManagedScalingPolicy : global::Pulumi.CustomResource [Output("region")] public Output Region { get; private set; } = null!; + /// + /// Specifies the scaling strategy. When set to `ADVANCED`, the `UtilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + /// + [Output("scalingStrategy")] + public Output ScalingStrategy { get; private set; } = null!; + + /// + /// Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `ScalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + /// + [Output("utilizationPerformanceIndex")] + public Output UtilizationPerformanceIndex { get; private set; } = null!; + /// /// Create a ManagedScalingPolicy resource with the given unique name, arguments, and options. @@ -154,6 +166,18 @@ public InputList ComputeLimits [Input("region")] public Input? Region { get; set; } + /// + /// Specifies the scaling strategy. When set to `ADVANCED`, the `UtilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + /// + [Input("scalingStrategy")] + public Input? ScalingStrategy { get; set; } + + /// + /// Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `ScalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + /// + [Input("utilizationPerformanceIndex")] + public Input? UtilizationPerformanceIndex { get; set; } + public ManagedScalingPolicyArgs() { } @@ -186,6 +210,18 @@ public InputList ComputeLimits [Input("region")] public Input? Region { get; set; } + /// + /// Specifies the scaling strategy. When set to `ADVANCED`, the `UtilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + /// + [Input("scalingStrategy")] + public Input? ScalingStrategy { get; set; } + + /// + /// Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `ScalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + /// + [Input("utilizationPerformanceIndex")] + public Input? UtilizationPerformanceIndex { get; set; } + public ManagedScalingPolicyState() { } diff --git a/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetArgs.cs b/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetArgs.cs index b6646611173..3cb330de623 100644 --- a/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetArgs.cs +++ b/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Fis.Inputs public sealed class ExperimentTemplateActionTargetArgs : global::Pulumi.ResourceArgs { /// - /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. /// [Input("key", required: true)] public Input Key { get; set; } = null!; diff --git a/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetGetArgs.cs b/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetGetArgs.cs index 229b719a19d..c244ea4e926 100644 --- a/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetGetArgs.cs +++ b/sdk/dotnet/Fis/Inputs/ExperimentTemplateActionTargetGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Fis.Inputs public sealed class ExperimentTemplateActionTargetGetArgs : global::Pulumi.ResourceArgs { /// - /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. /// [Input("key", required: true)] public Input Key { get; set; } = null!; diff --git a/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.cs b/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.cs index 71d59f3e88e..de7318c899f 100644 --- a/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.cs +++ b/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Fis.Inputs public sealed class ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationGetArgs.cs b/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationGetArgs.cs index 99bc2351f5c..ec7e8a1245a 100644 --- a/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationGetArgs.cs +++ b/sdk/dotnet/Fis/Inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Fis.Inputs public sealed class ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationGetArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` /// [Input("logGroupArn", required: true)] public Input LogGroupArn { get; set; } = null!; diff --git a/sdk/dotnet/Fis/Outputs/ExperimentTemplateActionTarget.cs b/sdk/dotnet/Fis/Outputs/ExperimentTemplateActionTarget.cs index df752a392c7..c194b0cbd60 100644 --- a/sdk/dotnet/Fis/Outputs/ExperimentTemplateActionTarget.cs +++ b/sdk/dotnet/Fis/Outputs/ExperimentTemplateActionTarget.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Fis.Outputs public sealed class ExperimentTemplateActionTarget { /// - /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + /// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. /// public readonly string Key; /// diff --git a/sdk/dotnet/Fis/Outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.cs b/sdk/dotnet/Fis/Outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.cs index 6b129d199db..024bd61e28a 100644 --- a/sdk/dotnet/Fis/Outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.cs +++ b/sdk/dotnet/Fis/Outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Fis.Outputs public sealed class ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration { /// - /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + /// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` /// public readonly string LogGroupArn; diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleAction.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleAction.cs index fd14c10cf87..acd9744d783 100644 --- a/sdk/dotnet/LB/Inputs/GetListenerRuleAction.cs +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleAction.cs @@ -64,6 +64,19 @@ public List Forwards set => _forwards = value; } + [Input("jwtValidations")] + private List? _jwtValidations; + + /// + /// An action to validate using JWT. + /// Detailed below. + /// + public List JwtValidations + { + get => _jwtValidations ?? (_jwtValidations = new List()); + set => _jwtValidations = value; + } + /// /// The evaluation order of the action. /// diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionArgs.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionArgs.cs index d179c0eb0f3..1b510a0d9ca 100644 --- a/sdk/dotnet/LB/Inputs/GetListenerRuleActionArgs.cs +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionArgs.cs @@ -64,6 +64,19 @@ public InputList Forwards set => _forwards = value; } + [Input("jwtValidations")] + private InputList? _jwtValidations; + + /// + /// An action to validate using JWT. + /// Detailed below. + /// + public InputList JwtValidations + { + get => _jwtValidations ?? (_jwtValidations = new InputList()); + set => _jwtValidations = value; + } + /// /// The evaluation order of the action. /// diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidc.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidc.cs index b15629ef7f1..986939061e4 100644 --- a/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidc.cs +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidc.cs @@ -38,7 +38,7 @@ public Dictionary AuthenticationRequestExtraParams public string ClientId { get; set; } = null!; /// - /// OIDC issuer identifier of the IdP. + /// Issuer of the JWT. /// [Input("issuer", required: true)] public string Issuer { get; set; } = null!; diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidcArgs.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidcArgs.cs index 2e697ac8b7b..af232ac5d67 100644 --- a/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidcArgs.cs +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionAuthenticateOidcArgs.cs @@ -38,7 +38,7 @@ public InputMap AuthenticationRequestExtraParams public Input ClientId { get; set; } = null!; /// - /// OIDC issuer identifier of the IdP. + /// Issuer of the JWT. /// [Input("issuer", required: true)] public Input Issuer { get; set; } = null!; diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidation.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidation.cs new file mode 100644 index 00000000000..567e5e56497 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidation.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class GetListenerRuleActionJwtValidationArgs : global::Pulumi.InvokeArgs + { + [Input("additionalClaims")] + private List? _additionalClaims; + + /// + /// Additional claims to validate. + /// + public List AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new List()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public string Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. + /// + [Input("jwksEndpoint", required: true)] + public string JwksEndpoint { get; set; } = null!; + + public GetListenerRuleActionJwtValidationArgs() + { + } + public static new GetListenerRuleActionJwtValidationArgs Empty => new GetListenerRuleActionJwtValidationArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaim.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaim.cs new file mode 100644 index 00000000000..118415ac7b1 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaim.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class GetListenerRuleActionJwtValidationAdditionalClaimArgs : global::Pulumi.InvokeArgs + { + /// + /// Format of the claim value. + /// + [Input("format", required: true)] + public string Format { get; set; } = null!; + + /// + /// Name of the claim to validate. + /// + [Input("name", required: true)] + public string Name { get; set; } = null!; + + [Input("values", required: true)] + private List? _values; + + /// + /// Set of `Key`-`Value` pairs indicating the query string parameters to match. + /// + public List Values + { + get => _values ?? (_values = new List()); + set => _values = value; + } + + public GetListenerRuleActionJwtValidationAdditionalClaimArgs() + { + } + public static new GetListenerRuleActionJwtValidationAdditionalClaimArgs Empty => new GetListenerRuleActionJwtValidationAdditionalClaimArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.cs new file mode 100644 index 00000000000..d81b6452458 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class GetListenerRuleActionJwtValidationAdditionalClaimInputArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// Set of `Key`-`Value` pairs indicating the query string parameters to match. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public GetListenerRuleActionJwtValidationAdditionalClaimInputArgs() + { + } + public static new GetListenerRuleActionJwtValidationAdditionalClaimInputArgs Empty => new GetListenerRuleActionJwtValidationAdditionalClaimInputArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationArgs.cs b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationArgs.cs new file mode 100644 index 00000000000..d3fbd0b7319 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/GetListenerRuleActionJwtValidationArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class GetListenerRuleActionJwtValidationInputArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public GetListenerRuleActionJwtValidationInputArgs() + { + } + public static new GetListenerRuleActionJwtValidationInputArgs Empty => new GetListenerRuleActionJwtValidationInputArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionArgs.cs index 962dc7a75c9..9d10923361e 100644 --- a/sdk/dotnet/LB/Inputs/ListenerDefaultActionArgs.cs +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionArgs.cs @@ -36,6 +36,12 @@ public sealed class ListenerDefaultActionArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// @@ -55,7 +61,7 @@ public sealed class ListenerDefaultActionArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionGetArgs.cs index 2ec41f48dfd..0a672b67247 100644 --- a/sdk/dotnet/LB/Inputs/ListenerDefaultActionGetArgs.cs +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionGetArgs.cs @@ -36,6 +36,12 @@ public sealed class ListenerDefaultActionGetArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// @@ -55,7 +61,7 @@ public sealed class ListenerDefaultActionGetArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs new file mode 100644 index 00000000000..def425d2c36 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationAdditionalClaimArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerDefaultActionJwtValidationAdditionalClaimArgs() + { + } + public static new ListenerDefaultActionJwtValidationAdditionalClaimArgs Empty => new ListenerDefaultActionJwtValidationAdditionalClaimArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs new file mode 100644 index 00000000000..89980e665f3 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationAdditionalClaimGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationAdditionalClaimGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerDefaultActionJwtValidationAdditionalClaimGetArgs() + { + } + public static new ListenerDefaultActionJwtValidationAdditionalClaimGetArgs Empty => new ListenerDefaultActionJwtValidationAdditionalClaimGetArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationArgs.cs new file mode 100644 index 00000000000..34bdfe9141b --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationArgs.cs @@ -0,0 +1,46 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerDefaultActionJwtValidationArgs() + { + } + public static new ListenerDefaultActionJwtValidationArgs Empty => new ListenerDefaultActionJwtValidationArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs new file mode 100644 index 00000000000..b67da8f1762 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerDefaultActionJwtValidationGetArgs.cs @@ -0,0 +1,46 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerDefaultActionJwtValidationGetArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerDefaultActionJwtValidationGetArgs() + { + } + public static new ListenerDefaultActionJwtValidationGetArgs Empty => new ListenerDefaultActionJwtValidationGetArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionArgs.cs index 270f0b1e04d..3563793de96 100644 --- a/sdk/dotnet/LB/Inputs/ListenerRuleActionArgs.cs +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionArgs.cs @@ -38,6 +38,12 @@ public sealed class ListenerRuleActionArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. /// The action with the lowest value for order is performed first. @@ -63,7 +69,7 @@ public sealed class ListenerRuleActionArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionGetArgs.cs index 1c19d7cae21..c403c32a68d 100644 --- a/sdk/dotnet/LB/Inputs/ListenerRuleActionGetArgs.cs +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionGetArgs.cs @@ -38,6 +38,12 @@ public sealed class ListenerRuleActionGetArgs : global::Pulumi.ResourceArgs [Input("forward")] public Input? Forward { get; set; } + /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + [Input("jwtValidation")] + public Input? JwtValidation { get; set; } + /// /// Order for the action. /// The action with the lowest value for order is performed first. @@ -63,7 +69,7 @@ public sealed class ListenerRuleActionGetArgs : global::Pulumi.ResourceArgs public Input? TargetGroupArn { get; set; } /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs new file mode 100644 index 00000000000..2aeffb91533 --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationAdditionalClaimArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerRuleActionJwtValidationAdditionalClaimArgs() + { + } + public static new ListenerRuleActionJwtValidationAdditionalClaimArgs Empty => new ListenerRuleActionJwtValidationAdditionalClaimArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs new file mode 100644 index 00000000000..d05bf3c208f --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationAdditionalClaimGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationAdditionalClaimGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + [Input("format", required: true)] + public Input Format { get; set; } = null!; + + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + [Input("values", required: true)] + private InputList? _values; + + /// + /// List of expected values of the claim. + /// + public InputList Values + { + get => _values ?? (_values = new InputList()); + set => _values = value; + } + + public ListenerRuleActionJwtValidationAdditionalClaimGetArgs() + { + } + public static new ListenerRuleActionJwtValidationAdditionalClaimGetArgs Empty => new ListenerRuleActionJwtValidationAdditionalClaimGetArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationArgs.cs new file mode 100644 index 00000000000..b2734f3617c --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerRuleActionJwtValidationArgs() + { + } + public static new ListenerRuleActionJwtValidationArgs Empty => new ListenerRuleActionJwtValidationArgs(); + } +} diff --git a/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationGetArgs.cs b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationGetArgs.cs new file mode 100644 index 00000000000..d3033d548ec --- /dev/null +++ b/sdk/dotnet/LB/Inputs/ListenerRuleActionJwtValidationGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Inputs +{ + + public sealed class ListenerRuleActionJwtValidationGetArgs : global::Pulumi.ResourceArgs + { + [Input("additionalClaims")] + private InputList? _additionalClaims; + + /// + /// Repeatable configuration block for additional claims to validate. + /// + public InputList AdditionalClaims + { + get => _additionalClaims ?? (_additionalClaims = new InputList()); + set => _additionalClaims = value; + } + + /// + /// Issuer of the JWT. + /// + [Input("issuer", required: true)] + public Input Issuer { get; set; } = null!; + + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + [Input("jwksEndpoint", required: true)] + public Input JwksEndpoint { get; set; } = null!; + + public ListenerRuleActionJwtValidationGetArgs() + { + } + public static new ListenerRuleActionJwtValidationGetArgs Empty => new ListenerRuleActionJwtValidationGetArgs(); + } +} diff --git a/sdk/dotnet/LB/Listener.cs b/sdk/dotnet/LB/Listener.cs index 5cc8ee280b2..c3d67b0e689 100644 --- a/sdk/dotnet/LB/Listener.cs +++ b/sdk/dotnet/LB/Listener.cs @@ -295,6 +295,67 @@ namespace Pulumi.Aws.LB /// }); /// ``` /// + /// ### JWT Validation Action + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var test = new Aws.LB.Listener("test", new() + /// { + /// LoadBalancerArn = testAwsLb.Id, + /// Protocol = "HTTPS", + /// Port = 443, + /// SslPolicy = "ELBSecurityPolicy-2016-08", + /// CertificateArn = testAwsIamServerCertificate.Arn, + /// DefaultActions = new[] + /// { + /// new Aws.LB.Inputs.ListenerDefaultActionArgs + /// { + /// Type = "jwt-validation", + /// JwtValidation = new Aws.LB.Inputs.ListenerDefaultActionJwtValidationArgs + /// { + /// Issuer = "https://example.com", + /// JwksEndpoint = "https://example.com/.well-known/jwks.json", + /// AdditionalClaims = new[] + /// { + /// new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs + /// { + /// Format = "string-array", + /// Name = "claim_name1", + /// Values = new[] + /// { + /// "value1", + /// "value2", + /// }, + /// }, + /// new Aws.LB.Inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs + /// { + /// Format = "single-string", + /// Name = "claim_name2", + /// Values = new[] + /// { + /// "value1", + /// }, + /// }, + /// }, + /// }, + /// }, + /// new Aws.LB.Inputs.ListenerDefaultActionArgs + /// { + /// TargetGroupArn = testAwsLbTargetGroup.Id, + /// Type = "forward", + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ### Gateway Load Balancer Listener /// /// ```csharp diff --git a/sdk/dotnet/LB/ListenerRule.cs b/sdk/dotnet/LB/ListenerRule.cs index 57f8f538c36..d6902fab663 100644 --- a/sdk/dotnet/LB/ListenerRule.cs +++ b/sdk/dotnet/LB/ListenerRule.cs @@ -13,331 +13,6 @@ namespace Pulumi.Aws.LB /// Provides a Load Balancer Listener Rule resource. /// /// > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical. - /// - /// ## Example Usage - /// - /// ```csharp - /// using System.Collections.Generic; - /// using System.Linq; - /// using Pulumi; - /// using Aws = Pulumi.Aws; - /// - /// return await Deployment.RunAsync(() => - /// { - /// var frontEnd = new Aws.LB.LoadBalancer("front_end"); - /// - /// var frontEndListener = new Aws.LB.Listener("front_end"); - /// - /// var @static = new Aws.LB.ListenerRule("static", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 100, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs - /// { - /// Values = new[] - /// { - /// "/static/*", - /// }, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "example.com", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Forward action - /// var hostBasedWeightedRouting = new Aws.LB.ListenerRule("host_based_weighted_routing", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 99, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "my-service.*.mycompany.io", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Weighted Forward action - /// var hostBasedRouting = new Aws.LB.ListenerRule("host_based_routing", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Priority = 99, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs - /// { - /// TargetGroups = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs - /// { - /// Arn = main.Arn, - /// Weight = 80, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionForwardTargetGroupArgs - /// { - /// Arn = canary.Arn, - /// Weight = 20, - /// }, - /// }, - /// Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs - /// { - /// Enabled = true, - /// Duration = 600, - /// }, - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs - /// { - /// Values = new[] - /// { - /// "my-service.*.mycompany.io", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Redirect action - /// var redirectHttpToHttps = new Aws.LB.ListenerRule("redirect_http_to_https", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "redirect", - /// Redirect = new Aws.LB.Inputs.ListenerRuleActionRedirectArgs - /// { - /// Port = "443", - /// Protocol = "HTTPS", - /// StatusCode = "HTTP_301", - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// HttpHeader = new Aws.LB.Inputs.ListenerRuleConditionHttpHeaderArgs - /// { - /// HttpHeaderName = "X-Forwarded-For", - /// Values = new[] - /// { - /// "192.168.1.*", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Fixed-response action - /// var healthCheck = new Aws.LB.ListenerRule("health_check", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "fixed-response", - /// FixedResponse = new Aws.LB.Inputs.ListenerRuleActionFixedResponseArgs - /// { - /// ContentType = "text/plain", - /// MessageBody = "HEALTHY", - /// StatusCode = "200", - /// }, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// QueryStrings = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs - /// { - /// Key = "health", - /// Value = "check", - /// }, - /// new Aws.LB.Inputs.ListenerRuleConditionQueryStringArgs - /// { - /// Value = "bar", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// // Authenticate-cognito Action - /// var pool = new Aws.Cognito.UserPool("pool"); - /// - /// var client = new Aws.Cognito.UserPoolClient("client"); - /// - /// var domain = new Aws.Cognito.UserPoolDomain("domain"); - /// - /// var admin = new Aws.LB.ListenerRule("admin", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "authenticate-cognito", - /// AuthenticateCognito = new Aws.LB.Inputs.ListenerRuleActionAuthenticateCognitoArgs - /// { - /// UserPoolArn = pool.Arn, - /// UserPoolClientId = client.Id, - /// UserPoolDomain = domain.Domain, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// }); - /// - /// // Authenticate-oidc Action - /// var oidc = new Aws.LB.ListenerRule("oidc", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "authenticate-oidc", - /// AuthenticateOidc = new Aws.LB.Inputs.ListenerRuleActionAuthenticateOidcArgs - /// { - /// AuthorizationEndpoint = "https://example.com/authorization_endpoint", - /// ClientId = "client_id", - /// ClientSecret = "client_secret", - /// Issuer = "https://example.com", - /// TokenEndpoint = "https://example.com/token_endpoint", - /// UserInfoEndpoint = "https://example.com/user_info_endpoint", - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// }); - /// - /// // With transform - /// var transform = new Aws.LB.ListenerRule("transform", new() - /// { - /// ListenerArn = frontEndListener.Arn, - /// Actions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleActionArgs - /// { - /// Type = "forward", - /// TargetGroupArn = staticAwsLbTargetGroup.Arn, - /// }, - /// }, - /// Conditions = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleConditionArgs - /// { - /// PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs - /// { - /// Values = new[] - /// { - /// "*", - /// }, - /// }, - /// }, - /// }, - /// Transforms = new[] - /// { - /// new Aws.LB.Inputs.ListenerRuleTransformArgs - /// { - /// Type = "host-header-rewrite", - /// HostHeaderRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs - /// { - /// Rewrite = new Aws.LB.Inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs - /// { - /// Regex = "^mywebsite-(.+).com$", - /// Replace = "internal.dev.$1.myweb.com", - /// }, - /// }, - /// }, - /// new Aws.LB.Inputs.ListenerRuleTransformArgs - /// { - /// Type = "url-rewrite", - /// UrlRewriteConfig = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigArgs - /// { - /// Rewrite = new Aws.LB.Inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs - /// { - /// Regex = "^/dp/([A-Za-z0-9]+)/?$", - /// Replace = "/product.php?id=$1", - /// }, - /// }, - /// }, - /// }, - /// }); - /// - /// }); - /// ``` - /// - /// ## Import - /// - /// ### Identity Schema - /// - /// #### Required - /// - /// - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule. - /// - /// Using `pulumi import`, import rules using their ARN. For example: - /// - /// console - /// - /// % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b /// [AwsResourceType("aws:lb/listenerRule:ListenerRule")] public partial class ListenerRule : global::Pulumi.CustomResource diff --git a/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs new file mode 100644 index 00000000000..4e62f58ab2e --- /dev/null +++ b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationAdditionalClaimResult.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class GetListenerDefaultActionJwtValidationAdditionalClaimResult + { + public readonly string Format; + public readonly string Name; + public readonly ImmutableArray Values; + + [OutputConstructor] + private GetListenerDefaultActionJwtValidationAdditionalClaimResult( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationResult.cs b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationResult.cs new file mode 100644 index 00000000000..3b5430bb996 --- /dev/null +++ b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionJwtValidationResult.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class GetListenerDefaultActionJwtValidationResult + { + public readonly ImmutableArray AdditionalClaims; + public readonly string Issuer; + public readonly string JwksEndpoint; + + [OutputConstructor] + private GetListenerDefaultActionJwtValidationResult( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/GetListenerDefaultActionResult.cs b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionResult.cs index 817db6f7a05..f3a3c95c4cc 100644 --- a/sdk/dotnet/LB/Outputs/GetListenerDefaultActionResult.cs +++ b/sdk/dotnet/LB/Outputs/GetListenerDefaultActionResult.cs @@ -17,6 +17,7 @@ public sealed class GetListenerDefaultActionResult public readonly ImmutableArray AuthenticateOidcs; public readonly ImmutableArray FixedResponses; public readonly ImmutableArray Forwards; + public readonly ImmutableArray JwtValidations; public readonly int Order; public readonly ImmutableArray Redirects; public readonly string TargetGroupArn; @@ -32,6 +33,8 @@ private GetListenerDefaultActionResult( ImmutableArray forwards, + ImmutableArray jwtValidations, + int order, ImmutableArray redirects, @@ -44,6 +47,7 @@ private GetListenerDefaultActionResult( AuthenticateOidcs = authenticateOidcs; FixedResponses = fixedResponses; Forwards = forwards; + JwtValidations = jwtValidations; Order = order; Redirects = redirects; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/LB/Outputs/GetListenerRuleActionAuthenticateOidcResult.cs b/sdk/dotnet/LB/Outputs/GetListenerRuleActionAuthenticateOidcResult.cs index 2939b99332e..3a8706fc9e8 100644 --- a/sdk/dotnet/LB/Outputs/GetListenerRuleActionAuthenticateOidcResult.cs +++ b/sdk/dotnet/LB/Outputs/GetListenerRuleActionAuthenticateOidcResult.cs @@ -27,7 +27,7 @@ public sealed class GetListenerRuleActionAuthenticateOidcResult /// public readonly string ClientId; /// - /// OIDC issuer identifier of the IdP. + /// Issuer of the JWT. /// public readonly string Issuer; /// diff --git a/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationAdditionalClaimResult.cs b/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationAdditionalClaimResult.cs new file mode 100644 index 00000000000..70844c6d7dd --- /dev/null +++ b/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationAdditionalClaimResult.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class GetListenerRuleActionJwtValidationAdditionalClaimResult + { + /// + /// Format of the claim value. + /// + public readonly string Format; + /// + /// Name of the claim to validate. + /// + public readonly string Name; + /// + /// Set of `Key`-`Value` pairs indicating the query string parameters to match. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private GetListenerRuleActionJwtValidationAdditionalClaimResult( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationResult.cs b/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationResult.cs new file mode 100644 index 00000000000..4f57c6ffeff --- /dev/null +++ b/sdk/dotnet/LB/Outputs/GetListenerRuleActionJwtValidationResult.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class GetListenerRuleActionJwtValidationResult + { + /// + /// Additional claims to validate. + /// + public readonly ImmutableArray AdditionalClaims; + /// + /// Issuer of the JWT. + /// + public readonly string Issuer; + /// + /// JSON Web Key Set (JWKS) endpoint. + /// + public readonly string JwksEndpoint; + + [OutputConstructor] + private GetListenerRuleActionJwtValidationResult( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/GetListenerRuleActionResult.cs b/sdk/dotnet/LB/Outputs/GetListenerRuleActionResult.cs index ea5f6c08b68..0fb31d14c9f 100644 --- a/sdk/dotnet/LB/Outputs/GetListenerRuleActionResult.cs +++ b/sdk/dotnet/LB/Outputs/GetListenerRuleActionResult.cs @@ -34,6 +34,11 @@ public sealed class GetListenerRuleActionResult /// public readonly ImmutableArray Forwards; /// + /// An action to validate using JWT. + /// Detailed below. + /// + public readonly ImmutableArray JwtValidations; + /// /// The evaluation order of the action. /// public readonly int Order; @@ -57,6 +62,8 @@ private GetListenerRuleActionResult( ImmutableArray forwards, + ImmutableArray jwtValidations, + int order, ImmutableArray redirects, @@ -67,6 +74,7 @@ private GetListenerRuleActionResult( AuthenticateOidcs = authenticateOidcs; FixedResponses = fixedResponses; Forwards = forwards; + JwtValidations = jwtValidations; Order = order; Redirects = redirects; Type = type; diff --git a/sdk/dotnet/LB/Outputs/ListenerDefaultAction.cs b/sdk/dotnet/LB/Outputs/ListenerDefaultAction.cs index 75261869017..71d2dc7a860 100644 --- a/sdk/dotnet/LB/Outputs/ListenerDefaultAction.cs +++ b/sdk/dotnet/LB/Outputs/ListenerDefaultAction.cs @@ -30,6 +30,10 @@ public sealed class ListenerDefaultAction /// public readonly Outputs.ListenerDefaultActionForward? Forward; /// + /// Configuration block for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + public readonly Outputs.ListenerDefaultActionJwtValidation? JwtValidation; + /// /// Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. /// public readonly int? Order; @@ -42,7 +46,7 @@ public sealed class ListenerDefaultAction /// public readonly string? TargetGroupArn; /// - /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// Type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// /// The following arguments are optional: /// @@ -58,6 +62,8 @@ private ListenerDefaultAction( Outputs.ListenerDefaultActionForward? forward, + Outputs.ListenerDefaultActionJwtValidation? jwtValidation, + int? order, Outputs.ListenerDefaultActionRedirect? redirect, @@ -70,6 +76,7 @@ private ListenerDefaultAction( AuthenticateOidc = authenticateOidc; FixedResponse = fixedResponse; Forward = forward; + JwtValidation = jwtValidation; Order = order; Redirect = redirect; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidation.cs b/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidation.cs new file mode 100644 index 00000000000..8f465bcabf9 --- /dev/null +++ b/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidation.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class ListenerDefaultActionJwtValidation + { + /// + /// Repeatable configuration block for additional claims to validate. + /// + public readonly ImmutableArray AdditionalClaims; + /// + /// Issuer of the JWT. + /// + public readonly string Issuer; + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + /// The following arguments are optional: + /// + public readonly string JwksEndpoint; + + [OutputConstructor] + private ListenerDefaultActionJwtValidation( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs b/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs new file mode 100644 index 00000000000..24adb3ee92a --- /dev/null +++ b/sdk/dotnet/LB/Outputs/ListenerDefaultActionJwtValidationAdditionalClaim.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class ListenerDefaultActionJwtValidationAdditionalClaim + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + public readonly string Format; + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + public readonly string Name; + /// + /// List of expected values of the claim. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ListenerDefaultActionJwtValidationAdditionalClaim( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/ListenerRuleAction.cs b/sdk/dotnet/LB/Outputs/ListenerRuleAction.cs index 7910f44f7c5..43693349cd2 100644 --- a/sdk/dotnet/LB/Outputs/ListenerRuleAction.cs +++ b/sdk/dotnet/LB/Outputs/ListenerRuleAction.cs @@ -32,6 +32,10 @@ public sealed class ListenerRuleAction /// public readonly Outputs.ListenerRuleActionForward? Forward; /// + /// Information for creating a JWT validation action. Required if `Type` is `jwt-validation`. + /// + public readonly Outputs.ListenerRuleActionJwtValidation? JwtValidation; + /// /// Order for the action. /// The action with the lowest value for order is performed first. /// Valid values are between `1` and `50000`. @@ -50,7 +54,7 @@ public sealed class ListenerRuleAction /// public readonly string? TargetGroupArn; /// - /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + /// The type of routing action. Valid values are `Forward`, `Redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. /// public readonly string Type; @@ -64,6 +68,8 @@ private ListenerRuleAction( Outputs.ListenerRuleActionForward? forward, + Outputs.ListenerRuleActionJwtValidation? jwtValidation, + int? order, Outputs.ListenerRuleActionRedirect? redirect, @@ -76,6 +82,7 @@ private ListenerRuleAction( AuthenticateOidc = authenticateOidc; FixedResponse = fixedResponse; Forward = forward; + JwtValidation = jwtValidation; Order = order; Redirect = redirect; TargetGroupArn = targetGroupArn; diff --git a/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidation.cs b/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidation.cs new file mode 100644 index 00000000000..88337d4e061 --- /dev/null +++ b/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidation.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class ListenerRuleActionJwtValidation + { + /// + /// Repeatable configuration block for additional claims to validate. + /// + public readonly ImmutableArray AdditionalClaims; + /// + /// Issuer of the JWT. + /// + public readonly string Issuer; + /// + /// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + /// + public readonly string JwksEndpoint; + + [OutputConstructor] + private ListenerRuleActionJwtValidation( + ImmutableArray additionalClaims, + + string issuer, + + string jwksEndpoint) + { + AdditionalClaims = additionalClaims; + Issuer = issuer; + JwksEndpoint = jwksEndpoint; + } + } +} diff --git a/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs b/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs new file mode 100644 index 00000000000..b0f1b182c8d --- /dev/null +++ b/sdk/dotnet/LB/Outputs/ListenerRuleActionJwtValidationAdditionalClaim.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.LB.Outputs +{ + + [OutputType] + public sealed class ListenerRuleActionJwtValidationAdditionalClaim + { + /// + /// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + /// + public readonly string Format; + /// + /// Name of the claim to validate. `Exp`, `Iss`, `Nbf`, or `Iat` cannot be specified because they are validated by default. + /// + public readonly string Name; + /// + /// List of expected values of the claim. + /// + public readonly ImmutableArray Values; + + [OutputConstructor] + private ListenerRuleActionJwtValidationAdditionalClaim( + string format, + + string name, + + ImmutableArray values) + { + Format = format; + Name = name; + Values = values; + } + } +} diff --git a/sdk/dotnet/Lambda/Invocation.cs b/sdk/dotnet/Lambda/Invocation.cs index d018b56fdfd..08030b4af85 100644 --- a/sdk/dotnet/Lambda/Invocation.cs +++ b/sdk/dotnet/Lambda/Invocation.cs @@ -145,6 +145,16 @@ namespace Pulumi.Aws.Lambda /// If the `DatabaseUrl` changes, the Lambda will be invoked again with: /// /// When the invocation resource is removed, the final invocation will have: + /// + /// ## Import + /// + /// Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example: + /// + /// ```sh + /// $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09 + /// ``` + /// Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function. + /// To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function. /// [AwsResourceType("aws:lambda/invocation:Invocation")] public partial class Invocation : global::Pulumi.CustomResource diff --git a/sdk/dotnet/Notifications/ChannelAssociation.cs b/sdk/dotnet/Notifications/ChannelAssociation.cs index f5224436562..3ff7b52d9a8 100644 --- a/sdk/dotnet/Notifications/ChannelAssociation.cs +++ b/sdk/dotnet/Notifications/ChannelAssociation.cs @@ -57,7 +57,7 @@ namespace Pulumi.Aws.Notifications public partial class ChannelAssociation : global::Pulumi.CustomResource { /// - /// ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + /// ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. /// [Output("arn")] public Output Arn { get; private set; } = null!; @@ -115,7 +115,7 @@ public static ChannelAssociation Get(string name, Input id, ChannelAssoc public sealed class ChannelAssociationArgs : global::Pulumi.ResourceArgs { /// - /// ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + /// ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. /// [Input("arn", required: true)] public Input Arn { get; set; } = null!; @@ -135,7 +135,7 @@ public ChannelAssociationArgs() public sealed class ChannelAssociationState : global::Pulumi.ResourceArgs { /// - /// ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + /// ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. /// [Input("arn")] public Input? Arn { get; set; } diff --git a/sdk/dotnet/Odb/CloudVmCluster.cs b/sdk/dotnet/Odb/CloudVmCluster.cs index f0437dd6c4b..be32f2a1c40 100644 --- a/sdk/dotnet/Odb/CloudVmCluster.cs +++ b/sdk/dotnet/Odb/CloudVmCluster.cs @@ -112,7 +112,13 @@ public partial class CloudVmCluster : global::Pulumi.CustomResource public Output Arn { get; private set; } = null!; /// - /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + /// The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Output("cloudExadataInfrastructureArn")] + public Output CloudExadataInfrastructureArn { get; private set; } = null!; + + /// + /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// [Output("cloudExadataInfrastructureId")] public Output CloudExadataInfrastructureId { get; private set; } = null!; @@ -277,7 +283,13 @@ public partial class CloudVmCluster : global::Pulumi.CustomResource public Output Ocid { get; private set; } = null!; /// - /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + /// The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Output("odbNetworkArn")] + public Output OdbNetworkArn { get; private set; } = null!; + + /// + /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// [Output("odbNetworkId")] public Output OdbNetworkId { get; private set; } = null!; @@ -428,10 +440,16 @@ public static CloudVmCluster Get(string name, Input id, CloudVmClusterSt public sealed class CloudVmClusterArgs : global::Pulumi.ResourceArgs { /// - /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + /// The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// - [Input("cloudExadataInfrastructureId", required: true)] - public Input CloudExadataInfrastructureId { get; set; } = null!; + [Input("cloudExadataInfrastructureArn")] + public Input? CloudExadataInfrastructureArn { get; set; } + + /// + /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Input("cloudExadataInfrastructureId")] + public Input? CloudExadataInfrastructureId { get; set; } /// /// The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. @@ -520,10 +538,16 @@ public InputList DbServers public Input? MemorySizeInGbs { get; set; } /// - /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + /// The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// - [Input("odbNetworkId", required: true)] - public Input OdbNetworkId { get; set; } = null!; + [Input("odbNetworkArn")] + public Input? OdbNetworkArn { get; set; } + + /// + /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Input("odbNetworkId")] + public Input? OdbNetworkId { get; set; } /// /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. @@ -585,7 +609,13 @@ public sealed class CloudVmClusterState : global::Pulumi.ResourceArgs public Input? Arn { get; set; } /// - /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + /// The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Input("cloudExadataInfrastructureArn")] + public Input? CloudExadataInfrastructureArn { get; set; } + + /// + /// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// [Input("cloudExadataInfrastructureId")] public Input? CloudExadataInfrastructureId { get; set; } @@ -762,7 +792,13 @@ public InputList IormConfigCaches public Input? Ocid { get; set; } /// - /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + /// The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. + /// + [Input("odbNetworkArn")] + public Input? OdbNetworkArn { get; set; } + + /// + /// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of CloudExadataInfrastructureId and OdbNetworkId or CloudExadataInfrastructureArn and OdbNetworkArn must be used. /// [Input("odbNetworkId")] public Input? OdbNetworkId { get; set; } diff --git a/sdk/dotnet/Odb/Outputs/GetDbServersDbServerResult.cs b/sdk/dotnet/Odb/Outputs/GetDbServersDbServerResult.cs index 8e5240dfd09..fb085d14d06 100644 --- a/sdk/dotnet/Odb/Outputs/GetDbServersDbServerResult.cs +++ b/sdk/dotnet/Odb/Outputs/GetDbServersDbServerResult.cs @@ -49,6 +49,9 @@ public sealed class GetDbServersDbServerResult /// The ID of the Exadata infrastructure that hosts the database server. /// public readonly string ExadataInfrastructureId; + /// + /// The unique identifier of the database server. + /// public readonly string Id; /// /// The total number of CPU cores available on the database server. diff --git a/sdk/dotnet/Organizations/Organization.cs b/sdk/dotnet/Organizations/Organization.cs index 8e7fb9f1097..7ddddacf183 100644 --- a/sdk/dotnet/Organizations/Organization.cs +++ b/sdk/dotnet/Organizations/Organization.cs @@ -79,7 +79,7 @@ public partial class Organization : global::Pulumi.CustomResource public Output> AwsServiceAccessPrincipals { get; private set; } = null!; /// - /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `AwsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. /// [Output("enabledPolicyTypes")] public Output> EnabledPolicyTypes { get; private set; } = null!; @@ -188,7 +188,7 @@ public InputList AwsServiceAccessPrincipals private InputList? _enabledPolicyTypes; /// - /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `AwsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. /// public InputList EnabledPolicyTypes { @@ -244,7 +244,7 @@ public InputList AwsServiceAccessPrincipals private InputList? _enabledPolicyTypes; /// - /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + /// List of Organizations policy types to enable in the Organization Root. Organization must have `FeatureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `AwsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. /// public InputList EnabledPolicyTypes { diff --git a/sdk/dotnet/Provider.cs b/sdk/dotnet/Provider.cs index 579df52bbc1..441cd407f90 100644 --- a/sdk/dotnet/Provider.cs +++ b/sdk/dotnet/Provider.cs @@ -101,6 +101,12 @@ public partial class Provider : global::Pulumi.ProviderResource [Output("stsRegion")] public Output StsRegion { get; private set; } = null!; + /// + /// The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + /// + [Output("tagPolicyCompliance")] + public Output TagPolicyCompliance { get; private set; } = null!; + /// /// session token. A session token is only required if you are /// using temporary security credentials. @@ -369,6 +375,12 @@ public InputList SharedCredentialsFiles [Input("stsRegion")] public Input? StsRegion { get; set; } + /// + /// The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + /// + [Input("tagPolicyCompliance")] + public Input? TagPolicyCompliance { get; set; } + [Input("token")] private Input? _token; diff --git a/sdk/dotnet/Quicksight/AccountSettings.cs b/sdk/dotnet/Quicksight/AccountSettings.cs index c6458029788..084b4ce3e82 100644 --- a/sdk/dotnet/Quicksight/AccountSettings.cs +++ b/sdk/dotnet/Quicksight/AccountSettings.cs @@ -66,6 +66,12 @@ public partial class AccountSettings : global::Pulumi.CustomResource [Output("defaultNamespace")] public Output DefaultNamespace { get; private set; } = null!; + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Output("region")] + public Output Region { get; private set; } = null!; + /// /// A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `True`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `False`, it will allow the account to be deleted. /// @@ -130,6 +136,12 @@ public sealed class AccountSettingsArgs : global::Pulumi.ResourceArgs [Input("defaultNamespace")] public Input? DefaultNamespace { get; set; } + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Input("region")] + public Input? Region { get; set; } + /// /// A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `True`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `False`, it will allow the account to be deleted. /// @@ -156,6 +168,12 @@ public sealed class AccountSettingsState : global::Pulumi.ResourceArgs [Input("defaultNamespace")] public Input? DefaultNamespace { get; set; } + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Input("region")] + public Input? Region { get; set; } + /// /// A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `True`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `False`, it will allow the account to be deleted. /// diff --git a/sdk/dotnet/Route53/GetZone.cs b/sdk/dotnet/Route53/GetZone.cs index d46760f13f5..cadc553aa31 100644 --- a/sdk/dotnet/Route53/GetZone.cs +++ b/sdk/dotnet/Route53/GetZone.cs @@ -48,6 +48,8 @@ public static class GetZone /// /// }); /// ``` + /// + /// The following example shows how to get a Hosted Zone from a unique combination of its tags: /// public static Task InvokeAsync(GetZoneArgs? args = null, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.InvokeAsync("aws:route53/getZone:getZone", args ?? new GetZoneArgs(), options.WithDefaults()); @@ -89,6 +91,8 @@ public static Task InvokeAsync(GetZoneArgs? args = null, InvokeOp /// /// }); /// ``` + /// + /// The following example shows how to get a Hosted Zone from a unique combination of its tags: /// public static Output Invoke(GetZoneInvokeArgs? args = null, InvokeOptions? options = null) => global::Pulumi.Deployment.Instance.Invoke("aws:route53/getZone:getZone", args ?? new GetZoneInvokeArgs(), options.WithDefaults()); @@ -130,6 +134,8 @@ public static Output Invoke(GetZoneInvokeArgs? args = null, Invok /// /// }); /// ``` + /// + /// The following example shows how to get a Hosted Zone from a unique combination of its tags: /// public static Output Invoke(GetZoneInvokeArgs args, InvokeOutputOptions options) => global::Pulumi.Deployment.Instance.Invoke("aws:route53/getZone:getZone", args ?? new GetZoneInvokeArgs(), options.WithDefaults()); @@ -139,13 +145,13 @@ public static Output Invoke(GetZoneInvokeArgs args, InvokeOutputO public sealed class GetZoneArgs : global::Pulumi.InvokeArgs { /// - /// Hosted Zone name of the desired Hosted Zone. + /// Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `PrivateZone`, `VpcId` and `Tags`. /// [Input("name")] public string? Name { get; set; } /// - /// Used with `Name` field to get a private Hosted Zone. + /// Filter to only private Hosted Zones. /// [Input("privateZone")] public bool? PrivateZone { get; set; } @@ -154,11 +160,11 @@ public sealed class GetZoneArgs : global::Pulumi.InvokeArgs private Dictionary? _tags; /// - /// Used with `Name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + /// A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. /// - /// The arguments of this data source act as filters for querying the available - /// Hosted Zone. You have to use `ZoneId` or `Name`, not both of them. The given filter must match exactly one - /// Hosted Zone. If you use `Name` field for private Hosted Zone, you need to add `PrivateZone` field to `True`. + /// The arguments of this data source act as filters for querying the available Hosted Zone. + /// + /// - The given filter must match exactly one Hosted Zone. /// public Dictionary Tags { @@ -167,13 +173,14 @@ public Dictionary Tags } /// - /// Used with `Name` field to get a private Hosted Zone associated with the VpcId (in this case, PrivateZone is not mandatory). + /// Filter to private Hosted Zones associated with the specified `VpcId`. /// [Input("vpcId")] public string? VpcId { get; set; } /// - /// Hosted Zone id of the desired Hosted Zone. + /// and `Name` are mutually exclusive. + /// - If you use the `Name` argument for a private Hosted Zone, you need to set the `PrivateZone` argument to `True`. /// [Input("zoneId")] public string? ZoneId { get; set; } @@ -187,13 +194,13 @@ public GetZoneArgs() public sealed class GetZoneInvokeArgs : global::Pulumi.InvokeArgs { /// - /// Hosted Zone name of the desired Hosted Zone. + /// Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `PrivateZone`, `VpcId` and `Tags`. /// [Input("name")] public Input? Name { get; set; } /// - /// Used with `Name` field to get a private Hosted Zone. + /// Filter to only private Hosted Zones. /// [Input("privateZone")] public Input? PrivateZone { get; set; } @@ -202,11 +209,11 @@ public sealed class GetZoneInvokeArgs : global::Pulumi.InvokeArgs private InputMap? _tags; /// - /// Used with `Name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + /// A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + /// + /// The arguments of this data source act as filters for querying the available Hosted Zone. /// - /// The arguments of this data source act as filters for querying the available - /// Hosted Zone. You have to use `ZoneId` or `Name`, not both of them. The given filter must match exactly one - /// Hosted Zone. If you use `Name` field for private Hosted Zone, you need to add `PrivateZone` field to `True`. + /// - The given filter must match exactly one Hosted Zone. /// public InputMap Tags { @@ -215,13 +222,14 @@ public InputMap Tags } /// - /// Used with `Name` field to get a private Hosted Zone associated with the VpcId (in this case, PrivateZone is not mandatory). + /// Filter to private Hosted Zones associated with the specified `VpcId`. /// [Input("vpcId")] public Input? VpcId { get; set; } /// - /// Hosted Zone id of the desired Hosted Zone. + /// and `Name` are mutually exclusive. + /// - If you use the `Name` argument for a private Hosted Zone, you need to set the `PrivateZone` argument to `True`. /// [Input("zoneId")] public Input? ZoneId { get; set; } @@ -284,7 +292,7 @@ public sealed class GetZoneResult /// A map of tags assigned to the Hosted Zone. /// public readonly ImmutableDictionary Tags; - public readonly string VpcId; + public readonly string? VpcId; /// /// The Hosted Zone identifier. /// @@ -316,7 +324,7 @@ private GetZoneResult( ImmutableDictionary tags, - string vpcId, + string? vpcId, string zoneId) { diff --git a/sdk/dotnet/S3/BucketServerSideEncryptionConfiguration.cs b/sdk/dotnet/S3/BucketServerSideEncryptionConfiguration.cs index 6251f9922f0..75e1943f5e1 100644 --- a/sdk/dotnet/S3/BucketServerSideEncryptionConfiguration.cs +++ b/sdk/dotnet/S3/BucketServerSideEncryptionConfiguration.cs @@ -14,6 +14,8 @@ namespace Pulumi.Aws.S3 /// /// > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). /// + /// > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `BlockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). + /// /// ## Example Usage /// /// ```csharp @@ -54,6 +56,51 @@ namespace Pulumi.Aws.S3 /// }); /// ``` /// + /// ### Blocking SSE-C Uploads + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var mykey = new Aws.Kms.Key("mykey", new() + /// { + /// Description = "This key is used to encrypt bucket objects", + /// DeletionWindowInDays = 10, + /// }); + /// + /// var mybucket = new Aws.S3.Bucket("mybucket", new() + /// { + /// BucketName = "mybucket", + /// }); + /// + /// var example = new Aws.S3.BucketServerSideEncryptionConfiguration("example", new() + /// { + /// Bucket = mybucket.Id, + /// Rules = new[] + /// { + /// new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs + /// { + /// ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs + /// { + /// KmsMasterKeyId = mykey.Arn, + /// SseAlgorithm = "aws:kms", + /// }, + /// BucketKeyEnabled = true, + /// BlockedEncryptionTypes = new[] + /// { + /// "SSE-C", + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// ### Identity Schema diff --git a/sdk/dotnet/S3/BucketServerSideEncryptionConfigurationV2.cs b/sdk/dotnet/S3/BucketServerSideEncryptionConfigurationV2.cs index 022decbb5b9..20c25413028 100644 --- a/sdk/dotnet/S3/BucketServerSideEncryptionConfigurationV2.cs +++ b/sdk/dotnet/S3/BucketServerSideEncryptionConfigurationV2.cs @@ -14,6 +14,8 @@ namespace Pulumi.Aws.S3 /// /// > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). /// + /// > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `BlockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). + /// /// ## Example Usage /// /// ```csharp @@ -54,6 +56,51 @@ namespace Pulumi.Aws.S3 /// }); /// ``` /// + /// ### Blocking SSE-C Uploads + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var mykey = new Aws.Kms.Key("mykey", new() + /// { + /// Description = "This key is used to encrypt bucket objects", + /// DeletionWindowInDays = 10, + /// }); + /// + /// var mybucket = new Aws.S3.Bucket("mybucket", new() + /// { + /// BucketName = "mybucket", + /// }); + /// + /// var example = new Aws.S3.BucketServerSideEncryptionConfiguration("example", new() + /// { + /// Bucket = mybucket.Id, + /// Rules = new[] + /// { + /// new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleArgs + /// { + /// ApplyServerSideEncryptionByDefault = new Aws.S3.Inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs + /// { + /// KmsMasterKeyId = mykey.Arn, + /// SseAlgorithm = "aws:kms", + /// }, + /// BucketKeyEnabled = true, + /// BlockedEncryptionTypes = new[] + /// { + /// "SSE-C", + /// }, + /// }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// ### Identity Schema diff --git a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleArgs.cs b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleArgs.cs index b1ed0dc5ba9..406f908321e 100644 --- a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleArgs.cs +++ b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleArgs.cs @@ -18,6 +18,18 @@ public sealed class BucketServerSideEncryptionConfigurationRuleArgs : global::Pu [Input("applyServerSideEncryptionByDefault")] public Input? ApplyServerSideEncryptionByDefault { get; set; } + [Input("blockedEncryptionTypes")] + private InputList? _blockedEncryptionTypes; + + /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public InputList BlockedEncryptionTypes + { + get => _blockedEncryptionTypes ?? (_blockedEncryptionTypes = new InputList()); + set => _blockedEncryptionTypes = value; + } + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// diff --git a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleGetArgs.cs b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleGetArgs.cs index 2b5bc70a6db..b28cff2a4cf 100644 --- a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleGetArgs.cs +++ b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationRuleGetArgs.cs @@ -18,6 +18,18 @@ public sealed class BucketServerSideEncryptionConfigurationRuleGetArgs : global: [Input("applyServerSideEncryptionByDefault")] public Input? ApplyServerSideEncryptionByDefault { get; set; } + [Input("blockedEncryptionTypes")] + private InputList? _blockedEncryptionTypes; + + /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public InputList BlockedEncryptionTypes + { + get => _blockedEncryptionTypes ?? (_blockedEncryptionTypes = new InputList()); + set => _blockedEncryptionTypes = value; + } + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// diff --git a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.cs b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.cs index 8b651c883ac..3c3f6fa2add 100644 --- a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.cs +++ b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.cs @@ -18,6 +18,18 @@ public sealed class BucketServerSideEncryptionConfigurationV2RuleArgs : global:: [Input("applyServerSideEncryptionByDefault")] public Input? ApplyServerSideEncryptionByDefault { get; set; } + [Input("blockedEncryptionTypes")] + private InputList? _blockedEncryptionTypes; + + /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public InputList BlockedEncryptionTypes + { + get => _blockedEncryptionTypes ?? (_blockedEncryptionTypes = new InputList()); + set => _blockedEncryptionTypes = value; + } + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// diff --git a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleGetArgs.cs b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleGetArgs.cs index 920c9f6bac1..0670ec0ef2f 100644 --- a/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleGetArgs.cs +++ b/sdk/dotnet/S3/Inputs/BucketServerSideEncryptionConfigurationV2RuleGetArgs.cs @@ -18,6 +18,18 @@ public sealed class BucketServerSideEncryptionConfigurationV2RuleGetArgs : globa [Input("applyServerSideEncryptionByDefault")] public Input? ApplyServerSideEncryptionByDefault { get; set; } + [Input("blockedEncryptionTypes")] + private InputList? _blockedEncryptionTypes; + + /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public InputList BlockedEncryptionTypes + { + get => _blockedEncryptionTypes ?? (_blockedEncryptionTypes = new InputList()); + set => _blockedEncryptionTypes = value; + } + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// diff --git a/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationRule.cs b/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationRule.cs index 8dc2cc7ceac..81c8ec57f7f 100644 --- a/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationRule.cs +++ b/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationRule.cs @@ -18,6 +18,10 @@ public sealed class BucketServerSideEncryptionConfigurationRule /// public readonly Outputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault? ApplyServerSideEncryptionByDefault; /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public readonly ImmutableArray BlockedEncryptionTypes; + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// public readonly bool? BucketKeyEnabled; @@ -26,9 +30,12 @@ public sealed class BucketServerSideEncryptionConfigurationRule private BucketServerSideEncryptionConfigurationRule( Outputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault? applyServerSideEncryptionByDefault, + ImmutableArray blockedEncryptionTypes, + bool? bucketKeyEnabled) { ApplyServerSideEncryptionByDefault = applyServerSideEncryptionByDefault; + BlockedEncryptionTypes = blockedEncryptionTypes; BucketKeyEnabled = bucketKeyEnabled; } } diff --git a/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationV2Rule.cs b/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationV2Rule.cs index 513f674407d..e3354e82ad7 100644 --- a/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationV2Rule.cs +++ b/sdk/dotnet/S3/Outputs/BucketServerSideEncryptionConfigurationV2Rule.cs @@ -18,6 +18,10 @@ public sealed class BucketServerSideEncryptionConfigurationV2Rule /// public readonly Outputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault? ApplyServerSideEncryptionByDefault; /// + /// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + /// + public readonly ImmutableArray BlockedEncryptionTypes; + /// /// Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. /// public readonly bool? BucketKeyEnabled; @@ -26,9 +30,12 @@ public sealed class BucketServerSideEncryptionConfigurationV2Rule private BucketServerSideEncryptionConfigurationV2Rule( Outputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault? applyServerSideEncryptionByDefault, + ImmutableArray blockedEncryptionTypes, + bool? bucketKeyEnabled) { ApplyServerSideEncryptionByDefault = applyServerSideEncryptionByDefault; + BlockedEncryptionTypes = blockedEncryptionTypes; BucketKeyEnabled = bucketKeyEnabled; } } diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceArgs.cs new file mode 100644 index 00000000000..13c28e7311f --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceArgs : global::Pulumi.ResourceArgs + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + [Input("channelName", required: true)] + public Input ChannelName { get; set; } = null!; + + [Input("s3DataSources", required: true)] + private InputList? _s3DataSources; + + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public InputList S3DataSources + { + get => _s3DataSources ?? (_s3DataSources = new InputList()); + set => _s3DataSources = value; + } + + public ModelContainerAdditionalModelDataSourceArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceArgs Empty => new ModelContainerAdditionalModelDataSourceArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceGetArgs.cs new file mode 100644 index 00000000000..091dc7da2f7 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + [Input("channelName", required: true)] + public Input ChannelName { get; set; } = null!; + + [Input("s3DataSources", required: true)] + private InputList? _s3DataSources; + + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public InputList S3DataSources + { + get => _s3DataSources ?? (_s3DataSources = new InputList()); + set => _s3DataSources = value; + } + + public ModelContainerAdditionalModelDataSourceGetArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceGetArgs Empty => new ModelContainerAdditionalModelDataSourceGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.cs new file mode 100644 index 00000000000..2ea8bd33fab --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceS3DataSourceArgs : global::Pulumi.ResourceArgs + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + [Input("compressionType", required: true)] + public Input CompressionType { get; set; } = null!; + + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + [Input("modelAccessConfig")] + public Input? ModelAccessConfig { get; set; } + + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + [Input("s3DataType", required: true)] + public Input S3DataType { get; set; } = null!; + + /// + /// The S3 path of model data to deploy. + /// + [Input("s3Uri", required: true)] + public Input S3Uri { get; set; } = null!; + + public ModelContainerAdditionalModelDataSourceS3DataSourceArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceS3DataSourceArgs Empty => new ModelContainerAdditionalModelDataSourceS3DataSourceArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs new file mode 100644 index 00000000000..ca429178e31 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs : global::Pulumi.ResourceArgs + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + [Input("compressionType", required: true)] + public Input CompressionType { get; set; } = null!; + + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + [Input("modelAccessConfig")] + public Input? ModelAccessConfig { get; set; } + + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + [Input("s3DataType", required: true)] + public Input S3DataType { get; set; } = null!; + + /// + /// The S3 path of model data to deploy. + /// + [Input("s3Uri", required: true)] + public Input S3Uri { get; set; } = null!; + + public ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs Empty => new ModelContainerAdditionalModelDataSourceS3DataSourceGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs new file mode 100644 index 00000000000..2dcc68ca0bd --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + [Input("acceptEula", required: true)] + public Input AcceptEula { get; set; } = null!; + + public ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs Empty => new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs new file mode 100644 index 00000000000..ab207b4471b --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + [Input("acceptEula", required: true)] + public Input AcceptEula { get; set; } = null!; + + public ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs() + { + } + public static new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs Empty => new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerArgs.cs index 2cdf7c77e30..778bd13efa1 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerArgs.cs @@ -12,8 +12,20 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerArgs : global::Pulumi.ResourceArgs { + [Input("additionalModelDataSources")] + private InputList? _additionalModelDataSources; + + /// + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public InputList AdditionalModelDataSources + { + get => _additionalModelDataSources ?? (_additionalModelDataSources = new InputList()); + set => _additionalModelDataSources = value; + } + /// - /// The DNS host name for the container. + /// DNS host name for the container. /// [Input("containerHostname")] public Input? ContainerHostname { get; set; } @@ -23,7 +35,6 @@ public sealed class ModelContainerArgs : global::Pulumi.ResourceArgs /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public InputMap Environment { @@ -32,7 +43,7 @@ public InputMap Environment } /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// [Input("image")] public Input? Image { get; set; } @@ -44,31 +55,32 @@ public InputMap Environment public Input? ImageConfig { get; set; } /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// [Input("inferenceSpecificationName")] public Input? InferenceSpecificationName { get; set; } /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. /// [Input("mode")] public Input? Mode { get; set; } /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// [Input("modelDataSource")] public Input? ModelDataSource { get; set; } /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// [Input("modelDataUrl")] public Input? ModelDataUrl { get; set; } /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// [Input("modelPackageName")] public Input? ModelPackageName { get; set; } diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerGetArgs.cs index e3ee6675921..8253a362b73 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerGetArgs.cs @@ -12,8 +12,20 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerGetArgs : global::Pulumi.ResourceArgs { + [Input("additionalModelDataSources")] + private InputList? _additionalModelDataSources; + + /// + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public InputList AdditionalModelDataSources + { + get => _additionalModelDataSources ?? (_additionalModelDataSources = new InputList()); + set => _additionalModelDataSources = value; + } + /// - /// The DNS host name for the container. + /// DNS host name for the container. /// [Input("containerHostname")] public Input? ContainerHostname { get; set; } @@ -23,7 +35,6 @@ public sealed class ModelContainerGetArgs : global::Pulumi.ResourceArgs /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public InputMap Environment { @@ -32,7 +43,7 @@ public InputMap Environment } /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// [Input("image")] public Input? Image { get; set; } @@ -44,31 +55,32 @@ public InputMap Environment public Input? ImageConfig { get; set; } /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// [Input("inferenceSpecificationName")] public Input? InferenceSpecificationName { get; set; } /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. /// [Input("mode")] public Input? Mode { get; set; } /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// [Input("modelDataSource")] public Input? ModelDataSource { get; set; } /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// [Input("modelDataUrl")] public Input? ModelDataUrl { get; set; } /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// [Input("modelPackageName")] public Input? ModelPackageName { get; set; } diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.cs index a7a67172eb6..c60513f3864 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerImageConfigRepositoryAuthConfigArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// [Input("repositoryCredentialsProviderArn", required: true)] public Input RepositoryCredentialsProviderArn { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigGetArgs.cs index 8b4f2bd34a7..7fdf32fa255 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerImageConfigRepositoryAuthConfigGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerImageConfigRepositoryAuthConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// [Input("repositoryCredentialsProviderArn", required: true)] public Input RepositoryCredentialsProviderArn { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceArgs.cs index 5affa99e008..0e0acb48eb8 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceArgs.cs @@ -16,7 +16,7 @@ public sealed class ModelContainerModelDataSourceArgs : global::Pulumi.ResourceA private InputList? _s3DataSources; /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public InputList S3DataSources { diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceGetArgs.cs index 1df8c4b0122..e7c0b7b4c0f 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceGetArgs.cs @@ -16,7 +16,7 @@ public sealed class ModelContainerModelDataSourceGetArgs : global::Pulumi.Resour private InputList? _s3DataSources; /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public InputList S3DataSources { diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceArgs.cs index a35bf9d4738..f026725e1b5 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceArgs.cs @@ -19,13 +19,13 @@ public sealed class ModelContainerModelDataSourceS3DataSourceArgs : global::Pulu public Input CompressionType { get; set; } = null!; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// [Input("modelAccessConfig")] public Input? ModelAccessConfig { get; set; } /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// [Input("s3DataType", required: true)] public Input S3DataType { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceGetArgs.cs index 31c2d2b643c..39f511ba028 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceGetArgs.cs @@ -19,13 +19,13 @@ public sealed class ModelContainerModelDataSourceS3DataSourceGetArgs : global::P public Input CompressionType { get; set; } = null!; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// [Input("modelAccessConfig")] public Input? ModelAccessConfig { get; set; } /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// [Input("s3DataType", required: true)] public Input S3DataType { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs index 711c52e4cfc..cc642e46757 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs : global::Pulumi.ResourceArgs { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// [Input("acceptEula", required: true)] public Input AcceptEula { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs index 9ec9b407325..708aaf54b39 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// [Input("acceptEula", required: true)] public Input AcceptEula { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigArgs.cs index 9f1262f4ca6..107b89b86b5 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelInferenceExecutionConfigArgs : global::Pulumi.ResourceArgs { /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. /// [Input("mode", required: true)] public Input Mode { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigGetArgs.cs index ca548b75ca5..0d37d26a5d5 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelInferenceExecutionConfigGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelInferenceExecutionConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. /// [Input("mode", required: true)] public Input Mode { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.cs new file mode 100644 index 00000000000..adcdcb89734 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceArgs : global::Pulumi.ResourceArgs + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + [Input("channelName", required: true)] + public Input ChannelName { get; set; } = null!; + + [Input("s3DataSources", required: true)] + private InputList? _s3DataSources; + + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public InputList S3DataSources + { + get => _s3DataSources ?? (_s3DataSources = new InputList()); + set => _s3DataSources = value; + } + + public ModelPrimaryContainerAdditionalModelDataSourceArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceGetArgs.cs new file mode 100644 index 00000000000..894eab87698 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + [Input("channelName", required: true)] + public Input ChannelName { get; set; } = null!; + + [Input("s3DataSources", required: true)] + private InputList? _s3DataSources; + + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public InputList S3DataSources + { + get => _s3DataSources ?? (_s3DataSources = new InputList()); + set => _s3DataSources = value; + } + + public ModelPrimaryContainerAdditionalModelDataSourceGetArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceGetArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.cs new file mode 100644 index 00000000000..9ab3f4fc51d --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs : global::Pulumi.ResourceArgs + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + [Input("compressionType", required: true)] + public Input CompressionType { get; set; } = null!; + + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + [Input("modelAccessConfig")] + public Input? ModelAccessConfig { get; set; } + + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + [Input("s3DataType", required: true)] + public Input S3DataType { get; set; } = null!; + + /// + /// The S3 path of model data to deploy. + /// + [Input("s3Uri", required: true)] + public Input S3Uri { get; set; } = null!; + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs new file mode 100644 index 00000000000..3abffa8fdef --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs : global::Pulumi.ResourceArgs + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + [Input("compressionType", required: true)] + public Input CompressionType { get; set; } = null!; + + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + [Input("modelAccessConfig")] + public Input? ModelAccessConfig { get; set; } + + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + [Input("s3DataType", required: true)] + public Input S3DataType { get; set; } = null!; + + /// + /// The S3 path of model data to deploy. + /// + [Input("s3Uri", required: true)] + public Input S3Uri { get; set; } = null!; + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs new file mode 100644 index 00000000000..6b4012e4809 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + [Input("acceptEula", required: true)] + public Input AcceptEula { get; set; } = null!; + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs new file mode 100644 index 00000000000..d644e216951 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Inputs +{ + + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + [Input("acceptEula", required: true)] + public Input AcceptEula { get; set; } = null!; + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs() + { + } + public static new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs Empty => new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerArgs.cs index 544a00e0f61..eebf514583a 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerArgs.cs @@ -12,8 +12,20 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerArgs : global::Pulumi.ResourceArgs { + [Input("additionalModelDataSources")] + private InputList? _additionalModelDataSources; + + /// + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public InputList AdditionalModelDataSources + { + get => _additionalModelDataSources ?? (_additionalModelDataSources = new InputList()); + set => _additionalModelDataSources = value; + } + /// - /// The DNS host name for the container. + /// DNS host name for the container. /// [Input("containerHostname")] public Input? ContainerHostname { get; set; } @@ -23,7 +35,6 @@ public sealed class ModelPrimaryContainerArgs : global::Pulumi.ResourceArgs /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public InputMap Environment { @@ -32,7 +43,7 @@ public InputMap Environment } /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// [Input("image")] public Input? Image { get; set; } @@ -44,31 +55,29 @@ public InputMap Environment public Input? ImageConfig { get; set; } /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// [Input("inferenceSpecificationName")] public Input? InferenceSpecificationName { get; set; } - /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - /// [Input("mode")] public Input? Mode { get; set; } /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// [Input("modelDataSource")] public Input? ModelDataSource { get; set; } /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// [Input("modelDataUrl")] public Input? ModelDataUrl { get; set; } /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// [Input("modelPackageName")] public Input? ModelPackageName { get; set; } diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerGetArgs.cs index 20d0fe2b899..ae750c29865 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerGetArgs.cs @@ -12,8 +12,20 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerGetArgs : global::Pulumi.ResourceArgs { + [Input("additionalModelDataSources")] + private InputList? _additionalModelDataSources; + + /// + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public InputList AdditionalModelDataSources + { + get => _additionalModelDataSources ?? (_additionalModelDataSources = new InputList()); + set => _additionalModelDataSources = value; + } + /// - /// The DNS host name for the container. + /// DNS host name for the container. /// [Input("containerHostname")] public Input? ContainerHostname { get; set; } @@ -23,7 +35,6 @@ public sealed class ModelPrimaryContainerGetArgs : global::Pulumi.ResourceArgs /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public InputMap Environment { @@ -32,7 +43,7 @@ public InputMap Environment } /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// [Input("image")] public Input? Image { get; set; } @@ -44,31 +55,29 @@ public InputMap Environment public Input? ImageConfig { get; set; } /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// [Input("inferenceSpecificationName")] public Input? InferenceSpecificationName { get; set; } - /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - /// [Input("mode")] public Input? Mode { get; set; } /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// [Input("modelDataSource")] public Input? ModelDataSource { get; set; } /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// [Input("modelDataUrl")] public Input? ModelDataUrl { get; set; } /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// [Input("modelPackageName")] public Input? ModelPackageName { get; set; } diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.cs index 8da3a7777e8..44aa3fdee32 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// [Input("repositoryCredentialsProviderArn", required: true)] public Input RepositoryCredentialsProviderArn { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigGetArgs.cs index b1ebe0e1e58..d9ff776fdeb 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerImageConfigRepositoryAuthConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// [Input("repositoryCredentialsProviderArn", required: true)] public Input RepositoryCredentialsProviderArn { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceArgs.cs index abafa6ab329..5dcd8039c52 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceArgs.cs @@ -16,7 +16,7 @@ public sealed class ModelPrimaryContainerModelDataSourceArgs : global::Pulumi.Re private InputList? _s3DataSources; /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public InputList S3DataSources { diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceGetArgs.cs index bda4a940aef..e3199795202 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceGetArgs.cs @@ -16,7 +16,7 @@ public sealed class ModelPrimaryContainerModelDataSourceGetArgs : global::Pulumi private InputList? _s3DataSources; /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public InputList S3DataSources { diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceArgs.cs index 63f6117c00e..357acd61bf3 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceArgs.cs @@ -19,13 +19,13 @@ public sealed class ModelPrimaryContainerModelDataSourceS3DataSourceArgs : globa public Input CompressionType { get; set; } = null!; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// [Input("modelAccessConfig")] public Input? ModelAccessConfig { get; set; } /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// [Input("s3DataType", required: true)] public Input S3DataType { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceGetArgs.cs index 0b92a0f6450..d6a6ab4f7eb 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceGetArgs.cs @@ -19,13 +19,13 @@ public sealed class ModelPrimaryContainerModelDataSourceS3DataSourceGetArgs : gl public Input CompressionType { get; set; } = null!; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// [Input("modelAccessConfig")] public Input? ModelAccessConfig { get; set; } /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// [Input("s3DataType", required: true)] public Input S3DataType { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs index cbbb2684d0f..e566712d3ef 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs : global::Pulumi.ResourceArgs { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// [Input("acceptEula", required: true)] public Input AcceptEula { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs index 42f81360e06..f016bea08fe 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Aws.Sagemaker.Inputs public sealed class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigGetArgs : global::Pulumi.ResourceArgs { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// [Input("acceptEula", required: true)] public Input AcceptEula { get; set; } = null!; diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigArgs.cs index b383ffb1ce5..86fe2d99c3f 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigArgs.cs @@ -14,6 +14,10 @@ public sealed class ModelVpcConfigArgs : global::Pulumi.ResourceArgs { [Input("securityGroupIds", required: true)] private InputList? _securityGroupIds; + + /// + /// List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + /// public InputList SecurityGroupIds { get => _securityGroupIds ?? (_securityGroupIds = new InputList()); @@ -22,6 +26,10 @@ public InputList SecurityGroupIds [Input("subnets", required: true)] private InputList? _subnets; + + /// + /// List of subnet IDs in the VPC to which you want to connect your training job or model. + /// public InputList Subnets { get => _subnets ?? (_subnets = new InputList()); diff --git a/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigGetArgs.cs b/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigGetArgs.cs index 0396f8baae8..33e4bbff034 100644 --- a/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigGetArgs.cs +++ b/sdk/dotnet/Sagemaker/Inputs/ModelVpcConfigGetArgs.cs @@ -14,6 +14,10 @@ public sealed class ModelVpcConfigGetArgs : global::Pulumi.ResourceArgs { [Input("securityGroupIds", required: true)] private InputList? _securityGroupIds; + + /// + /// List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + /// public InputList SecurityGroupIds { get => _securityGroupIds ?? (_securityGroupIds = new InputList()); @@ -22,6 +26,10 @@ public InputList SecurityGroupIds [Input("subnets", required: true)] private InputList? _subnets; + + /// + /// List of subnet IDs in the VPC to which you want to connect your training job or model. + /// public InputList Subnets { get => _subnets ?? (_subnets = new InputList()); diff --git a/sdk/dotnet/Sagemaker/Model.cs b/sdk/dotnet/Sagemaker/Model.cs index a50bbe39300..8378f62be24 100644 --- a/sdk/dotnet/Sagemaker/Model.cs +++ b/sdk/dotnet/Sagemaker/Model.cs @@ -10,11 +10,11 @@ namespace Pulumi.Aws.Sagemaker { /// - /// Provides a SageMaker AI model resource. + /// Manages an Amazon SageMaker AI Model. /// /// ## Example Usage /// - /// Basic usage: + /// ### Basic Usage /// /// ```csharp /// using System.Collections.Generic; @@ -72,28 +72,19 @@ namespace Pulumi.Aws.Sagemaker /// }); /// ``` /// - /// ## Inference Execution Config - /// - /// * `Mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`. - /// - /// ### VPC Config - /// - /// * `SecurityGroupIds` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. - /// * `Subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model. - /// /// ## Import /// /// Using `pulumi import`, import models using the `name`. For example: /// /// ```sh - /// $ pulumi import aws:sagemaker/model:Model test_model model-foo + /// $ pulumi import aws:sagemaker/model:Model example model-foo /// ``` /// [AwsResourceType("aws:sagemaker/model:Model")] public partial class Model : global::Pulumi.CustomResource { /// - /// The Amazon Resource Name (ARN) assigned by AWS to this model. + /// Amazon Resource Name (ARN) assigned by AWS to this model. /// [Output("arn")] public Output Arn { get; private set; } = null!; @@ -123,13 +114,13 @@ public partial class Model : global::Pulumi.CustomResource public Output InferenceExecutionConfig { get; private set; } = null!; /// - /// The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + /// Name of the model (must be unique). If omitted, the provider will assign a random, unique name. /// [Output("name")] public Output Name { get; private set; } = null!; /// - /// The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. + /// Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. /// [Output("primaryContainer")] public Output PrimaryContainer { get; private set; } = null!; @@ -235,13 +226,13 @@ public InputList Containers public Input? InferenceExecutionConfig { get; set; } /// - /// The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + /// Name of the model (must be unique). If omitted, the provider will assign a random, unique name. /// [Input("name")] public Input? Name { get; set; } /// - /// The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. + /// Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. /// [Input("primaryContainer")] public Input? PrimaryContainer { get; set; } @@ -279,7 +270,7 @@ public ModelArgs() public sealed class ModelState : global::Pulumi.ResourceArgs { /// - /// The Amazon Resource Name (ARN) assigned by AWS to this model. + /// Amazon Resource Name (ARN) assigned by AWS to this model. /// [Input("arn")] public Input? Arn { get; set; } @@ -315,13 +306,13 @@ public InputList Containers public Input? InferenceExecutionConfig { get; set; } /// - /// The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + /// Name of the model (must be unique). If omitted, the provider will assign a random, unique name. /// [Input("name")] public Input? Name { get; set; } /// - /// The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. + /// Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `Container` argument is required. Fields are documented below. /// [Input("primaryContainer")] public Input? PrimaryContainer { get; set; } diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainer.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainer.cs index 343f386eec5..0326c0503ce 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelContainer.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainer.cs @@ -14,16 +14,19 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelContainer { /// - /// The DNS host name for the container. + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public readonly ImmutableArray AdditionalModelDataSources; + /// + /// DNS host name for the container. /// public readonly string? ContainerHostname; /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public readonly ImmutableDictionary? Environment; /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// public readonly string? Image; /// @@ -31,23 +34,24 @@ public sealed class ModelContainer /// public readonly Outputs.ModelContainerImageConfig? ImageConfig; /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// public readonly string? InferenceSpecificationName; /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. /// public readonly string? Mode; /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// public readonly Outputs.ModelContainerModelDataSource? ModelDataSource; /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// public readonly string? ModelDataUrl; /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// public readonly string? ModelPackageName; /// @@ -57,6 +61,8 @@ public sealed class ModelContainer [OutputConstructor] private ModelContainer( + ImmutableArray additionalModelDataSources, + string? containerHostname, ImmutableDictionary? environment, @@ -77,6 +83,7 @@ private ModelContainer( Outputs.ModelContainerMultiModelConfig? multiModelConfig) { + AdditionalModelDataSources = additionalModelDataSources; ContainerHostname = containerHostname; Environment = environment; Image = image; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSource.cs new file mode 100644 index 00000000000..63b07f3aeb1 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSource.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelContainerAdditionalModelDataSource + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + public readonly string ChannelName; + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public readonly ImmutableArray S3DataSources; + + [OutputConstructor] + private ModelContainerAdditionalModelDataSource( + string channelName, + + ImmutableArray s3DataSources) + { + ChannelName = channelName; + S3DataSources = s3DataSources; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSource.cs new file mode 100644 index 00000000000..052bc8ef8e9 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSource.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelContainerAdditionalModelDataSourceS3DataSource + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + public readonly string CompressionType; + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + public readonly Outputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig? ModelAccessConfig; + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + public readonly string S3DataType; + /// + /// The S3 path of model data to deploy. + /// + public readonly string S3Uri; + + [OutputConstructor] + private ModelContainerAdditionalModelDataSourceS3DataSource( + string compressionType, + + Outputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig? modelAccessConfig, + + string s3DataType, + + string s3Uri) + { + CompressionType = compressionType; + ModelAccessConfig = modelAccessConfig; + S3DataType = s3DataType; + S3Uri = s3Uri; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs new file mode 100644 index 00000000000..25bbb3766ef --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + public readonly bool AcceptEula; + + [OutputConstructor] + private ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(bool acceptEula) + { + AcceptEula = acceptEula; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerImageConfigRepositoryAuthConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerImageConfigRepositoryAuthConfig.cs index 75906460c0c..40099f7d9f1 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelContainerImageConfigRepositoryAuthConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerImageConfigRepositoryAuthConfig.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelContainerImageConfigRepositoryAuthConfig { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// public readonly string RepositoryCredentialsProviderArn; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSource.cs index 53a132ff9db..7c20936e54d 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSource.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSource.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelContainerModelDataSource { /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public readonly ImmutableArray S3DataSources; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSource.cs index 44b9fc8e0e7..7c10f5626ee 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSource.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSource.cs @@ -18,11 +18,11 @@ public sealed class ModelContainerModelDataSourceS3DataSource /// public readonly string CompressionType; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// public readonly Outputs.ModelContainerModelDataSourceS3DataSourceModelAccessConfig? ModelAccessConfig; /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// public readonly string S3DataType; /// diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.cs index ec05965a3c0..1dc8992cfe8 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelContainerModelDataSourceS3DataSourceModelAccessConfig { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// public readonly bool AcceptEula; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelInferenceExecutionConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelInferenceExecutionConfig.cs index 0cc3a8b21da..cd18ec17d7c 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelInferenceExecutionConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelInferenceExecutionConfig.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelInferenceExecutionConfig { /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + /// How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. /// public readonly string Mode; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainer.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainer.cs index 8dabfd9359e..6873dec9d3c 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainer.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainer.cs @@ -14,16 +14,19 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelPrimaryContainer { /// - /// The DNS host name for the container. + /// Additional data sources that are available to the model in addition to those specified in `ModelDataSource`. See Additional Model Data Source. + /// + public readonly ImmutableArray AdditionalModelDataSources; + /// + /// DNS host name for the container. /// public readonly string? ContainerHostname; /// /// Environment variables for the Docker container. - /// A list of key value pairs. /// public readonly ImmutableDictionary? Environment; /// - /// The registry path where the inference code image is stored in Amazon ECR. + /// Registry path where the inference code image is stored in Amazon ECR. /// public readonly string? Image; /// @@ -31,23 +34,21 @@ public sealed class ModelPrimaryContainer /// public readonly Outputs.ModelPrimaryContainerImageConfig? ImageConfig; /// - /// The inference specification name in the model package version. + /// Inference specification name in the model package version. /// public readonly string? InferenceSpecificationName; - /// - /// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - /// public readonly string? Mode; /// - /// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + /// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. /// public readonly Outputs.ModelPrimaryContainerModelDataSource? ModelDataSource; /// - /// The URL for the S3 location where model artifacts are stored. + /// URL for the S3 location where model artifacts are stored. /// public readonly string? ModelDataUrl; /// - /// The Amazon Resource Name (ARN) of the model package to use to create the model. + /// Amazon Resource Name (ARN) of the model package to use to create the model. + /// A list of key value pairs. /// public readonly string? ModelPackageName; /// @@ -57,6 +58,8 @@ public sealed class ModelPrimaryContainer [OutputConstructor] private ModelPrimaryContainer( + ImmutableArray additionalModelDataSources, + string? containerHostname, ImmutableDictionary? environment, @@ -77,6 +80,7 @@ private ModelPrimaryContainer( Outputs.ModelPrimaryContainerMultiModelConfig? multiModelConfig) { + AdditionalModelDataSources = additionalModelDataSources; ContainerHostname = containerHostname; Environment = environment; Image = image; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSource.cs new file mode 100644 index 00000000000..1167a49ab52 --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSource.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelPrimaryContainerAdditionalModelDataSource + { + /// + /// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + /// + public readonly string ChannelName; + /// + /// S3 location of model data to deploy. See S3 Data Source. + /// + public readonly ImmutableArray S3DataSources; + + [OutputConstructor] + private ModelPrimaryContainerAdditionalModelDataSource( + string channelName, + + ImmutableArray s3DataSources) + { + ChannelName = channelName; + S3DataSources = s3DataSources; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.cs new file mode 100644 index 00000000000..a68f6a7950d --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSource + { + /// + /// How the model data is prepared. Allowed values are: `None` and `Gzip`. + /// + public readonly string CompressionType; + /// + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. + /// + public readonly Outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig? ModelAccessConfig; + /// + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// + public readonly string S3DataType; + /// + /// The S3 path of model data to deploy. + /// + public readonly string S3Uri; + + [OutputConstructor] + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSource( + string compressionType, + + Outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig? modelAccessConfig, + + string s3DataType, + + string s3Uri) + { + CompressionType = compressionType; + ModelAccessConfig = modelAccessConfig; + S3DataType = s3DataType; + S3Uri = s3Uri; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs new file mode 100644 index 00000000000..05a4178cdca --- /dev/null +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.Sagemaker.Outputs +{ + + [OutputType] + public sealed class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig + { + /// + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// + public readonly bool AcceptEula; + + [OutputConstructor] + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(bool acceptEula) + { + AcceptEula = acceptEula; + } + } +} diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.cs index 4dbe6e89c9c..a14fee9124a 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelPrimaryContainerImageConfigRepositoryAuthConfig { /// - /// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + /// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. /// public readonly string RepositoryCredentialsProviderArn; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSource.cs index c3e2eaeafa6..5d03f10f405 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSource.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSource.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelPrimaryContainerModelDataSource { /// - /// The S3 location of model data to deploy. + /// S3 location of model data to deploy. See S3 Data Source. /// public readonly ImmutableArray S3DataSources; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSource.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSource.cs index 561f167c949..497c4f9899a 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSource.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSource.cs @@ -18,11 +18,11 @@ public sealed class ModelPrimaryContainerModelDataSourceS3DataSource /// public readonly string CompressionType; /// - /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. see Model Access Config. + /// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`ModelAccessConfig` configuration block]. See Model Access Config. /// public readonly Outputs.ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig? ModelAccessConfig; /// - /// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + /// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. /// public readonly string S3DataType; /// diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.cs index 45bc563e01b..7c1620082b0 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.cs @@ -14,7 +14,7 @@ namespace Pulumi.Aws.Sagemaker.Outputs public sealed class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig { /// - /// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + /// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. /// public readonly bool AcceptEula; diff --git a/sdk/dotnet/Sagemaker/Outputs/ModelVpcConfig.cs b/sdk/dotnet/Sagemaker/Outputs/ModelVpcConfig.cs index ef6fe75a2d0..71882c878a5 100644 --- a/sdk/dotnet/Sagemaker/Outputs/ModelVpcConfig.cs +++ b/sdk/dotnet/Sagemaker/Outputs/ModelVpcConfig.cs @@ -13,7 +13,13 @@ namespace Pulumi.Aws.Sagemaker.Outputs [OutputType] public sealed class ModelVpcConfig { + /// + /// List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + /// public readonly ImmutableArray SecurityGroupIds; + /// + /// List of subnet IDs in the VPC to which you want to connect your training job or model. + /// public readonly ImmutableArray Subnets; [OutputConstructor] diff --git a/sdk/dotnet/SsoAdmin/AccountAssignment.cs b/sdk/dotnet/SsoAdmin/AccountAssignment.cs index 40b00d5ddd7..15d74ce9acf 100644 --- a/sdk/dotnet/SsoAdmin/AccountAssignment.cs +++ b/sdk/dotnet/SsoAdmin/AccountAssignment.cs @@ -162,7 +162,7 @@ public partial class AccountAssignment : global::Pulumi.CustomResource /// The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. /// [Output("targetType")] - public Output TargetType { get; private set; } = null!; + public Output TargetType { get; private set; } = null!; /// @@ -249,8 +249,8 @@ public sealed class AccountAssignmentArgs : global::Pulumi.ResourceArgs /// /// The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. /// - [Input("targetType")] - public Input? TargetType { get; set; } + [Input("targetType", required: true)] + public Input TargetType { get; set; } = null!; public AccountAssignmentArgs() { diff --git a/sdk/dotnet/TimestreamInfluxDB/DbCluster.cs b/sdk/dotnet/TimestreamInfluxDB/DbCluster.cs index 5ec61b8cc3e..32a472b0525 100644 --- a/sdk/dotnet/TimestreamInfluxDB/DbCluster.cs +++ b/sdk/dotnet/TimestreamInfluxDB/DbCluster.cs @@ -193,6 +193,63 @@ namespace Pulumi.Aws.TimestreamInfluxDB /// }); /// ``` /// + /// ### Usage with InfluxDB V3 + /// + /// For InfluxDB V3 clusters, you can create a cluster without providing `AllocatedStorage`, `Bucket`, `Organization`, `Username`, `Password`, or `DeploymentType` by specifying a `DbParameterGroupIdentifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.TimestreamInfluxDB.DbCluster("example", new() + /// { + /// Name = "example-v3-cluster", + /// DbInstanceType = "db.influx.large", + /// DbParameterGroupIdentifier = "InfluxDBV3Core", + /// VpcSubnetIds = new[] + /// { + /// example1.Id, + /// example2.Id, + /// }, + /// VpcSecurityGroupIds = new[] + /// { + /// exampleAwsSecurityGroup.Id, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Cluster Type Requirements + /// + /// ### InfluxDB V2 Clusters (default) + /// + /// The following arguments are **required** for InfluxDB V2 clusters: + /// + /// * `AllocatedStorage` + /// * `Bucket` + /// * `DeploymentType` + /// * `Organization` + /// * `Password` + /// * `Username` + /// + /// The `DeploymentType` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified. + /// + /// ### InfluxDB V3 Clusters (when using V3 parameter groups) + /// + /// The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group): + /// + /// * `AllocatedStorage` + /// * `Bucket` + /// * `DeploymentType` + /// * `Organization` + /// * `Password` + /// * `Username` + /// /// ## Import /// /// Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example: @@ -205,10 +262,10 @@ namespace Pulumi.Aws.TimestreamInfluxDB public partial class DbCluster : global::Pulumi.CustomResource { /// - /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. + /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Output("allocatedStorage")] - public Output AllocatedStorage { get; private set; } = null!; + public Output AllocatedStorage { get; private set; } = null!; /// /// ARN of the Timestream for InfluxDB cluster. @@ -217,10 +274,10 @@ public partial class DbCluster : global::Pulumi.CustomResource public Output Arn { get; private set; } = null!; /// - /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Output("bucket")] - public Output Bucket { get; private set; } = null!; + public Output Bucket { get; private set; } = null!; /// /// Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. @@ -241,7 +298,7 @@ public partial class DbCluster : global::Pulumi.CustomResource public Output DbStorageType { get; private set; } = null!; /// - /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Output("deploymentType")] public Output DeploymentType { get; private set; } = null!; @@ -252,6 +309,12 @@ public partial class DbCluster : global::Pulumi.CustomResource [Output("endpoint")] public Output Endpoint { get; private set; } = null!; + /// + /// Database engine type of the DB cluster. + /// + [Output("engineType")] + public Output EngineType { get; private set; } = null!; + /// /// Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. /// @@ -259,7 +322,7 @@ public partial class DbCluster : global::Pulumi.CustomResource public Output FailoverMode { get; private set; } = null!; /// - /// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + /// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. /// [Output("influxAuthParametersSecretArn")] public Output InfluxAuthParametersSecretArn { get; private set; } = null!; @@ -283,16 +346,16 @@ public partial class DbCluster : global::Pulumi.CustomResource public Output NetworkType { get; private set; } = null!; /// - /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Output("organization")] - public Output Organization { get; private set; } = null!; + public Output Organization { get; private set; } = null!; /// - /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. /// [Output("password")] - public Output Password { get; private set; } = null!; + public Output Password { get; private set; } = null!; /// /// The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. @@ -334,10 +397,10 @@ public partial class DbCluster : global::Pulumi.CustomResource public Output Timeouts { get; private set; } = null!; /// - /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Output("username")] - public Output Username { get; private set; } = null!; + public Output Username { get; private set; } = null!; /// /// List of VPC security group IDs to associate with the cluster. @@ -404,16 +467,16 @@ public static DbCluster Get(string name, Input id, DbClusterState? state public sealed class DbClusterArgs : global::Pulumi.ResourceArgs { /// - /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. + /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// - [Input("allocatedStorage", required: true)] - public Input AllocatedStorage { get; set; } = null!; + [Input("allocatedStorage")] + public Input? AllocatedStorage { get; set; } /// - /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// - [Input("bucket", required: true)] - public Input Bucket { get; set; } = null!; + [Input("bucket")] + public Input? Bucket { get; set; } /// /// Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. @@ -434,7 +497,7 @@ public sealed class DbClusterArgs : global::Pulumi.ResourceArgs public Input? DbStorageType { get; set; } /// - /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("deploymentType")] public Input? DeploymentType { get; set; } @@ -464,16 +527,16 @@ public sealed class DbClusterArgs : global::Pulumi.ResourceArgs public Input? NetworkType { get; set; } /// - /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// - [Input("organization", required: true)] - public Input Organization { get; set; } = null!; + [Input("organization")] + public Input? Organization { get; set; } - [Input("password", required: true)] + [Input("password")] private Input? _password; /// - /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. /// public Input? Password { @@ -519,10 +582,10 @@ public InputMap Tags public Input? Timeouts { get; set; } /// - /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// - [Input("username", required: true)] - public Input Username { get; set; } = null!; + [Input("username")] + public Input? Username { get; set; } [Input("vpcSecurityGroupIds", required: true)] private InputList? _vpcSecurityGroupIds; @@ -559,7 +622,7 @@ public DbClusterArgs() public sealed class DbClusterState : global::Pulumi.ResourceArgs { /// - /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. + /// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `DbStorageType` places restrictions on this argument's minimum value. The following is a list of `DbStorageType` values and the corresponding minimum value for `AllocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("allocatedStorage")] public Input? AllocatedStorage { get; set; } @@ -571,7 +634,7 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs public Input? Arn { get; set; } /// - /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `Organization`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("bucket")] public Input? Bucket { get; set; } @@ -595,7 +658,7 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs public Input? DbStorageType { get; set; } /// - /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + /// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("deploymentType")] public Input? DeploymentType { get; set; } @@ -606,6 +669,12 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs [Input("endpoint")] public Input? Endpoint { get; set; } + /// + /// Database engine type of the DB cluster. + /// + [Input("engineType")] + public Input? EngineType { get; set; } + /// /// Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. /// @@ -613,7 +682,7 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs public Input? FailoverMode { get; set; } /// - /// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + /// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. /// [Input("influxAuthParametersSecretArn")] public Input? InfluxAuthParametersSecretArn { get; set; } @@ -637,7 +706,7 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs public Input? NetworkType { get; set; } /// - /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `Bucket`, `Username`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("organization")] public Input? Organization { get; set; } @@ -646,7 +715,7 @@ public sealed class DbClusterState : global::Pulumi.ResourceArgs private Input? _password; /// - /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Username`, and `Organization`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. /// public Input? Password { @@ -710,7 +779,7 @@ public InputMap TagsAll public Input? Timeouts { get; set; } /// - /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. + /// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `Bucket`, `Organization`, and `Password`, this argument will be stored in the secret referred to by the `InfluxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). /// [Input("username")] public Input? Username { get; set; } diff --git a/sdk/dotnet/VpcLattice/DomainVerification.cs b/sdk/dotnet/VpcLattice/DomainVerification.cs new file mode 100644 index 00000000000..6fcaa617ca0 --- /dev/null +++ b/sdk/dotnet/VpcLattice/DomainVerification.cs @@ -0,0 +1,305 @@ +// *** WARNING: this file was generated by pulumi-language-dotnet. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Aws.VpcLattice +{ + /// + /// Resource for managing an AWS VPC Lattice Domain Verification. + /// + /// Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources. + /// + /// ## Example Usage + /// + /// ### Basic Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.VpcLattice.DomainVerification("example", new() + /// { + /// DomainName = "example.com", + /// }); + /// + /// // Create DNS TXT record for domain verification + /// var exampleRecord = new Aws.Route53.Record("example", new() + /// { + /// ZoneId = exampleAwsRoute53Zone.ZoneId, + /// Name = example.TxtRecordName, + /// Type = Aws.Route53.RecordType.TXT, + /// Ttl = 300, + /// Records = new[] + /// { + /// example.TxtRecordValue, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ### With Tags + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.VpcLattice.DomainVerification("example", new() + /// { + /// DomainName = "example.com", + /// Tags = + /// { + /// { "Environment", "production" }, + /// { "Purpose", "domain-verification" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example: + /// + /// ```sh + /// $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f + /// ``` + /// + [AwsResourceType("aws:vpclattice/domainVerification:DomainVerification")] + public partial class DomainVerification : global::Pulumi.CustomResource + { + /// + /// The Amazon Resource Name (ARN) of the domain verification. + /// + [Output("arn")] + public Output Arn { get; private set; } = null!; + + /// + /// The date and time that the domain verification was created, in ISO-8601 format. + /// + [Output("createdAt")] + public Output CreatedAt { get; private set; } = null!; + + /// + /// The domain name to verify ownership for. + /// + /// The following arguments are optional: + /// + [Output("domainName")] + public Output DomainName { get; private set; } = null!; + + /// + /// The date and time that the domain was last successfully verified, in ISO-8601 format. + /// + [Output("lastVerifiedTime")] + public Output LastVerifiedTime { get; private set; } = null!; + + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Output("region")] + public Output Region { get; private set; } = null!; + + /// + /// The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + /// + [Output("status")] + public Output Status { get; private set; } = null!; + + /// + /// Key-value mapping of resource tags. If configured with a provider `DefaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + /// + [Output("tags")] + public Output?> Tags { get; private set; } = null!; + + /// + /// Map of tags assigned to the resource, including those inherited from the provider `DefaultTags` configuration block. + /// + [Output("tagsAll")] + public Output> TagsAll { get; private set; } = null!; + + /// + /// The name of the TXT record that must be created for domain verification. + /// + [Output("txtRecordName")] + public Output TxtRecordName { get; private set; } = null!; + + /// + /// The value that must be added to the TXT record for domain verification. + /// + [Output("txtRecordValue")] + public Output TxtRecordValue { get; private set; } = null!; + + + /// + /// Create a DomainVerification resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public DomainVerification(string name, DomainVerificationArgs args, CustomResourceOptions? options = null) + : base("aws:vpclattice/domainVerification:DomainVerification", name, args ?? new DomainVerificationArgs(), MakeResourceOptions(options, "")) + { + } + + private DomainVerification(string name, Input id, DomainVerificationState? state = null, CustomResourceOptions? options = null) + : base("aws:vpclattice/domainVerification:DomainVerification", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing DomainVerification resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static DomainVerification Get(string name, Input id, DomainVerificationState? state = null, CustomResourceOptions? options = null) + { + return new DomainVerification(name, id, state, options); + } + } + + public sealed class DomainVerificationArgs : global::Pulumi.ResourceArgs + { + /// + /// The domain name to verify ownership for. + /// + /// The following arguments are optional: + /// + [Input("domainName", required: true)] + public Input DomainName { get; set; } = null!; + + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Input("region")] + public Input? Region { get; set; } + + [Input("tags")] + private InputMap? _tags; + + /// + /// Key-value mapping of resource tags. If configured with a provider `DefaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + + public DomainVerificationArgs() + { + } + public static new DomainVerificationArgs Empty => new DomainVerificationArgs(); + } + + public sealed class DomainVerificationState : global::Pulumi.ResourceArgs + { + /// + /// The Amazon Resource Name (ARN) of the domain verification. + /// + [Input("arn")] + public Input? Arn { get; set; } + + /// + /// The date and time that the domain verification was created, in ISO-8601 format. + /// + [Input("createdAt")] + public Input? CreatedAt { get; set; } + + /// + /// The domain name to verify ownership for. + /// + /// The following arguments are optional: + /// + [Input("domainName")] + public Input? DomainName { get; set; } + + /// + /// The date and time that the domain was last successfully verified, in ISO-8601 format. + /// + [Input("lastVerifiedTime")] + public Input? LastVerifiedTime { get; set; } + + /// + /// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + /// + [Input("region")] + public Input? Region { get; set; } + + /// + /// The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + /// + [Input("status")] + public Input? Status { get; set; } + + [Input("tags")] + private InputMap? _tags; + + /// + /// Key-value mapping of resource tags. If configured with a provider `DefaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + /// + public InputMap Tags + { + get => _tags ?? (_tags = new InputMap()); + set => _tags = value; + } + + [Input("tagsAll")] + private InputMap? _tagsAll; + + /// + /// Map of tags assigned to the resource, including those inherited from the provider `DefaultTags` configuration block. + /// + public InputMap TagsAll + { + get => _tagsAll ?? (_tagsAll = new InputMap()); + set => _tagsAll = value; + } + + /// + /// The name of the TXT record that must be created for domain verification. + /// + [Input("txtRecordName")] + public Input? TxtRecordName { get; set; } + + /// + /// The value that must be added to the TXT record for domain verification. + /// + [Input("txtRecordValue")] + public Input? TxtRecordValue { get; set; } + + public DomainVerificationState() + { + } + public static new DomainVerificationState Empty => new DomainVerificationState(); + } +} diff --git a/sdk/dotnet/VpcLattice/ResourceConfiguration.cs b/sdk/dotnet/VpcLattice/ResourceConfiguration.cs index a70e6718b40..375a35af6ac 100644 --- a/sdk/dotnet/VpcLattice/ResourceConfiguration.cs +++ b/sdk/dotnet/VpcLattice/ResourceConfiguration.cs @@ -85,6 +85,49 @@ namespace Pulumi.Aws.VpcLattice /// }); /// ``` /// + /// ### With custom domain + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Aws = Pulumi.Aws; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var example = new Aws.VpcLattice.DomainVerification("example", new() + /// { + /// DomainName = "example.com", + /// }); + /// + /// var exampleResourceConfiguration = new Aws.VpcLattice.ResourceConfiguration("example", new() + /// { + /// Name = "Example", + /// ResourceGatewayIdentifier = exampleAwsVpclatticeResourceGateway.Id, + /// CustomDomainName = "custom.example.com", + /// DomainVerificationId = example.Id, + /// PortRanges = new[] + /// { + /// "443", + /// }, + /// Protocol = "TCP", + /// ResourceConfigurationDefinition = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionArgs + /// { + /// DnsResource = new Aws.VpcLattice.Inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs + /// { + /// DomainName = "test.example.com", + /// IpAddressType = "IPV4", + /// }, + /// }, + /// Tags = + /// { + /// { "Environment", "Example" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ### ARN Example /// /// ```csharp @@ -135,6 +178,30 @@ public partial class ResourceConfiguration : global::Pulumi.CustomResource [Output("arn")] public Output Arn { get; private set; } = null!; + /// + /// Custom domain name for your resource configuration. Additionally, provide a `DomainVerificationId` to prove your ownership of a domain. + /// + [Output("customDomainName")] + public Output CustomDomainName { get; private set; } = null!; + + /// + /// ARN of the domain verification. + /// + [Output("domainVerificationArn")] + public Output DomainVerificationArn { get; private set; } = null!; + + /// + /// The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + /// + [Output("domainVerificationId")] + public Output DomainVerificationId { get; private set; } = null!; + + /// + /// Domain verification status. + /// + [Output("domainVerificationStatus")] + public Output DomainVerificationStatus { get; private set; } = null!; + /// /// Name for the Resource Configuration. /// @@ -252,6 +319,18 @@ public sealed class ResourceConfigurationArgs : global::Pulumi.ResourceArgs [Input("allowAssociationToShareableServiceNetwork")] public Input? AllowAssociationToShareableServiceNetwork { get; set; } + /// + /// Custom domain name for your resource configuration. Additionally, provide a `DomainVerificationId` to prove your ownership of a domain. + /// + [Input("customDomainName")] + public Input? CustomDomainName { get; set; } + + /// + /// The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + /// + [Input("domainVerificationId")] + public Input? DomainVerificationId { get; set; } + /// /// Name for the Resource Configuration. /// @@ -343,6 +422,30 @@ public sealed class ResourceConfigurationState : global::Pulumi.ResourceArgs [Input("arn")] public Input? Arn { get; set; } + /// + /// Custom domain name for your resource configuration. Additionally, provide a `DomainVerificationId` to prove your ownership of a domain. + /// + [Input("customDomainName")] + public Input? CustomDomainName { get; set; } + + /// + /// ARN of the domain verification. + /// + [Input("domainVerificationArn")] + public Input? DomainVerificationArn { get; set; } + + /// + /// The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + /// + [Input("domainVerificationId")] + public Input? DomainVerificationId { get; set; } + + /// + /// Domain verification status. + /// + [Input("domainVerificationStatus")] + public Input? DomainVerificationStatus { get; set; } + /// /// Name for the Resource Configuration. /// diff --git a/sdk/go/aws/alb/listener.go b/sdk/go/aws/alb/listener.go index 5ce61c0bbcd..46336d98bcc 100644 --- a/sdk/go/aws/alb/listener.go +++ b/sdk/go/aws/alb/listener.go @@ -358,6 +358,66 @@ import ( // // ``` // +// ### JWT Validation Action +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := lb.NewListener(ctx, "test", &lb.ListenerArgs{ +// LoadBalancerArn: pulumi.Any(testAwsLb.Id), +// Protocol: pulumi.String("HTTPS"), +// Port: pulumi.Int(443), +// SslPolicy: pulumi.String("ELBSecurityPolicy-2016-08"), +// CertificateArn: pulumi.Any(testAwsIamServerCertificate.Arn), +// DefaultActions: lb.ListenerDefaultActionArray{ +// &lb.ListenerDefaultActionArgs{ +// Type: pulumi.String("jwt-validation"), +// JwtValidation: &lb.ListenerDefaultActionJwtValidationArgs{ +// Issuer: pulumi.String("https://example.com"), +// JwksEndpoint: pulumi.String("https://example.com/.well-known/jwks.json"), +// AdditionalClaims: lb.ListenerDefaultActionJwtValidationAdditionalClaimArray{ +// &lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{ +// Format: pulumi.String("string-array"), +// Name: pulumi.String("claim_name1"), +// Values: pulumi.StringArray{ +// pulumi.String("value1"), +// pulumi.String("value2"), +// }, +// }, +// &lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{ +// Format: pulumi.String("single-string"), +// Name: pulumi.String("claim_name2"), +// Values: pulumi.StringArray{ +// pulumi.String("value1"), +// }, +// }, +// }, +// }, +// }, +// &lb.ListenerDefaultActionArgs{ +// TargetGroupArn: pulumi.Any(testAwsLbTargetGroup.Id), +// Type: pulumi.String("forward"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ### Gateway Load Balancer Listener // // ```go diff --git a/sdk/go/aws/alb/listenerRule.go b/sdk/go/aws/alb/listenerRule.go index a40b09baff3..39b0fef0407 100644 --- a/sdk/go/aws/alb/listenerRule.go +++ b/sdk/go/aws/alb/listenerRule.go @@ -15,295 +15,6 @@ import ( // Provides a Load Balancer Listener Rule resource. // // > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical. -// -// ## Example Usage -// -// ```go -// package main -// -// import ( -// -// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito" -// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb" -// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -// -// ) -// -// func main() { -// pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := lb.NewLoadBalancer(ctx, "front_end", nil) -// if err != nil { -// return err -// } -// frontEndListener, err := lb.NewListener(ctx, "front_end", nil) -// if err != nil { -// return err -// } -// _, err = lb.NewListenerRule(ctx, "static", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(100), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// PathPattern: &lb.ListenerRuleConditionPathPatternArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("/static/*"), -// }, -// }, -// }, -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("example.com"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Forward action -// _, err = lb.NewListenerRule(ctx, "host_based_weighted_routing", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(99), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("my-service.*.mycompany.io"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Weighted Forward action -// _, err = lb.NewListenerRule(ctx, "host_based_routing", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(99), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// Forward: &lb.ListenerRuleActionForwardArgs{ -// TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{ -// &lb.ListenerRuleActionForwardTargetGroupArgs{ -// Arn: pulumi.Any(main.Arn), -// Weight: pulumi.Int(80), -// }, -// &lb.ListenerRuleActionForwardTargetGroupArgs{ -// Arn: pulumi.Any(canary.Arn), -// Weight: pulumi.Int(20), -// }, -// }, -// Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{ -// Enabled: pulumi.Bool(true), -// Duration: pulumi.Int(600), -// }, -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("my-service.*.mycompany.io"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Redirect action -// _, err = lb.NewListenerRule(ctx, "redirect_http_to_https", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("redirect"), -// Redirect: &lb.ListenerRuleActionRedirectArgs{ -// Port: pulumi.String("443"), -// Protocol: pulumi.String("HTTPS"), -// StatusCode: pulumi.String("HTTP_301"), -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{ -// HttpHeaderName: pulumi.String("X-Forwarded-For"), -// Values: pulumi.StringArray{ -// pulumi.String("192.168.1.*"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Fixed-response action -// _, err = lb.NewListenerRule(ctx, "health_check", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("fixed-response"), -// FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{ -// ContentType: pulumi.String("text/plain"), -// MessageBody: pulumi.String("HEALTHY"), -// StatusCode: pulumi.String("200"), -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// QueryStrings: lb.ListenerRuleConditionQueryStringArray{ -// &lb.ListenerRuleConditionQueryStringArgs{ -// Key: pulumi.String("health"), -// Value: pulumi.String("check"), -// }, -// &lb.ListenerRuleConditionQueryStringArgs{ -// Value: pulumi.String("bar"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Authenticate-cognito Action -// pool, err := cognito.NewUserPool(ctx, "pool", nil) -// if err != nil { -// return err -// } -// client, err := cognito.NewUserPoolClient(ctx, "client", nil) -// if err != nil { -// return err -// } -// domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil) -// if err != nil { -// return err -// } -// _, err = lb.NewListenerRule(ctx, "admin", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("authenticate-cognito"), -// AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{ -// UserPoolArn: pool.Arn, -// UserPoolClientId: client.ID(), -// UserPoolDomain: domain.Domain, -// }, -// }, -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Authenticate-oidc Action -// _, err = lb.NewListenerRule(ctx, "oidc", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("authenticate-oidc"), -// AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{ -// AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"), -// ClientId: pulumi.String("client_id"), -// ClientSecret: pulumi.String("client_secret"), -// Issuer: pulumi.String("https://example.com"), -// TokenEndpoint: pulumi.String("https://example.com/token_endpoint"), -// UserInfoEndpoint: pulumi.String("https://example.com/user_info_endpoint"), -// }, -// }, -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // With transform -// _, err = lb.NewListenerRule(ctx, "transform", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// PathPattern: &lb.ListenerRuleConditionPathPatternArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("*"), -// }, -// }, -// }, -// }, -// Transforms: lb.ListenerRuleTransformArray{ -// &lb.ListenerRuleTransformArgs{ -// Type: pulumi.String("host-header-rewrite"), -// HostHeaderRewriteConfig: &lb.ListenerRuleTransformHostHeaderRewriteConfigArgs{ -// Rewrite: &lb.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs{ -// Regex: pulumi.String("^mywebsite-(.+).com$"), -// Replace: pulumi.String("internal.dev.$1.myweb.com"), -// }, -// }, -// }, -// &lb.ListenerRuleTransformArgs{ -// Type: pulumi.String("url-rewrite"), -// UrlRewriteConfig: &lb.ListenerRuleTransformUrlRewriteConfigArgs{ -// Rewrite: &lb.ListenerRuleTransformUrlRewriteConfigRewriteArgs{ -// Regex: pulumi.String("^/dp/([A-Za-z0-9]+)/?$"), -// Replace: pulumi.String("/product.php?id=$1"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// return nil -// }) -// } -// -// ``` -// -// ## Import -// -// ### Identity Schema -// -// #### Required -// -// - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule. -// -// Using `pulumi import`, import rules using their ARN. For example: -// -// console -// -// % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b type ListenerRule struct { pulumi.CustomResourceState diff --git a/sdk/go/aws/alb/pulumiTypes.go b/sdk/go/aws/alb/pulumiTypes.go index 3c9834c24e3..250c5371167 100644 --- a/sdk/go/aws/alb/pulumiTypes.go +++ b/sdk/go/aws/alb/pulumiTypes.go @@ -22,13 +22,15 @@ type ListenerDefaultAction struct { FixedResponse *ListenerDefaultActionFixedResponse `pulumi:"fixedResponse"` // Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below. Forward *ListenerDefaultActionForward `pulumi:"forward"` + // Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation *ListenerDefaultActionJwtValidation `pulumi:"jwtValidation"` // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. Order *int `pulumi:"order"` // Configuration block for creating a redirect action. Required if `type` is `redirect`. See below. Redirect *ListenerDefaultActionRedirect `pulumi:"redirect"` // ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match. TargetGroupArn *string `pulumi:"targetGroupArn"` - // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: Type string `pulumi:"type"` @@ -54,13 +56,15 @@ type ListenerDefaultActionArgs struct { FixedResponse ListenerDefaultActionFixedResponsePtrInput `pulumi:"fixedResponse"` // Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below. Forward ListenerDefaultActionForwardPtrInput `pulumi:"forward"` + // Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation ListenerDefaultActionJwtValidationPtrInput `pulumi:"jwtValidation"` // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. Order pulumi.IntPtrInput `pulumi:"order"` // Configuration block for creating a redirect action. Required if `type` is `redirect`. See below. Redirect ListenerDefaultActionRedirectPtrInput `pulumi:"redirect"` // ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match. TargetGroupArn pulumi.StringPtrInput `pulumi:"targetGroupArn"` - // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: Type pulumi.StringInput `pulumi:"type"` @@ -137,6 +141,11 @@ func (o ListenerDefaultActionOutput) Forward() ListenerDefaultActionForwardPtrOu return o.ApplyT(func(v ListenerDefaultAction) *ListenerDefaultActionForward { return v.Forward }).(ListenerDefaultActionForwardPtrOutput) } +// Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. +func (o ListenerDefaultActionOutput) JwtValidation() ListenerDefaultActionJwtValidationPtrOutput { + return o.ApplyT(func(v ListenerDefaultAction) *ListenerDefaultActionJwtValidation { return v.JwtValidation }).(ListenerDefaultActionJwtValidationPtrOutput) +} + // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. func (o ListenerDefaultActionOutput) Order() pulumi.IntPtrOutput { return o.ApplyT(func(v ListenerDefaultAction) *int { return v.Order }).(pulumi.IntPtrOutput) @@ -152,7 +161,7 @@ func (o ListenerDefaultActionOutput) TargetGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v ListenerDefaultAction) *string { return v.TargetGroupArn }).(pulumi.StringPtrOutput) } -// Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. +// Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: func (o ListenerDefaultActionOutput) Type() pulumi.StringOutput { @@ -1419,6 +1428,306 @@ func (o ListenerDefaultActionForwardTargetGroupArrayOutput) Index(i pulumi.IntIn }).(ListenerDefaultActionForwardTargetGroupOutput) } +type ListenerDefaultActionJwtValidation struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims []ListenerDefaultActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer string `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + // + // The following arguments are optional: + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// ListenerDefaultActionJwtValidationInput is an input type that accepts ListenerDefaultActionJwtValidationArgs and ListenerDefaultActionJwtValidationOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationInput` via: +// +// ListenerDefaultActionJwtValidationArgs{...} +type ListenerDefaultActionJwtValidationInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput + ToListenerDefaultActionJwtValidationOutputWithContext(context.Context) ListenerDefaultActionJwtValidationOutput +} + +type ListenerDefaultActionJwtValidationArgs struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims ListenerDefaultActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer pulumi.StringInput `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + // + // The following arguments are optional: + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (ListenerDefaultActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput { + return i.ToListenerDefaultActionJwtValidationOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationOutput) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return i.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationOutput).ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx) +} + +// ListenerDefaultActionJwtValidationPtrInput is an input type that accepts ListenerDefaultActionJwtValidationArgs, ListenerDefaultActionJwtValidationPtr and ListenerDefaultActionJwtValidationPtrOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationPtrInput` via: +// +// ListenerDefaultActionJwtValidationArgs{...} +// +// or: +// +// nil +type ListenerDefaultActionJwtValidationPtrInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput + ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Context) ListenerDefaultActionJwtValidationPtrOutput +} + +type listenerDefaultActionJwtValidationPtrType ListenerDefaultActionJwtValidationArgs + +func ListenerDefaultActionJwtValidationPtr(v *ListenerDefaultActionJwtValidationArgs) ListenerDefaultActionJwtValidationPtrInput { + return (*listenerDefaultActionJwtValidationPtrType)(v) +} + +func (*listenerDefaultActionJwtValidationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i *listenerDefaultActionJwtValidationPtrType) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return i.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i *listenerDefaultActionJwtValidationPtrType) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationPtrOutput) +} + +type ListenerDefaultActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return o.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ListenerDefaultActionJwtValidation) *ListenerDefaultActionJwtValidation { + return &v + }).(ListenerDefaultActionJwtValidationPtrOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerDefaultActionJwtValidationOutput) AdditionalClaims() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) []ListenerDefaultActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerDefaultActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +// +// The following arguments are optional: +func (o ListenerDefaultActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type ListenerDefaultActionJwtValidationPtrOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) Elem() ListenerDefaultActionJwtValidationOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) ListenerDefaultActionJwtValidation { + if v != nil { + return *v + } + var ret ListenerDefaultActionJwtValidation + return ret + }).(ListenerDefaultActionJwtValidationOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerDefaultActionJwtValidationPtrOutput) AdditionalClaims() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) []ListenerDefaultActionJwtValidationAdditionalClaim { + if v == nil { + return nil + } + return v.AdditionalClaims + }).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerDefaultActionJwtValidationPtrOutput) Issuer() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.Issuer + }).(pulumi.StringPtrOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +// +// The following arguments are optional: +func (o ListenerDefaultActionJwtValidationPtrOutput) JwksEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.JwksEndpoint + }).(pulumi.StringPtrOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaim struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format string `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name string `pulumi:"name"` + // List of expected values of the claim. + Values []string `pulumi:"values"` +} + +// ListenerDefaultActionJwtValidationAdditionalClaimInput is an input type that accepts ListenerDefaultActionJwtValidationAdditionalClaimArgs and ListenerDefaultActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationAdditionalClaimInput` via: +// +// ListenerDefaultActionJwtValidationAdditionalClaimArgs{...} +type ListenerDefaultActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput + ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArgs struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format pulumi.StringInput `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name pulumi.StringInput `pulumi:"name"` + // List of expected values of the claim. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ListenerDefaultActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArgs) ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return i.ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArgs) ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + +// ListenerDefaultActionJwtValidationAdditionalClaimArrayInput is an input type that accepts ListenerDefaultActionJwtValidationAdditionalClaimArray and ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationAdditionalClaimArrayInput` via: +// +// ListenerDefaultActionJwtValidationAdditionalClaimArray{ ListenerDefaultActionJwtValidationAdditionalClaimArgs{...} } +type ListenerDefaultActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput + ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArray []ListenerDefaultActionJwtValidationAdditionalClaimInput + +func (ListenerDefaultActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArray) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return i.ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArray) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +// Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +// List of expected values of the claim. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerDefaultActionJwtValidationAdditionalClaim { + return vs[0].([]ListenerDefaultActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(ListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + type ListenerDefaultActionRedirect struct { // Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. Host *string `pulumi:"host"` @@ -1868,6 +2177,8 @@ type ListenerRuleAction struct { // Specify only if `type` is `forward`. // Cannot be specified with `targetGroupArn`. Forward *ListenerRuleActionForward `pulumi:"forward"` + // Information for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation *ListenerRuleActionJwtValidation `pulumi:"jwtValidation"` // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -1880,7 +2191,7 @@ type ListenerRuleAction struct { // To route to one or more target groups, use a `forward` block instead. // Cannot be specified with `forward`. TargetGroupArn *string `pulumi:"targetGroupArn"` - // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. Type string `pulumi:"type"` } @@ -1906,6 +2217,8 @@ type ListenerRuleActionArgs struct { // Specify only if `type` is `forward`. // Cannot be specified with `targetGroupArn`. Forward ListenerRuleActionForwardPtrInput `pulumi:"forward"` + // Information for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation ListenerRuleActionJwtValidationPtrInput `pulumi:"jwtValidation"` // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -1918,7 +2231,7 @@ type ListenerRuleActionArgs struct { // To route to one or more target groups, use a `forward` block instead. // Cannot be specified with `forward`. TargetGroupArn pulumi.StringPtrInput `pulumi:"targetGroupArn"` - // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. Type pulumi.StringInput `pulumi:"type"` } @@ -1995,6 +2308,11 @@ func (o ListenerRuleActionOutput) Forward() ListenerRuleActionForwardPtrOutput { return o.ApplyT(func(v ListenerRuleAction) *ListenerRuleActionForward { return v.Forward }).(ListenerRuleActionForwardPtrOutput) } +// Information for creating a JWT validation action. Required if `type` is `jwt-validation`. +func (o ListenerRuleActionOutput) JwtValidation() ListenerRuleActionJwtValidationPtrOutput { + return o.ApplyT(func(v ListenerRuleAction) *ListenerRuleActionJwtValidation { return v.JwtValidation }).(ListenerRuleActionJwtValidationPtrOutput) +} + // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -2016,7 +2334,7 @@ func (o ListenerRuleActionOutput) TargetGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v ListenerRuleAction) *string { return v.TargetGroupArn }).(pulumi.StringPtrOutput) } -// The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. +// The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. func (o ListenerRuleActionOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v ListenerRuleAction) string { return v.Type }).(pulumi.StringOutput) } @@ -3235,6 +3553,298 @@ func (o ListenerRuleActionForwardTargetGroupArrayOutput) Index(i pulumi.IntInput }).(ListenerRuleActionForwardTargetGroupOutput) } +type ListenerRuleActionJwtValidation struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims []ListenerRuleActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer string `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// ListenerRuleActionJwtValidationInput is an input type that accepts ListenerRuleActionJwtValidationArgs and ListenerRuleActionJwtValidationOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationInput` via: +// +// ListenerRuleActionJwtValidationArgs{...} +type ListenerRuleActionJwtValidationInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput + ToListenerRuleActionJwtValidationOutputWithContext(context.Context) ListenerRuleActionJwtValidationOutput +} + +type ListenerRuleActionJwtValidationArgs struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims ListenerRuleActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer pulumi.StringInput `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (ListenerRuleActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput { + return i.ToListenerRuleActionJwtValidationOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationOutput) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return i.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationOutput).ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx) +} + +// ListenerRuleActionJwtValidationPtrInput is an input type that accepts ListenerRuleActionJwtValidationArgs, ListenerRuleActionJwtValidationPtr and ListenerRuleActionJwtValidationPtrOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationPtrInput` via: +// +// ListenerRuleActionJwtValidationArgs{...} +// +// or: +// +// nil +type ListenerRuleActionJwtValidationPtrInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput + ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Context) ListenerRuleActionJwtValidationPtrOutput +} + +type listenerRuleActionJwtValidationPtrType ListenerRuleActionJwtValidationArgs + +func ListenerRuleActionJwtValidationPtr(v *ListenerRuleActionJwtValidationArgs) ListenerRuleActionJwtValidationPtrInput { + return (*listenerRuleActionJwtValidationPtrType)(v) +} + +func (*listenerRuleActionJwtValidationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i *listenerRuleActionJwtValidationPtrType) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return i.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i *listenerRuleActionJwtValidationPtrType) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationPtrOutput) +} + +type ListenerRuleActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput { + return o +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationOutput { + return o +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return o.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ListenerRuleActionJwtValidation) *ListenerRuleActionJwtValidation { + return &v + }).(ListenerRuleActionJwtValidationPtrOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerRuleActionJwtValidationOutput) AdditionalClaims() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) []ListenerRuleActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerRuleActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +func (o ListenerRuleActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type ListenerRuleActionJwtValidationPtrOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationPtrOutput) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return o +} + +func (o ListenerRuleActionJwtValidationPtrOutput) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return o +} + +func (o ListenerRuleActionJwtValidationPtrOutput) Elem() ListenerRuleActionJwtValidationOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) ListenerRuleActionJwtValidation { + if v != nil { + return *v + } + var ret ListenerRuleActionJwtValidation + return ret + }).(ListenerRuleActionJwtValidationOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerRuleActionJwtValidationPtrOutput) AdditionalClaims() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) []ListenerRuleActionJwtValidationAdditionalClaim { + if v == nil { + return nil + } + return v.AdditionalClaims + }).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerRuleActionJwtValidationPtrOutput) Issuer() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.Issuer + }).(pulumi.StringPtrOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +func (o ListenerRuleActionJwtValidationPtrOutput) JwksEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.JwksEndpoint + }).(pulumi.StringPtrOutput) +} + +type ListenerRuleActionJwtValidationAdditionalClaim struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format string `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name string `pulumi:"name"` + // List of expected values of the claim. + Values []string `pulumi:"values"` +} + +// ListenerRuleActionJwtValidationAdditionalClaimInput is an input type that accepts ListenerRuleActionJwtValidationAdditionalClaimArgs and ListenerRuleActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationAdditionalClaimInput` via: +// +// ListenerRuleActionJwtValidationAdditionalClaimArgs{...} +type ListenerRuleActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput + ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput +} + +type ListenerRuleActionJwtValidationAdditionalClaimArgs struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format pulumi.StringInput `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name pulumi.StringInput `pulumi:"name"` + // List of expected values of the claim. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ListenerRuleActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArgs) ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput { + return i.ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArgs) ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationAdditionalClaimOutput) +} + +// ListenerRuleActionJwtValidationAdditionalClaimArrayInput is an input type that accepts ListenerRuleActionJwtValidationAdditionalClaimArray and ListenerRuleActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationAdditionalClaimArrayInput` via: +// +// ListenerRuleActionJwtValidationAdditionalClaimArray{ ListenerRuleActionJwtValidationAdditionalClaimArgs{...} } +type ListenerRuleActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput + ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput +} + +type ListenerRuleActionJwtValidationAdditionalClaimArray []ListenerRuleActionJwtValidationAdditionalClaimInput + +func (ListenerRuleActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArray) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return i.ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArray) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +type ListenerRuleActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput { + return o +} + +// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +// Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +// List of expected values of the claim. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type ListenerRuleActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) ListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerRuleActionJwtValidationAdditionalClaim { + return vs[0].([]ListenerRuleActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(ListenerRuleActionJwtValidationAdditionalClaimOutput) +} + type ListenerRuleActionRedirect struct { // The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. Host *string `pulumi:"host"` @@ -7163,6 +7773,7 @@ type GetListenerDefaultAction struct { AuthenticateOidcs []GetListenerDefaultActionAuthenticateOidc `pulumi:"authenticateOidcs"` FixedResponses []GetListenerDefaultActionFixedResponse `pulumi:"fixedResponses"` Forwards []GetListenerDefaultActionForward `pulumi:"forwards"` + JwtValidations []GetListenerDefaultActionJwtValidation `pulumi:"jwtValidations"` Order int `pulumi:"order"` Redirects []GetListenerDefaultActionRedirect `pulumi:"redirects"` TargetGroupArn string `pulumi:"targetGroupArn"` @@ -7185,6 +7796,7 @@ type GetListenerDefaultActionArgs struct { AuthenticateOidcs GetListenerDefaultActionAuthenticateOidcArrayInput `pulumi:"authenticateOidcs"` FixedResponses GetListenerDefaultActionFixedResponseArrayInput `pulumi:"fixedResponses"` Forwards GetListenerDefaultActionForwardArrayInput `pulumi:"forwards"` + JwtValidations GetListenerDefaultActionJwtValidationArrayInput `pulumi:"jwtValidations"` Order pulumi.IntInput `pulumi:"order"` Redirects GetListenerDefaultActionRedirectArrayInput `pulumi:"redirects"` TargetGroupArn pulumi.StringInput `pulumi:"targetGroupArn"` @@ -7262,6 +7874,10 @@ func (o GetListenerDefaultActionOutput) Forwards() GetListenerDefaultActionForwa return o.ApplyT(func(v GetListenerDefaultAction) []GetListenerDefaultActionForward { return v.Forwards }).(GetListenerDefaultActionForwardArrayOutput) } +func (o GetListenerDefaultActionOutput) JwtValidations() GetListenerDefaultActionJwtValidationArrayOutput { + return o.ApplyT(func(v GetListenerDefaultAction) []GetListenerDefaultActionJwtValidation { return v.JwtValidations }).(GetListenerDefaultActionJwtValidationArrayOutput) +} + func (o GetListenerDefaultActionOutput) Order() pulumi.IntOutput { return o.ApplyT(func(v GetListenerDefaultAction) int { return v.Order }).(pulumi.IntOutput) } @@ -8005,6 +8621,220 @@ func (o GetListenerDefaultActionForwardTargetGroupArrayOutput) Index(i pulumi.In }).(GetListenerDefaultActionForwardTargetGroupOutput) } +type GetListenerDefaultActionJwtValidation struct { + AdditionalClaims []GetListenerDefaultActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + Issuer string `pulumi:"issuer"` + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// GetListenerDefaultActionJwtValidationInput is an input type that accepts GetListenerDefaultActionJwtValidationArgs and GetListenerDefaultActionJwtValidationOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationInput` via: +// +// GetListenerDefaultActionJwtValidationArgs{...} +type GetListenerDefaultActionJwtValidationInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput + ToGetListenerDefaultActionJwtValidationOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationOutput +} + +type GetListenerDefaultActionJwtValidationArgs struct { + AdditionalClaims GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + Issuer pulumi.StringInput `pulumi:"issuer"` + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (GetListenerDefaultActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationArgs) ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput { + return i.ToGetListenerDefaultActionJwtValidationOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationArgs) ToGetListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationOutput) +} + +// GetListenerDefaultActionJwtValidationArrayInput is an input type that accepts GetListenerDefaultActionJwtValidationArray and GetListenerDefaultActionJwtValidationArrayOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationArrayInput` via: +// +// GetListenerDefaultActionJwtValidationArray{ GetListenerDefaultActionJwtValidationArgs{...} } +type GetListenerDefaultActionJwtValidationArrayInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput + ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationArrayOutput +} + +type GetListenerDefaultActionJwtValidationArray []GetListenerDefaultActionJwtValidationInput + +func (GetListenerDefaultActionJwtValidationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationArray) ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput { + return i.ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationArray) ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationArrayOutput) +} + +type GetListenerDefaultActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationOutput) ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationOutput) ToGetListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationOutput) AdditionalClaims() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) []GetListenerDefaultActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +func (o GetListenerDefaultActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type GetListenerDefaultActionJwtValidationArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) Index(i pulumi.IntInput) GetListenerDefaultActionJwtValidationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerDefaultActionJwtValidation { + return vs[0].([]GetListenerDefaultActionJwtValidation)[vs[1].(int)] + }).(GetListenerDefaultActionJwtValidationOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaim struct { + Format string `pulumi:"format"` + Name string `pulumi:"name"` + Values []string `pulumi:"values"` +} + +// GetListenerDefaultActionJwtValidationAdditionalClaimInput is an input type that accepts GetListenerDefaultActionJwtValidationAdditionalClaimArgs and GetListenerDefaultActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationAdditionalClaimInput` via: +// +// GetListenerDefaultActionJwtValidationAdditionalClaimArgs{...} +type GetListenerDefaultActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput + ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArgs struct { + Format pulumi.StringInput `pulumi:"format"` + Name pulumi.StringInput `pulumi:"name"` + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return i.ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + +// GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput is an input type that accepts GetListenerDefaultActionJwtValidationAdditionalClaimArray and GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput` via: +// +// GetListenerDefaultActionJwtValidationAdditionalClaimArray{ GetListenerDefaultActionJwtValidationAdditionalClaimArgs{...} } +type GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput + ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArray []GetListenerDefaultActionJwtValidationAdditionalClaimInput + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArray) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return i.ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArray) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerDefaultActionJwtValidationAdditionalClaim { + return vs[0].([]GetListenerDefaultActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(GetListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + type GetListenerDefaultActionRedirect struct { Host string `pulumi:"host"` Path string `pulumi:"path"` @@ -8802,6 +9632,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardStickinessPtrInput)(nil)).Elem(), ListenerDefaultActionForwardStickinessArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardTargetGroupInput)(nil)).Elem(), ListenerDefaultActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardTargetGroupArrayInput)(nil)).Elem(), ListenerDefaultActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationInput)(nil)).Elem(), ListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationPtrInput)(nil)).Elem(), ListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaimInput)(nil)).Elem(), ListenerDefaultActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), ListenerDefaultActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionRedirectInput)(nil)).Elem(), ListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionRedirectPtrInput)(nil)).Elem(), ListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerMutualAuthenticationInput)(nil)).Elem(), ListenerMutualAuthenticationArgs{}) @@ -8820,6 +9654,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardStickinessPtrInput)(nil)).Elem(), ListenerRuleActionForwardStickinessArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardTargetGroupInput)(nil)).Elem(), ListenerRuleActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardTargetGroupArrayInput)(nil)).Elem(), ListenerRuleActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationInput)(nil)).Elem(), ListenerRuleActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationPtrInput)(nil)).Elem(), ListenerRuleActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaimInput)(nil)).Elem(), ListenerRuleActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), ListenerRuleActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionRedirectInput)(nil)).Elem(), ListenerRuleActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionRedirectPtrInput)(nil)).Elem(), ListenerRuleActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleConditionInput)(nil)).Elem(), ListenerRuleConditionArgs{}) @@ -8884,6 +9722,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardStickinessArrayInput)(nil)).Elem(), GetListenerDefaultActionForwardStickinessArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardTargetGroupInput)(nil)).Elem(), GetListenerDefaultActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardTargetGroupArrayInput)(nil)).Elem(), GetListenerDefaultActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationArrayInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaimInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionRedirectInput)(nil)).Elem(), GetListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionRedirectArrayInput)(nil)).Elem(), GetListenerDefaultActionRedirectArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerMutualAuthenticationInput)(nil)).Elem(), GetListenerMutualAuthenticationArgs{}) @@ -8911,6 +9753,10 @@ func init() { pulumi.RegisterOutputType(ListenerDefaultActionForwardStickinessPtrOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationPtrOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionRedirectOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionRedirectPtrOutput{}) pulumi.RegisterOutputType(ListenerMutualAuthenticationOutput{}) @@ -8929,6 +9775,10 @@ func init() { pulumi.RegisterOutputType(ListenerRuleActionForwardStickinessPtrOutput{}) pulumi.RegisterOutputType(ListenerRuleActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(ListenerRuleActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationPtrOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(ListenerRuleActionRedirectOutput{}) pulumi.RegisterOutputType(ListenerRuleActionRedirectPtrOutput{}) pulumi.RegisterOutputType(ListenerRuleConditionOutput{}) @@ -8993,6 +9843,10 @@ func init() { pulumi.RegisterOutputType(GetListenerDefaultActionForwardStickinessArrayOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationArrayOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionRedirectOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionRedirectArrayOutput{}) pulumi.RegisterOutputType(GetListenerMutualAuthenticationOutput{}) diff --git a/sdk/go/aws/amp/pulumiTypes.go b/sdk/go/aws/amp/pulumiTypes.go index 0945a73d968..4d0fecb9c6e 100644 --- a/sdk/go/aws/amp/pulumiTypes.go +++ b/sdk/go/aws/amp/pulumiTypes.go @@ -124,7 +124,7 @@ func (o QueryLoggingConfigurationDestinationArrayOutput) Index(i pulumi.IntInput } type QueryLoggingConfigurationDestinationCloudwatchLogs struct { - // The ARN of the CloudWatch log group to which query logs will be sent. + // The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` LogGroupArn string `pulumi:"logGroupArn"` } @@ -140,7 +140,7 @@ type QueryLoggingConfigurationDestinationCloudwatchLogsInput interface { } type QueryLoggingConfigurationDestinationCloudwatchLogsArgs struct { - // The ARN of the CloudWatch log group to which query logs will be sent. + // The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` LogGroupArn pulumi.StringInput `pulumi:"logGroupArn"` } @@ -221,7 +221,7 @@ func (o QueryLoggingConfigurationDestinationCloudwatchLogsOutput) ToQueryLogging }).(QueryLoggingConfigurationDestinationCloudwatchLogsPtrOutput) } -// The ARN of the CloudWatch log group to which query logs will be sent. +// The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` func (o QueryLoggingConfigurationDestinationCloudwatchLogsOutput) LogGroupArn() pulumi.StringOutput { return o.ApplyT(func(v QueryLoggingConfigurationDestinationCloudwatchLogs) string { return v.LogGroupArn }).(pulumi.StringOutput) } @@ -250,7 +250,7 @@ func (o QueryLoggingConfigurationDestinationCloudwatchLogsPtrOutput) Elem() Quer }).(QueryLoggingConfigurationDestinationCloudwatchLogsOutput) } -// The ARN of the CloudWatch log group to which query logs will be sent. +// The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*` func (o QueryLoggingConfigurationDestinationCloudwatchLogsPtrOutput) LogGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *QueryLoggingConfigurationDestinationCloudwatchLogs) *string { if v == nil { @@ -2062,7 +2062,7 @@ func (o WorkspaceConfigurationTimeoutsPtrOutput) Update() pulumi.StringPtrOutput } type WorkspaceLoggingConfiguration struct { - // The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. + // The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` LogGroupArn string `pulumi:"logGroupArn"` } @@ -2078,7 +2078,7 @@ type WorkspaceLoggingConfigurationInput interface { } type WorkspaceLoggingConfigurationArgs struct { - // The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. + // The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` LogGroupArn pulumi.StringInput `pulumi:"logGroupArn"` } @@ -2159,7 +2159,7 @@ func (o WorkspaceLoggingConfigurationOutput) ToWorkspaceLoggingConfigurationPtrO }).(WorkspaceLoggingConfigurationPtrOutput) } -// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. +// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` func (o WorkspaceLoggingConfigurationOutput) LogGroupArn() pulumi.StringOutput { return o.ApplyT(func(v WorkspaceLoggingConfiguration) string { return v.LogGroupArn }).(pulumi.StringOutput) } @@ -2188,7 +2188,7 @@ func (o WorkspaceLoggingConfigurationPtrOutput) Elem() WorkspaceLoggingConfigura }).(WorkspaceLoggingConfigurationOutput) } -// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. +// The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*` func (o WorkspaceLoggingConfigurationPtrOutput) LogGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *WorkspaceLoggingConfiguration) *string { if v == nil { diff --git a/sdk/go/aws/backup/logicallyAirGappedVault.go b/sdk/go/aws/backup/logicallyAirGappedVault.go index 256e43bcf44..c53fd56926a 100644 --- a/sdk/go/aws/backup/logicallyAirGappedVault.go +++ b/sdk/go/aws/backup/logicallyAirGappedVault.go @@ -56,6 +56,8 @@ type LogicallyAirGappedVault struct { // The ARN of the Logically Air Gapped Backup Vault. Arn pulumi.StringOutput `pulumi:"arn"` + // The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + EncryptionKeyArn pulumi.StringOutput `pulumi:"encryptionKeyArn"` // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. MaxRetentionDays pulumi.IntOutput `pulumi:"maxRetentionDays"` // Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points. @@ -109,6 +111,8 @@ func GetLogicallyAirGappedVault(ctx *pulumi.Context, type logicallyAirGappedVaultState struct { // The ARN of the Logically Air Gapped Backup Vault. Arn *string `pulumi:"arn"` + // The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + EncryptionKeyArn *string `pulumi:"encryptionKeyArn"` // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. MaxRetentionDays *int `pulumi:"maxRetentionDays"` // Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points. @@ -127,6 +131,8 @@ type logicallyAirGappedVaultState struct { type LogicallyAirGappedVaultState struct { // The ARN of the Logically Air Gapped Backup Vault. Arn pulumi.StringPtrInput + // The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + EncryptionKeyArn pulumi.StringPtrInput // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. MaxRetentionDays pulumi.IntPtrInput // Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points. @@ -147,6 +153,8 @@ func (LogicallyAirGappedVaultState) ElementType() reflect.Type { } type logicallyAirGappedVaultArgs struct { + // The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + EncryptionKeyArn *string `pulumi:"encryptionKeyArn"` // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. MaxRetentionDays int `pulumi:"maxRetentionDays"` // Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points. @@ -162,6 +170,8 @@ type logicallyAirGappedVaultArgs struct { // The set of arguments for constructing a LogicallyAirGappedVault resource. type LogicallyAirGappedVaultArgs struct { + // The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. + EncryptionKeyArn pulumi.StringPtrInput // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. MaxRetentionDays pulumi.IntInput // Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points. @@ -267,6 +277,11 @@ func (o LogicallyAirGappedVaultOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *LogicallyAirGappedVault) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } +// The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault. +func (o LogicallyAirGappedVaultOutput) EncryptionKeyArn() pulumi.StringOutput { + return o.ApplyT(func(v *LogicallyAirGappedVault) pulumi.StringOutput { return v.EncryptionKeyArn }).(pulumi.StringOutput) +} + // Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points. func (o LogicallyAirGappedVaultOutput) MaxRetentionDays() pulumi.IntOutput { return o.ApplyT(func(v *LogicallyAirGappedVault) pulumi.IntOutput { return v.MaxRetentionDays }).(pulumi.IntOutput) diff --git a/sdk/go/aws/bedrock/agentcoreAgentRuntime.go b/sdk/go/aws/bedrock/agentcoreAgentRuntime.go index d2d229ecf80..6fe3a524bf7 100644 --- a/sdk/go/aws/bedrock/agentcoreAgentRuntime.go +++ b/sdk/go/aws/bedrock/agentcoreAgentRuntime.go @@ -171,6 +171,50 @@ import ( // // ``` // +// ### Agent runtime artifact from S3 with Code Configuration +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/bedrock" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := bedrock.NewAgentcoreAgentRuntime(ctx, "example", &bedrock.AgentcoreAgentRuntimeArgs{ +// AgentRuntimeName: pulumi.String("example_agent_runtime"), +// RoleArn: pulumi.Any(exampleAwsIamRole.Arn), +// AgentRuntimeArtifact: &bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{ +// CodeConfiguration: &bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{ +// EntryPoints: pulumi.StringArray{ +// pulumi.String("main.py"), +// }, +// Runtime: pulumi.String("PYTHON_3_13"), +// Code: &bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{ +// S3: &bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{ +// Bucket: pulumi.String("example-bucket"), +// Prefix: pulumi.String("example-agent-runtime-code.zip"), +// }, +// }, +// }, +// }, +// NetworkConfiguration: &bedrock.AgentcoreAgentRuntimeNetworkConfigurationArgs{ +// NetworkMode: pulumi.String("PUBLIC"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example: diff --git a/sdk/go/aws/bedrock/pulumiTypes.go b/sdk/go/aws/bedrock/pulumiTypes.go index fd5205531e8..512034206fc 100644 --- a/sdk/go/aws/bedrock/pulumiTypes.go +++ b/sdk/go/aws/bedrock/pulumiTypes.go @@ -19908,6 +19908,8 @@ func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationPtrOutput) TableNa } type AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping struct { + // Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + CustomMetadataField *string `pulumi:"customMetadataField"` // Name of the field in which Amazon Bedrock stores metadata about the vector store. MetadataField string `pulumi:"metadataField"` // Name of the field in which Amazon Bedrock stores the ID for each entry. @@ -19930,6 +19932,8 @@ type AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingInput int } type AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs struct { + // Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + CustomMetadataField pulumi.StringPtrInput `pulumi:"customMetadataField"` // Name of the field in which Amazon Bedrock stores metadata about the vector store. MetadataField pulumi.StringInput `pulumi:"metadataField"` // Name of the field in which Amazon Bedrock stores the ID for each entry. @@ -20017,6 +20021,13 @@ func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingOutput }).(AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingPtrOutput) } +// Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. +func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingOutput) CustomMetadataField() pulumi.StringPtrOutput { + return o.ApplyT(func(v AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping) *string { + return v.CustomMetadataField + }).(pulumi.StringPtrOutput) +} + // Name of the field in which Amazon Bedrock stores metadata about the vector store. func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingOutput) MetadataField() pulumi.StringOutput { return o.ApplyT(func(v AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping) string { @@ -20067,6 +20078,16 @@ func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingPtrOut }).(AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingOutput) } +// Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. +func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingPtrOutput) CustomMetadataField() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping) *string { + if v == nil { + return nil + } + return v.CustomMetadataField + }).(pulumi.StringPtrOutput) +} + // Name of the field in which Amazon Bedrock stores metadata about the vector store. func (o AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingPtrOutput) MetadataField() pulumi.StringPtrOutput { return o.ApplyT(func(v *AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping) *string { @@ -24334,7 +24355,9 @@ func (o AgentPromptVariantTemplateConfigurationTextInputVariableArrayOutput) Ind } type AgentcoreAgentRuntimeAgentRuntimeArtifact struct { - // Container configuration block. See `containerConfiguration` below. + // Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + CodeConfiguration *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration `pulumi:"codeConfiguration"` + // Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. ContainerConfiguration *AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration `pulumi:"containerConfiguration"` } @@ -24350,7 +24373,9 @@ type AgentcoreAgentRuntimeAgentRuntimeArtifactInput interface { } type AgentcoreAgentRuntimeAgentRuntimeArtifactArgs struct { - // Container configuration block. See `containerConfiguration` below. + // Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + CodeConfiguration AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput `pulumi:"codeConfiguration"` + // Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. ContainerConfiguration AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrInput `pulumi:"containerConfiguration"` } @@ -24431,7 +24456,14 @@ func (o AgentcoreAgentRuntimeAgentRuntimeArtifactOutput) ToAgentcoreAgentRuntime }).(AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput) } -// Container configuration block. See `containerConfiguration` below. +// Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactOutput) CodeConfiguration() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifact) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration { + return v.CodeConfiguration + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) +} + +// Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. func (o AgentcoreAgentRuntimeAgentRuntimeArtifactOutput) ContainerConfiguration() AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrOutput { return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifact) *AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration { return v.ContainerConfiguration @@ -24462,7 +24494,17 @@ func (o AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput) Elem() AgentcoreAgen }).(AgentcoreAgentRuntimeAgentRuntimeArtifactOutput) } -// Container configuration block. See `containerConfiguration` below. +// Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput) CodeConfiguration() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifact) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration { + if v == nil { + return nil + } + return v.CodeConfiguration + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) +} + +// Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. func (o AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput) ContainerConfiguration() AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrOutput { return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifact) *AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration { if v == nil { @@ -24472,6 +24514,497 @@ func (o AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput) ContainerConfigurati }).(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrOutput) } +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration struct { + // Configuration block for the source code location and configuration details. See `code` below. + Code *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode `pulumi:"code"` + // Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + EntryPoints []string `pulumi:"entryPoints"` + // Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + Runtime string `pulumi:"runtime"` +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationInput is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationInput` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{...} +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationInput interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs struct { + // Configuration block for the source code location and configuration details. See `code` below. + Code AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput `pulumi:"code"` + // Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + EntryPoints pulumi.StringArrayInput `pulumi:"entryPoints"` + // Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + Runtime pulumi.StringInput `pulumi:"runtime"` +} + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration)(nil)).Elem() +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput).ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(ctx) +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs, AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtr and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{...} +// +// or: +// +// nil +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput +} + +type agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrType AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs + +func AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtr(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput { + return (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrType)(v) +} + +func (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration)(nil)).Elem() +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(context.Background()) +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(context.Background()) +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration { + return &v + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) +} + +// Configuration block for the source code location and configuration details. See `code` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) Code() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode { + return v.Code + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) +} + +// Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) EntryPoints() pulumi.StringArrayOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) []string { return v.EntryPoints }).(pulumi.StringArrayOutput) +} + +// Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) Runtime() pulumi.StringOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) string { return v.Runtime }).(pulumi.StringOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) Elem() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration { + if v != nil { + return *v + } + var ret AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration + return ret + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput) +} + +// Configuration block for the source code location and configuration details. See `code` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) Code() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode { + if v == nil { + return nil + } + return v.Code + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) +} + +// Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) EntryPoints() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) []string { + if v == nil { + return nil + } + return v.EntryPoints + }).(pulumi.StringArrayOutput) +} + +// Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput) Runtime() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration) *string { + if v == nil { + return nil + } + return &v.Runtime + }).(pulumi.StringPtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode struct { + // Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + S3 *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 `pulumi:"s3"` +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeInput is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeInput` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{...} +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeInput interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs struct { + // Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + S3 AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput `pulumi:"s3"` +} + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode)(nil)).Elem() +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput).ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(ctx) +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs, AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtr and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{...} +// +// or: +// +// nil +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput +} + +type agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrType AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs + +func AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtr(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput { + return (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrType)(v) +} + +func (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode)(nil)).Elem() +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(context.Background()) +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(context.Background()) +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode { + return &v + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) +} + +// Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) S3() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 { + return v.S3 + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) Elem() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode { + if v != nil { + return *v + } + var ret AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode + return ret + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput) +} + +// Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput) S3() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 { + if v == nil { + return nil + } + return v.S3 + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 struct { + // Name of the Amazon S3 bucket. + Bucket string `pulumi:"bucket"` + // Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + Prefix string `pulumi:"prefix"` + // Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + VersionId *string `pulumi:"versionId"` +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Input is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Input` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{...} +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Input interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3OutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args struct { + // Name of the Amazon S3 bucket. + Bucket pulumi.StringInput `pulumi:"bucket"` + // Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + Prefix pulumi.StringInput `pulumi:"prefix"` + // Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + VersionId pulumi.StringPtrInput `pulumi:"versionId"` +} + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3)(nil)).Elem() +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3OutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3OutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(context.Background()) +} + +func (i AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output).ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(ctx) +} + +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput is an input type that accepts AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args, AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Ptr and AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput values. +// You can construct a concrete instance of `AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput` via: +// +// AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{...} +// +// or: +// +// nil +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput interface { + pulumi.Input + + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput + ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput +} + +type agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrType AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args + +func AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Ptr(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput { + return (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrType)(v) +} + +func (*agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3)(nil)).Elem() +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return i.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(context.Background()) +} + +func (i *agentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrType) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) ElementType() reflect.Type { + return reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3OutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o.ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(context.Background()) +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 { + return &v + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) +} + +// Name of the Amazon S3 bucket. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) Bucket() pulumi.StringOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) string { return v.Bucket }).(pulumi.StringOutput) +} + +// Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) Prefix() pulumi.StringOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) string { return v.Prefix }).(pulumi.StringOutput) +} + +// Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) VersionId() pulumi.StringPtrOutput { + return o.ApplyT(func(v AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) *string { return v.VersionId }).(pulumi.StringPtrOutput) +} + +type AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput struct{ *pulumi.OutputState } + +func (AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3)(nil)).Elem() +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) ToAgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutputWithContext(ctx context.Context) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput { + return o +} + +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) Elem() AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 { + if v != nil { + return *v + } + var ret AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 + return ret + }).(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output) +} + +// Name of the Amazon S3 bucket. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) Bucket() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) *string { + if v == nil { + return nil + } + return &v.Bucket + }).(pulumi.StringPtrOutput) +} + +// Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) Prefix() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) *string { + if v == nil { + return nil + } + return &v.Prefix + }).(pulumi.StringPtrOutput) +} + +// Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. +func (o AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput) VersionId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3) *string { + if v == nil { + return nil + } + return v.VersionId + }).(pulumi.StringPtrOutput) +} + type AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration struct { // URI of the container image in Amazon ECR. ContainerUri string `pulumi:"containerUri"` @@ -39872,9 +40405,21 @@ func (o GuardrailContentPolicyConfigPtrOutput) TierConfigs() GuardrailContentPol } type GuardrailContentPolicyConfigFiltersConfig struct { - // Strength for filters. + // Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + InputAction *string `pulumi:"inputAction"` + // Toggles guardrail evaluation on input. + InputEnabled *bool `pulumi:"inputEnabled"` + // List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + InputModalities []string `pulumi:"inputModalities"` + // Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. InputStrength string `pulumi:"inputStrength"` - // Strength for filters. + // Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + OutputAction *string `pulumi:"outputAction"` + // Toggles guardrail evaluation on output. + OutputEnabled *bool `pulumi:"outputEnabled"` + // List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + OutputModalities []string `pulumi:"outputModalities"` + // Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. OutputStrength string `pulumi:"outputStrength"` // Type of contextual grounding filter. Type string `pulumi:"type"` @@ -39892,9 +40437,21 @@ type GuardrailContentPolicyConfigFiltersConfigInput interface { } type GuardrailContentPolicyConfigFiltersConfigArgs struct { - // Strength for filters. + // Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + InputAction pulumi.StringPtrInput `pulumi:"inputAction"` + // Toggles guardrail evaluation on input. + InputEnabled pulumi.BoolPtrInput `pulumi:"inputEnabled"` + // List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + InputModalities pulumi.StringArrayInput `pulumi:"inputModalities"` + // Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. InputStrength pulumi.StringInput `pulumi:"inputStrength"` - // Strength for filters. + // Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + OutputAction pulumi.StringPtrInput `pulumi:"outputAction"` + // Toggles guardrail evaluation on output. + OutputEnabled pulumi.BoolPtrInput `pulumi:"outputEnabled"` + // List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + OutputModalities pulumi.StringArrayInput `pulumi:"outputModalities"` + // Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. OutputStrength pulumi.StringInput `pulumi:"outputStrength"` // Type of contextual grounding filter. Type pulumi.StringInput `pulumi:"type"` @@ -39951,12 +40508,42 @@ func (o GuardrailContentPolicyConfigFiltersConfigOutput) ToGuardrailContentPolic return o } -// Strength for filters. +// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) InputAction() pulumi.StringPtrOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) *string { return v.InputAction }).(pulumi.StringPtrOutput) +} + +// Toggles guardrail evaluation on input. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) InputEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) *bool { return v.InputEnabled }).(pulumi.BoolPtrOutput) +} + +// List of selected input modalities. Valid values: `IMAGE`, `TEXT`. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) InputModalities() pulumi.StringArrayOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) []string { return v.InputModalities }).(pulumi.StringArrayOutput) +} + +// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. func (o GuardrailContentPolicyConfigFiltersConfigOutput) InputStrength() pulumi.StringOutput { return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) string { return v.InputStrength }).(pulumi.StringOutput) } -// Strength for filters. +// Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) OutputAction() pulumi.StringPtrOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) *string { return v.OutputAction }).(pulumi.StringPtrOutput) +} + +// Toggles guardrail evaluation on output. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) OutputEnabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) *bool { return v.OutputEnabled }).(pulumi.BoolPtrOutput) +} + +// List of selected output modalities. Valid values: `IMAGE`, `TEXT`. +func (o GuardrailContentPolicyConfigFiltersConfigOutput) OutputModalities() pulumi.StringArrayOutput { + return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) []string { return v.OutputModalities }).(pulumi.StringArrayOutput) +} + +// Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. func (o GuardrailContentPolicyConfigFiltersConfigOutput) OutputStrength() pulumi.StringOutput { return o.ApplyT(func(v GuardrailContentPolicyConfigFiltersConfig) string { return v.OutputStrength }).(pulumi.StringOutput) } @@ -44259,6 +44846,12 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*AgentPromptVariantTemplateConfigurationTextInputVariableArrayInput)(nil)).Elem(), AgentPromptVariantTemplateConfigurationTextInputVariableArray{}) pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactPtrInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Input)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{}) + pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args{}) pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrInput)(nil)).Elem(), AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AgentcoreAgentRuntimeAuthorizerConfigurationInput)(nil)).Elem(), AgentcoreAgentRuntimeAuthorizerConfigurationArgs{}) @@ -44843,6 +45436,12 @@ func init() { pulumi.RegisterOutputType(AgentPromptVariantTemplateConfigurationTextInputVariableArrayOutput{}) pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactOutput{}) pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactPtrOutput{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationOutput{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationPtrOutput{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeOutput{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodePtrOutput{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Output{}) + pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3PtrOutput{}) pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationOutput{}) pulumi.RegisterOutputType(AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationPtrOutput{}) pulumi.RegisterOutputType(AgentcoreAgentRuntimeAuthorizerConfigurationOutput{}) diff --git a/sdk/go/aws/billing/init.go b/sdk/go/aws/billing/init.go new file mode 100644 index 00000000000..9f7263ce88c --- /dev/null +++ b/sdk/go/aws/billing/init.go @@ -0,0 +1,44 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package billing + +import ( + "fmt" + + "github.com/blang/semver" + "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +type module struct { + version semver.Version +} + +func (m *module) Version() semver.Version { + return m.version +} + +func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { + switch typ { + case "aws:billing/view:View": + r = &View{} + default: + return nil, fmt.Errorf("unknown resource type: %s", typ) + } + + err = ctx.RegisterResource(typ, name, nil, r, pulumi.URN_(urn)) + return +} + +func init() { + version, err := internal.PkgVersion() + if err != nil { + version = semver.Version{Major: 1} + } + pulumi.RegisterResourceModule( + "aws", + "billing/view", + &module{version}, + ) +} diff --git a/sdk/go/aws/billing/pulumiTypes.go b/sdk/go/aws/billing/pulumiTypes.go index 6b3acdffef5..3db1ecda7ed 100644 --- a/sdk/go/aws/billing/pulumiTypes.go +++ b/sdk/go/aws/billing/pulumiTypes.go @@ -13,6 +13,770 @@ import ( var _ = internal.GetEnvOrDefault +type ViewDataFilterExpression struct { + // Dimension to use for `expression`. Refer to #dimensions for more details. + Dimensions *ViewDataFilterExpressionDimensions `pulumi:"dimensions"` + // List of key value map specifying tags associated to the billing view being created. + Tags []ViewDataFilterExpressionTag `pulumi:"tags"` + // Time range to use for `expression`. Refer to #time-range for more details. + TimeRange *ViewDataFilterExpressionTimeRange `pulumi:"timeRange"` +} + +// ViewDataFilterExpressionInput is an input type that accepts ViewDataFilterExpressionArgs and ViewDataFilterExpressionOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionInput` via: +// +// ViewDataFilterExpressionArgs{...} +type ViewDataFilterExpressionInput interface { + pulumi.Input + + ToViewDataFilterExpressionOutput() ViewDataFilterExpressionOutput + ToViewDataFilterExpressionOutputWithContext(context.Context) ViewDataFilterExpressionOutput +} + +type ViewDataFilterExpressionArgs struct { + // Dimension to use for `expression`. Refer to #dimensions for more details. + Dimensions ViewDataFilterExpressionDimensionsPtrInput `pulumi:"dimensions"` + // List of key value map specifying tags associated to the billing view being created. + Tags ViewDataFilterExpressionTagArrayInput `pulumi:"tags"` + // Time range to use for `expression`. Refer to #time-range for more details. + TimeRange ViewDataFilterExpressionTimeRangePtrInput `pulumi:"timeRange"` +} + +func (ViewDataFilterExpressionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpression)(nil)).Elem() +} + +func (i ViewDataFilterExpressionArgs) ToViewDataFilterExpressionOutput() ViewDataFilterExpressionOutput { + return i.ToViewDataFilterExpressionOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionArgs) ToViewDataFilterExpressionOutputWithContext(ctx context.Context) ViewDataFilterExpressionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionOutput) +} + +func (i ViewDataFilterExpressionArgs) ToViewDataFilterExpressionPtrOutput() ViewDataFilterExpressionPtrOutput { + return i.ToViewDataFilterExpressionPtrOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionArgs) ToViewDataFilterExpressionPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionOutput).ToViewDataFilterExpressionPtrOutputWithContext(ctx) +} + +// ViewDataFilterExpressionPtrInput is an input type that accepts ViewDataFilterExpressionArgs, ViewDataFilterExpressionPtr and ViewDataFilterExpressionPtrOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionPtrInput` via: +// +// ViewDataFilterExpressionArgs{...} +// +// or: +// +// nil +type ViewDataFilterExpressionPtrInput interface { + pulumi.Input + + ToViewDataFilterExpressionPtrOutput() ViewDataFilterExpressionPtrOutput + ToViewDataFilterExpressionPtrOutputWithContext(context.Context) ViewDataFilterExpressionPtrOutput +} + +type viewDataFilterExpressionPtrType ViewDataFilterExpressionArgs + +func ViewDataFilterExpressionPtr(v *ViewDataFilterExpressionArgs) ViewDataFilterExpressionPtrInput { + return (*viewDataFilterExpressionPtrType)(v) +} + +func (*viewDataFilterExpressionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpression)(nil)).Elem() +} + +func (i *viewDataFilterExpressionPtrType) ToViewDataFilterExpressionPtrOutput() ViewDataFilterExpressionPtrOutput { + return i.ToViewDataFilterExpressionPtrOutputWithContext(context.Background()) +} + +func (i *viewDataFilterExpressionPtrType) ToViewDataFilterExpressionPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionPtrOutput) +} + +type ViewDataFilterExpressionOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpression)(nil)).Elem() +} + +func (o ViewDataFilterExpressionOutput) ToViewDataFilterExpressionOutput() ViewDataFilterExpressionOutput { + return o +} + +func (o ViewDataFilterExpressionOutput) ToViewDataFilterExpressionOutputWithContext(ctx context.Context) ViewDataFilterExpressionOutput { + return o +} + +func (o ViewDataFilterExpressionOutput) ToViewDataFilterExpressionPtrOutput() ViewDataFilterExpressionPtrOutput { + return o.ToViewDataFilterExpressionPtrOutputWithContext(context.Background()) +} + +func (o ViewDataFilterExpressionOutput) ToViewDataFilterExpressionPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ViewDataFilterExpression) *ViewDataFilterExpression { + return &v + }).(ViewDataFilterExpressionPtrOutput) +} + +// Dimension to use for `expression`. Refer to #dimensions for more details. +func (o ViewDataFilterExpressionOutput) Dimensions() ViewDataFilterExpressionDimensionsPtrOutput { + return o.ApplyT(func(v ViewDataFilterExpression) *ViewDataFilterExpressionDimensions { return v.Dimensions }).(ViewDataFilterExpressionDimensionsPtrOutput) +} + +// List of key value map specifying tags associated to the billing view being created. +func (o ViewDataFilterExpressionOutput) Tags() ViewDataFilterExpressionTagArrayOutput { + return o.ApplyT(func(v ViewDataFilterExpression) []ViewDataFilterExpressionTag { return v.Tags }).(ViewDataFilterExpressionTagArrayOutput) +} + +// Time range to use for `expression`. Refer to #time-range for more details. +func (o ViewDataFilterExpressionOutput) TimeRange() ViewDataFilterExpressionTimeRangePtrOutput { + return o.ApplyT(func(v ViewDataFilterExpression) *ViewDataFilterExpressionTimeRange { return v.TimeRange }).(ViewDataFilterExpressionTimeRangePtrOutput) +} + +type ViewDataFilterExpressionPtrOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpression)(nil)).Elem() +} + +func (o ViewDataFilterExpressionPtrOutput) ToViewDataFilterExpressionPtrOutput() ViewDataFilterExpressionPtrOutput { + return o +} + +func (o ViewDataFilterExpressionPtrOutput) ToViewDataFilterExpressionPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionPtrOutput { + return o +} + +func (o ViewDataFilterExpressionPtrOutput) Elem() ViewDataFilterExpressionOutput { + return o.ApplyT(func(v *ViewDataFilterExpression) ViewDataFilterExpression { + if v != nil { + return *v + } + var ret ViewDataFilterExpression + return ret + }).(ViewDataFilterExpressionOutput) +} + +// Dimension to use for `expression`. Refer to #dimensions for more details. +func (o ViewDataFilterExpressionPtrOutput) Dimensions() ViewDataFilterExpressionDimensionsPtrOutput { + return o.ApplyT(func(v *ViewDataFilterExpression) *ViewDataFilterExpressionDimensions { + if v == nil { + return nil + } + return v.Dimensions + }).(ViewDataFilterExpressionDimensionsPtrOutput) +} + +// List of key value map specifying tags associated to the billing view being created. +func (o ViewDataFilterExpressionPtrOutput) Tags() ViewDataFilterExpressionTagArrayOutput { + return o.ApplyT(func(v *ViewDataFilterExpression) []ViewDataFilterExpressionTag { + if v == nil { + return nil + } + return v.Tags + }).(ViewDataFilterExpressionTagArrayOutput) +} + +// Time range to use for `expression`. Refer to #time-range for more details. +func (o ViewDataFilterExpressionPtrOutput) TimeRange() ViewDataFilterExpressionTimeRangePtrOutput { + return o.ApplyT(func(v *ViewDataFilterExpression) *ViewDataFilterExpressionTimeRange { + if v == nil { + return nil + } + return v.TimeRange + }).(ViewDataFilterExpressionTimeRangePtrOutput) +} + +type ViewDataFilterExpressionDimensions struct { + // Key of the dimension. Possible values are `LINKED_ACCOUNT`. + Key string `pulumi:"key"` + // List of metadata values that you can use to filter and group your results. + Values []string `pulumi:"values"` +} + +// ViewDataFilterExpressionDimensionsInput is an input type that accepts ViewDataFilterExpressionDimensionsArgs and ViewDataFilterExpressionDimensionsOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionDimensionsInput` via: +// +// ViewDataFilterExpressionDimensionsArgs{...} +type ViewDataFilterExpressionDimensionsInput interface { + pulumi.Input + + ToViewDataFilterExpressionDimensionsOutput() ViewDataFilterExpressionDimensionsOutput + ToViewDataFilterExpressionDimensionsOutputWithContext(context.Context) ViewDataFilterExpressionDimensionsOutput +} + +type ViewDataFilterExpressionDimensionsArgs struct { + // Key of the dimension. Possible values are `LINKED_ACCOUNT`. + Key pulumi.StringInput `pulumi:"key"` + // List of metadata values that you can use to filter and group your results. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ViewDataFilterExpressionDimensionsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionDimensions)(nil)).Elem() +} + +func (i ViewDataFilterExpressionDimensionsArgs) ToViewDataFilterExpressionDimensionsOutput() ViewDataFilterExpressionDimensionsOutput { + return i.ToViewDataFilterExpressionDimensionsOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionDimensionsArgs) ToViewDataFilterExpressionDimensionsOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionDimensionsOutput) +} + +func (i ViewDataFilterExpressionDimensionsArgs) ToViewDataFilterExpressionDimensionsPtrOutput() ViewDataFilterExpressionDimensionsPtrOutput { + return i.ToViewDataFilterExpressionDimensionsPtrOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionDimensionsArgs) ToViewDataFilterExpressionDimensionsPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionDimensionsOutput).ToViewDataFilterExpressionDimensionsPtrOutputWithContext(ctx) +} + +// ViewDataFilterExpressionDimensionsPtrInput is an input type that accepts ViewDataFilterExpressionDimensionsArgs, ViewDataFilterExpressionDimensionsPtr and ViewDataFilterExpressionDimensionsPtrOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionDimensionsPtrInput` via: +// +// ViewDataFilterExpressionDimensionsArgs{...} +// +// or: +// +// nil +type ViewDataFilterExpressionDimensionsPtrInput interface { + pulumi.Input + + ToViewDataFilterExpressionDimensionsPtrOutput() ViewDataFilterExpressionDimensionsPtrOutput + ToViewDataFilterExpressionDimensionsPtrOutputWithContext(context.Context) ViewDataFilterExpressionDimensionsPtrOutput +} + +type viewDataFilterExpressionDimensionsPtrType ViewDataFilterExpressionDimensionsArgs + +func ViewDataFilterExpressionDimensionsPtr(v *ViewDataFilterExpressionDimensionsArgs) ViewDataFilterExpressionDimensionsPtrInput { + return (*viewDataFilterExpressionDimensionsPtrType)(v) +} + +func (*viewDataFilterExpressionDimensionsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpressionDimensions)(nil)).Elem() +} + +func (i *viewDataFilterExpressionDimensionsPtrType) ToViewDataFilterExpressionDimensionsPtrOutput() ViewDataFilterExpressionDimensionsPtrOutput { + return i.ToViewDataFilterExpressionDimensionsPtrOutputWithContext(context.Background()) +} + +func (i *viewDataFilterExpressionDimensionsPtrType) ToViewDataFilterExpressionDimensionsPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionDimensionsPtrOutput) +} + +type ViewDataFilterExpressionDimensionsOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionDimensionsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionDimensions)(nil)).Elem() +} + +func (o ViewDataFilterExpressionDimensionsOutput) ToViewDataFilterExpressionDimensionsOutput() ViewDataFilterExpressionDimensionsOutput { + return o +} + +func (o ViewDataFilterExpressionDimensionsOutput) ToViewDataFilterExpressionDimensionsOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsOutput { + return o +} + +func (o ViewDataFilterExpressionDimensionsOutput) ToViewDataFilterExpressionDimensionsPtrOutput() ViewDataFilterExpressionDimensionsPtrOutput { + return o.ToViewDataFilterExpressionDimensionsPtrOutputWithContext(context.Background()) +} + +func (o ViewDataFilterExpressionDimensionsOutput) ToViewDataFilterExpressionDimensionsPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ViewDataFilterExpressionDimensions) *ViewDataFilterExpressionDimensions { + return &v + }).(ViewDataFilterExpressionDimensionsPtrOutput) +} + +// Key of the dimension. Possible values are `LINKED_ACCOUNT`. +func (o ViewDataFilterExpressionDimensionsOutput) Key() pulumi.StringOutput { + return o.ApplyT(func(v ViewDataFilterExpressionDimensions) string { return v.Key }).(pulumi.StringOutput) +} + +// List of metadata values that you can use to filter and group your results. +func (o ViewDataFilterExpressionDimensionsOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ViewDataFilterExpressionDimensions) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type ViewDataFilterExpressionDimensionsPtrOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionDimensionsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpressionDimensions)(nil)).Elem() +} + +func (o ViewDataFilterExpressionDimensionsPtrOutput) ToViewDataFilterExpressionDimensionsPtrOutput() ViewDataFilterExpressionDimensionsPtrOutput { + return o +} + +func (o ViewDataFilterExpressionDimensionsPtrOutput) ToViewDataFilterExpressionDimensionsPtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionDimensionsPtrOutput { + return o +} + +func (o ViewDataFilterExpressionDimensionsPtrOutput) Elem() ViewDataFilterExpressionDimensionsOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionDimensions) ViewDataFilterExpressionDimensions { + if v != nil { + return *v + } + var ret ViewDataFilterExpressionDimensions + return ret + }).(ViewDataFilterExpressionDimensionsOutput) +} + +// Key of the dimension. Possible values are `LINKED_ACCOUNT`. +func (o ViewDataFilterExpressionDimensionsPtrOutput) Key() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionDimensions) *string { + if v == nil { + return nil + } + return &v.Key + }).(pulumi.StringPtrOutput) +} + +// List of metadata values that you can use to filter and group your results. +func (o ViewDataFilterExpressionDimensionsPtrOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionDimensions) []string { + if v == nil { + return nil + } + return v.Values + }).(pulumi.StringArrayOutput) +} + +type ViewDataFilterExpressionTag struct { + // Key of the tag. + Key string `pulumi:"key"` + // List of values for the tag. + Values []string `pulumi:"values"` +} + +// ViewDataFilterExpressionTagInput is an input type that accepts ViewDataFilterExpressionTagArgs and ViewDataFilterExpressionTagOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionTagInput` via: +// +// ViewDataFilterExpressionTagArgs{...} +type ViewDataFilterExpressionTagInput interface { + pulumi.Input + + ToViewDataFilterExpressionTagOutput() ViewDataFilterExpressionTagOutput + ToViewDataFilterExpressionTagOutputWithContext(context.Context) ViewDataFilterExpressionTagOutput +} + +type ViewDataFilterExpressionTagArgs struct { + // Key of the tag. + Key pulumi.StringInput `pulumi:"key"` + // List of values for the tag. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ViewDataFilterExpressionTagArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionTag)(nil)).Elem() +} + +func (i ViewDataFilterExpressionTagArgs) ToViewDataFilterExpressionTagOutput() ViewDataFilterExpressionTagOutput { + return i.ToViewDataFilterExpressionTagOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionTagArgs) ToViewDataFilterExpressionTagOutputWithContext(ctx context.Context) ViewDataFilterExpressionTagOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionTagOutput) +} + +// ViewDataFilterExpressionTagArrayInput is an input type that accepts ViewDataFilterExpressionTagArray and ViewDataFilterExpressionTagArrayOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionTagArrayInput` via: +// +// ViewDataFilterExpressionTagArray{ ViewDataFilterExpressionTagArgs{...} } +type ViewDataFilterExpressionTagArrayInput interface { + pulumi.Input + + ToViewDataFilterExpressionTagArrayOutput() ViewDataFilterExpressionTagArrayOutput + ToViewDataFilterExpressionTagArrayOutputWithContext(context.Context) ViewDataFilterExpressionTagArrayOutput +} + +type ViewDataFilterExpressionTagArray []ViewDataFilterExpressionTagInput + +func (ViewDataFilterExpressionTagArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ViewDataFilterExpressionTag)(nil)).Elem() +} + +func (i ViewDataFilterExpressionTagArray) ToViewDataFilterExpressionTagArrayOutput() ViewDataFilterExpressionTagArrayOutput { + return i.ToViewDataFilterExpressionTagArrayOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionTagArray) ToViewDataFilterExpressionTagArrayOutputWithContext(ctx context.Context) ViewDataFilterExpressionTagArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionTagArrayOutput) +} + +type ViewDataFilterExpressionTagOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionTagOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionTag)(nil)).Elem() +} + +func (o ViewDataFilterExpressionTagOutput) ToViewDataFilterExpressionTagOutput() ViewDataFilterExpressionTagOutput { + return o +} + +func (o ViewDataFilterExpressionTagOutput) ToViewDataFilterExpressionTagOutputWithContext(ctx context.Context) ViewDataFilterExpressionTagOutput { + return o +} + +// Key of the tag. +func (o ViewDataFilterExpressionTagOutput) Key() pulumi.StringOutput { + return o.ApplyT(func(v ViewDataFilterExpressionTag) string { return v.Key }).(pulumi.StringOutput) +} + +// List of values for the tag. +func (o ViewDataFilterExpressionTagOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ViewDataFilterExpressionTag) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type ViewDataFilterExpressionTagArrayOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionTagArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ViewDataFilterExpressionTag)(nil)).Elem() +} + +func (o ViewDataFilterExpressionTagArrayOutput) ToViewDataFilterExpressionTagArrayOutput() ViewDataFilterExpressionTagArrayOutput { + return o +} + +func (o ViewDataFilterExpressionTagArrayOutput) ToViewDataFilterExpressionTagArrayOutputWithContext(ctx context.Context) ViewDataFilterExpressionTagArrayOutput { + return o +} + +func (o ViewDataFilterExpressionTagArrayOutput) Index(i pulumi.IntInput) ViewDataFilterExpressionTagOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ViewDataFilterExpressionTag { + return vs[0].([]ViewDataFilterExpressionTag)[vs[1].(int)] + }).(ViewDataFilterExpressionTagOutput) +} + +type ViewDataFilterExpressionTimeRange struct { + // Inclusive end date of the time range. + BeginDateInclusive string `pulumi:"beginDateInclusive"` + EndDateInclusive string `pulumi:"endDateInclusive"` +} + +// ViewDataFilterExpressionTimeRangeInput is an input type that accepts ViewDataFilterExpressionTimeRangeArgs and ViewDataFilterExpressionTimeRangeOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionTimeRangeInput` via: +// +// ViewDataFilterExpressionTimeRangeArgs{...} +type ViewDataFilterExpressionTimeRangeInput interface { + pulumi.Input + + ToViewDataFilterExpressionTimeRangeOutput() ViewDataFilterExpressionTimeRangeOutput + ToViewDataFilterExpressionTimeRangeOutputWithContext(context.Context) ViewDataFilterExpressionTimeRangeOutput +} + +type ViewDataFilterExpressionTimeRangeArgs struct { + // Inclusive end date of the time range. + BeginDateInclusive pulumi.StringInput `pulumi:"beginDateInclusive"` + EndDateInclusive pulumi.StringInput `pulumi:"endDateInclusive"` +} + +func (ViewDataFilterExpressionTimeRangeArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionTimeRange)(nil)).Elem() +} + +func (i ViewDataFilterExpressionTimeRangeArgs) ToViewDataFilterExpressionTimeRangeOutput() ViewDataFilterExpressionTimeRangeOutput { + return i.ToViewDataFilterExpressionTimeRangeOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionTimeRangeArgs) ToViewDataFilterExpressionTimeRangeOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangeOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionTimeRangeOutput) +} + +func (i ViewDataFilterExpressionTimeRangeArgs) ToViewDataFilterExpressionTimeRangePtrOutput() ViewDataFilterExpressionTimeRangePtrOutput { + return i.ToViewDataFilterExpressionTimeRangePtrOutputWithContext(context.Background()) +} + +func (i ViewDataFilterExpressionTimeRangeArgs) ToViewDataFilterExpressionTimeRangePtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionTimeRangeOutput).ToViewDataFilterExpressionTimeRangePtrOutputWithContext(ctx) +} + +// ViewDataFilterExpressionTimeRangePtrInput is an input type that accepts ViewDataFilterExpressionTimeRangeArgs, ViewDataFilterExpressionTimeRangePtr and ViewDataFilterExpressionTimeRangePtrOutput values. +// You can construct a concrete instance of `ViewDataFilterExpressionTimeRangePtrInput` via: +// +// ViewDataFilterExpressionTimeRangeArgs{...} +// +// or: +// +// nil +type ViewDataFilterExpressionTimeRangePtrInput interface { + pulumi.Input + + ToViewDataFilterExpressionTimeRangePtrOutput() ViewDataFilterExpressionTimeRangePtrOutput + ToViewDataFilterExpressionTimeRangePtrOutputWithContext(context.Context) ViewDataFilterExpressionTimeRangePtrOutput +} + +type viewDataFilterExpressionTimeRangePtrType ViewDataFilterExpressionTimeRangeArgs + +func ViewDataFilterExpressionTimeRangePtr(v *ViewDataFilterExpressionTimeRangeArgs) ViewDataFilterExpressionTimeRangePtrInput { + return (*viewDataFilterExpressionTimeRangePtrType)(v) +} + +func (*viewDataFilterExpressionTimeRangePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpressionTimeRange)(nil)).Elem() +} + +func (i *viewDataFilterExpressionTimeRangePtrType) ToViewDataFilterExpressionTimeRangePtrOutput() ViewDataFilterExpressionTimeRangePtrOutput { + return i.ToViewDataFilterExpressionTimeRangePtrOutputWithContext(context.Background()) +} + +func (i *viewDataFilterExpressionTimeRangePtrType) ToViewDataFilterExpressionTimeRangePtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewDataFilterExpressionTimeRangePtrOutput) +} + +type ViewDataFilterExpressionTimeRangeOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionTimeRangeOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ViewDataFilterExpressionTimeRange)(nil)).Elem() +} + +func (o ViewDataFilterExpressionTimeRangeOutput) ToViewDataFilterExpressionTimeRangeOutput() ViewDataFilterExpressionTimeRangeOutput { + return o +} + +func (o ViewDataFilterExpressionTimeRangeOutput) ToViewDataFilterExpressionTimeRangeOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangeOutput { + return o +} + +func (o ViewDataFilterExpressionTimeRangeOutput) ToViewDataFilterExpressionTimeRangePtrOutput() ViewDataFilterExpressionTimeRangePtrOutput { + return o.ToViewDataFilterExpressionTimeRangePtrOutputWithContext(context.Background()) +} + +func (o ViewDataFilterExpressionTimeRangeOutput) ToViewDataFilterExpressionTimeRangePtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ViewDataFilterExpressionTimeRange) *ViewDataFilterExpressionTimeRange { + return &v + }).(ViewDataFilterExpressionTimeRangePtrOutput) +} + +// Inclusive end date of the time range. +func (o ViewDataFilterExpressionTimeRangeOutput) BeginDateInclusive() pulumi.StringOutput { + return o.ApplyT(func(v ViewDataFilterExpressionTimeRange) string { return v.BeginDateInclusive }).(pulumi.StringOutput) +} + +func (o ViewDataFilterExpressionTimeRangeOutput) EndDateInclusive() pulumi.StringOutput { + return o.ApplyT(func(v ViewDataFilterExpressionTimeRange) string { return v.EndDateInclusive }).(pulumi.StringOutput) +} + +type ViewDataFilterExpressionTimeRangePtrOutput struct{ *pulumi.OutputState } + +func (ViewDataFilterExpressionTimeRangePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ViewDataFilterExpressionTimeRange)(nil)).Elem() +} + +func (o ViewDataFilterExpressionTimeRangePtrOutput) ToViewDataFilterExpressionTimeRangePtrOutput() ViewDataFilterExpressionTimeRangePtrOutput { + return o +} + +func (o ViewDataFilterExpressionTimeRangePtrOutput) ToViewDataFilterExpressionTimeRangePtrOutputWithContext(ctx context.Context) ViewDataFilterExpressionTimeRangePtrOutput { + return o +} + +func (o ViewDataFilterExpressionTimeRangePtrOutput) Elem() ViewDataFilterExpressionTimeRangeOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionTimeRange) ViewDataFilterExpressionTimeRange { + if v != nil { + return *v + } + var ret ViewDataFilterExpressionTimeRange + return ret + }).(ViewDataFilterExpressionTimeRangeOutput) +} + +// Inclusive end date of the time range. +func (o ViewDataFilterExpressionTimeRangePtrOutput) BeginDateInclusive() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionTimeRange) *string { + if v == nil { + return nil + } + return &v.BeginDateInclusive + }).(pulumi.StringPtrOutput) +} + +func (o ViewDataFilterExpressionTimeRangePtrOutput) EndDateInclusive() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewDataFilterExpressionTimeRange) *string { + if v == nil { + return nil + } + return &v.EndDateInclusive + }).(pulumi.StringPtrOutput) +} + +type ViewTimeouts struct { + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + Create *string `pulumi:"create"` + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + Delete *string `pulumi:"delete"` + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + Update *string `pulumi:"update"` +} + +// ViewTimeoutsInput is an input type that accepts ViewTimeoutsArgs and ViewTimeoutsOutput values. +// You can construct a concrete instance of `ViewTimeoutsInput` via: +// +// ViewTimeoutsArgs{...} +type ViewTimeoutsInput interface { + pulumi.Input + + ToViewTimeoutsOutput() ViewTimeoutsOutput + ToViewTimeoutsOutputWithContext(context.Context) ViewTimeoutsOutput +} + +type ViewTimeoutsArgs struct { + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + Create pulumi.StringPtrInput `pulumi:"create"` + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + Delete pulumi.StringPtrInput `pulumi:"delete"` + // A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + Update pulumi.StringPtrInput `pulumi:"update"` +} + +func (ViewTimeoutsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ViewTimeouts)(nil)).Elem() +} + +func (i ViewTimeoutsArgs) ToViewTimeoutsOutput() ViewTimeoutsOutput { + return i.ToViewTimeoutsOutputWithContext(context.Background()) +} + +func (i ViewTimeoutsArgs) ToViewTimeoutsOutputWithContext(ctx context.Context) ViewTimeoutsOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewTimeoutsOutput) +} + +func (i ViewTimeoutsArgs) ToViewTimeoutsPtrOutput() ViewTimeoutsPtrOutput { + return i.ToViewTimeoutsPtrOutputWithContext(context.Background()) +} + +func (i ViewTimeoutsArgs) ToViewTimeoutsPtrOutputWithContext(ctx context.Context) ViewTimeoutsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewTimeoutsOutput).ToViewTimeoutsPtrOutputWithContext(ctx) +} + +// ViewTimeoutsPtrInput is an input type that accepts ViewTimeoutsArgs, ViewTimeoutsPtr and ViewTimeoutsPtrOutput values. +// You can construct a concrete instance of `ViewTimeoutsPtrInput` via: +// +// ViewTimeoutsArgs{...} +// +// or: +// +// nil +type ViewTimeoutsPtrInput interface { + pulumi.Input + + ToViewTimeoutsPtrOutput() ViewTimeoutsPtrOutput + ToViewTimeoutsPtrOutputWithContext(context.Context) ViewTimeoutsPtrOutput +} + +type viewTimeoutsPtrType ViewTimeoutsArgs + +func ViewTimeoutsPtr(v *ViewTimeoutsArgs) ViewTimeoutsPtrInput { + return (*viewTimeoutsPtrType)(v) +} + +func (*viewTimeoutsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ViewTimeouts)(nil)).Elem() +} + +func (i *viewTimeoutsPtrType) ToViewTimeoutsPtrOutput() ViewTimeoutsPtrOutput { + return i.ToViewTimeoutsPtrOutputWithContext(context.Background()) +} + +func (i *viewTimeoutsPtrType) ToViewTimeoutsPtrOutputWithContext(ctx context.Context) ViewTimeoutsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewTimeoutsPtrOutput) +} + +type ViewTimeoutsOutput struct{ *pulumi.OutputState } + +func (ViewTimeoutsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ViewTimeouts)(nil)).Elem() +} + +func (o ViewTimeoutsOutput) ToViewTimeoutsOutput() ViewTimeoutsOutput { + return o +} + +func (o ViewTimeoutsOutput) ToViewTimeoutsOutputWithContext(ctx context.Context) ViewTimeoutsOutput { + return o +} + +func (o ViewTimeoutsOutput) ToViewTimeoutsPtrOutput() ViewTimeoutsPtrOutput { + return o.ToViewTimeoutsPtrOutputWithContext(context.Background()) +} + +func (o ViewTimeoutsOutput) ToViewTimeoutsPtrOutputWithContext(ctx context.Context) ViewTimeoutsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ViewTimeouts) *ViewTimeouts { + return &v + }).(ViewTimeoutsPtrOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). +func (o ViewTimeoutsOutput) Create() pulumi.StringPtrOutput { + return o.ApplyT(func(v ViewTimeouts) *string { return v.Create }).(pulumi.StringPtrOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. +func (o ViewTimeoutsOutput) Delete() pulumi.StringPtrOutput { + return o.ApplyT(func(v ViewTimeouts) *string { return v.Delete }).(pulumi.StringPtrOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). +func (o ViewTimeoutsOutput) Update() pulumi.StringPtrOutput { + return o.ApplyT(func(v ViewTimeouts) *string { return v.Update }).(pulumi.StringPtrOutput) +} + +type ViewTimeoutsPtrOutput struct{ *pulumi.OutputState } + +func (ViewTimeoutsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ViewTimeouts)(nil)).Elem() +} + +func (o ViewTimeoutsPtrOutput) ToViewTimeoutsPtrOutput() ViewTimeoutsPtrOutput { + return o +} + +func (o ViewTimeoutsPtrOutput) ToViewTimeoutsPtrOutputWithContext(ctx context.Context) ViewTimeoutsPtrOutput { + return o +} + +func (o ViewTimeoutsPtrOutput) Elem() ViewTimeoutsOutput { + return o.ApplyT(func(v *ViewTimeouts) ViewTimeouts { + if v != nil { + return *v + } + var ret ViewTimeouts + return ret + }).(ViewTimeoutsOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). +func (o ViewTimeoutsPtrOutput) Create() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewTimeouts) *string { + if v == nil { + return nil + } + return v.Create + }).(pulumi.StringPtrOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. +func (o ViewTimeoutsPtrOutput) Delete() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewTimeouts) *string { + if v == nil { + return nil + } + return v.Delete + }).(pulumi.StringPtrOutput) +} + +// A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). +func (o ViewTimeoutsPtrOutput) Update() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ViewTimeouts) *string { + if v == nil { + return nil + } + return v.Update + }).(pulumi.StringPtrOutput) +} + type GetViewsBillingView struct { // ARN of the billing view. Arn string `pulumi:"arn"` @@ -144,8 +908,28 @@ func (o GetViewsBillingViewArrayOutput) Index(i pulumi.IntInput) GetViewsBilling } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionInput)(nil)).Elem(), ViewDataFilterExpressionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionPtrInput)(nil)).Elem(), ViewDataFilterExpressionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionDimensionsInput)(nil)).Elem(), ViewDataFilterExpressionDimensionsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionDimensionsPtrInput)(nil)).Elem(), ViewDataFilterExpressionDimensionsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionTagInput)(nil)).Elem(), ViewDataFilterExpressionTagArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionTagArrayInput)(nil)).Elem(), ViewDataFilterExpressionTagArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionTimeRangeInput)(nil)).Elem(), ViewDataFilterExpressionTimeRangeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewDataFilterExpressionTimeRangePtrInput)(nil)).Elem(), ViewDataFilterExpressionTimeRangeArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewTimeoutsInput)(nil)).Elem(), ViewTimeoutsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewTimeoutsPtrInput)(nil)).Elem(), ViewTimeoutsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetViewsBillingViewInput)(nil)).Elem(), GetViewsBillingViewArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetViewsBillingViewArrayInput)(nil)).Elem(), GetViewsBillingViewArray{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionPtrOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionDimensionsOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionDimensionsPtrOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionTagOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionTagArrayOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionTimeRangeOutput{}) + pulumi.RegisterOutputType(ViewDataFilterExpressionTimeRangePtrOutput{}) + pulumi.RegisterOutputType(ViewTimeoutsOutput{}) + pulumi.RegisterOutputType(ViewTimeoutsPtrOutput{}) pulumi.RegisterOutputType(GetViewsBillingViewOutput{}) pulumi.RegisterOutputType(GetViewsBillingViewArrayOutput{}) } diff --git a/sdk/go/aws/billing/view.go b/sdk/go/aws/billing/view.go new file mode 100644 index 00000000000..36f95d62f0f --- /dev/null +++ b/sdk/go/aws/billing/view.go @@ -0,0 +1,446 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package billing + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Manages an AWS Billing View. +// +// ## Example Usage +// +// ### Basic Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/billing" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := billing.NewView(ctx, "example", &billing.ViewArgs{ +// Name: pulumi.String("example"), +// Description: pulumi.String("example description"), +// SourceViews: pulumi.StringArray{ +// pulumi.String("arn:aws:billing::123456789012:billingview/example"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// Using `pulumi import`, import Billing View using the `arn`. For example: +// +// ```sh +// $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example +// ``` +type View struct { + pulumi.CustomResourceState + + // ARN of the View. + Arn pulumi.StringOutput `pulumi:"arn"` + // Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + BillingViewType pulumi.StringOutput `pulumi:"billingViewType"` + // Timestamp when the billing view was created. + CreatedAt pulumi.StringOutput `pulumi:"createdAt"` + // Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + DataFilterExpression ViewDataFilterExpressionPtrOutput `pulumi:"dataFilterExpression"` + // Number of billing views that use this billing view as a source. + DerivedViewCount pulumi.IntOutput `pulumi:"derivedViewCount"` + // Description of the custom billing view. + Description pulumi.StringPtrOutput `pulumi:"description"` + // Name of the custom billing view to be created. + Name pulumi.StringOutput `pulumi:"name"` + // Account owner of the billing view. + OwnerAccountId pulumi.StringOutput `pulumi:"ownerAccountId"` + // AWS account ID that owns the source billing view, if this is a derived billing view. + SourceAccountId pulumi.StringOutput `pulumi:"sourceAccountId"` + // Number of source views associated with this billing view. + SourceViewCount pulumi.IntOutput `pulumi:"sourceViewCount"` + // List of ARNs of the source data views for the custom billing view. + // + // The following arguments are optional: + SourceViews pulumi.StringArrayOutput `pulumi:"sourceViews"` + // List of key value map specifying tags associated to the billing view being created. + Tags pulumi.StringMapOutput `pulumi:"tags"` + // List of key value map specifying tags associated to the billing view. + TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` + Timeouts ViewTimeoutsPtrOutput `pulumi:"timeouts"` + // Time when the billing view was last updated. + UpdatedAt pulumi.StringOutput `pulumi:"updatedAt"` + // Timestamp of when the billing view definition was last updated. + ViewDefinitionLastUpdatedAt pulumi.StringOutput `pulumi:"viewDefinitionLastUpdatedAt"` +} + +// NewView registers a new resource with the given unique name, arguments, and options. +func NewView(ctx *pulumi.Context, + name string, args *ViewArgs, opts ...pulumi.ResourceOption) (*View, error) { + if args == nil { + args = &ViewArgs{} + } + + opts = internal.PkgResourceDefaultOpts(opts) + var resource View + err := ctx.RegisterResource("aws:billing/view:View", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetView gets an existing View resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetView(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ViewState, opts ...pulumi.ResourceOption) (*View, error) { + var resource View + err := ctx.ReadResource("aws:billing/view:View", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering View resources. +type viewState struct { + // ARN of the View. + Arn *string `pulumi:"arn"` + // Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + BillingViewType *string `pulumi:"billingViewType"` + // Timestamp when the billing view was created. + CreatedAt *string `pulumi:"createdAt"` + // Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + DataFilterExpression *ViewDataFilterExpression `pulumi:"dataFilterExpression"` + // Number of billing views that use this billing view as a source. + DerivedViewCount *int `pulumi:"derivedViewCount"` + // Description of the custom billing view. + Description *string `pulumi:"description"` + // Name of the custom billing view to be created. + Name *string `pulumi:"name"` + // Account owner of the billing view. + OwnerAccountId *string `pulumi:"ownerAccountId"` + // AWS account ID that owns the source billing view, if this is a derived billing view. + SourceAccountId *string `pulumi:"sourceAccountId"` + // Number of source views associated with this billing view. + SourceViewCount *int `pulumi:"sourceViewCount"` + // List of ARNs of the source data views for the custom billing view. + // + // The following arguments are optional: + SourceViews []string `pulumi:"sourceViews"` + // List of key value map specifying tags associated to the billing view being created. + Tags map[string]string `pulumi:"tags"` + // List of key value map specifying tags associated to the billing view. + TagsAll map[string]string `pulumi:"tagsAll"` + Timeouts *ViewTimeouts `pulumi:"timeouts"` + // Time when the billing view was last updated. + UpdatedAt *string `pulumi:"updatedAt"` + // Timestamp of when the billing view definition was last updated. + ViewDefinitionLastUpdatedAt *string `pulumi:"viewDefinitionLastUpdatedAt"` +} + +type ViewState struct { + // ARN of the View. + Arn pulumi.StringPtrInput + // Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + BillingViewType pulumi.StringPtrInput + // Timestamp when the billing view was created. + CreatedAt pulumi.StringPtrInput + // Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + DataFilterExpression ViewDataFilterExpressionPtrInput + // Number of billing views that use this billing view as a source. + DerivedViewCount pulumi.IntPtrInput + // Description of the custom billing view. + Description pulumi.StringPtrInput + // Name of the custom billing view to be created. + Name pulumi.StringPtrInput + // Account owner of the billing view. + OwnerAccountId pulumi.StringPtrInput + // AWS account ID that owns the source billing view, if this is a derived billing view. + SourceAccountId pulumi.StringPtrInput + // Number of source views associated with this billing view. + SourceViewCount pulumi.IntPtrInput + // List of ARNs of the source data views for the custom billing view. + // + // The following arguments are optional: + SourceViews pulumi.StringArrayInput + // List of key value map specifying tags associated to the billing view being created. + Tags pulumi.StringMapInput + // List of key value map specifying tags associated to the billing view. + TagsAll pulumi.StringMapInput + Timeouts ViewTimeoutsPtrInput + // Time when the billing view was last updated. + UpdatedAt pulumi.StringPtrInput + // Timestamp of when the billing view definition was last updated. + ViewDefinitionLastUpdatedAt pulumi.StringPtrInput +} + +func (ViewState) ElementType() reflect.Type { + return reflect.TypeOf((*viewState)(nil)).Elem() +} + +type viewArgs struct { + // Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + DataFilterExpression *ViewDataFilterExpression `pulumi:"dataFilterExpression"` + // Description of the custom billing view. + Description *string `pulumi:"description"` + // Name of the custom billing view to be created. + Name *string `pulumi:"name"` + // List of ARNs of the source data views for the custom billing view. + // + // The following arguments are optional: + SourceViews []string `pulumi:"sourceViews"` + // List of key value map specifying tags associated to the billing view being created. + Tags map[string]string `pulumi:"tags"` + Timeouts *ViewTimeouts `pulumi:"timeouts"` +} + +// The set of arguments for constructing a View resource. +type ViewArgs struct { + // Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + DataFilterExpression ViewDataFilterExpressionPtrInput + // Description of the custom billing view. + Description pulumi.StringPtrInput + // Name of the custom billing view to be created. + Name pulumi.StringPtrInput + // List of ARNs of the source data views for the custom billing view. + // + // The following arguments are optional: + SourceViews pulumi.StringArrayInput + // List of key value map specifying tags associated to the billing view being created. + Tags pulumi.StringMapInput + Timeouts ViewTimeoutsPtrInput +} + +func (ViewArgs) ElementType() reflect.Type { + return reflect.TypeOf((*viewArgs)(nil)).Elem() +} + +type ViewInput interface { + pulumi.Input + + ToViewOutput() ViewOutput + ToViewOutputWithContext(ctx context.Context) ViewOutput +} + +func (*View) ElementType() reflect.Type { + return reflect.TypeOf((**View)(nil)).Elem() +} + +func (i *View) ToViewOutput() ViewOutput { + return i.ToViewOutputWithContext(context.Background()) +} + +func (i *View) ToViewOutputWithContext(ctx context.Context) ViewOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewOutput) +} + +// ViewArrayInput is an input type that accepts ViewArray and ViewArrayOutput values. +// You can construct a concrete instance of `ViewArrayInput` via: +// +// ViewArray{ ViewArgs{...} } +type ViewArrayInput interface { + pulumi.Input + + ToViewArrayOutput() ViewArrayOutput + ToViewArrayOutputWithContext(context.Context) ViewArrayOutput +} + +type ViewArray []ViewInput + +func (ViewArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*View)(nil)).Elem() +} + +func (i ViewArray) ToViewArrayOutput() ViewArrayOutput { + return i.ToViewArrayOutputWithContext(context.Background()) +} + +func (i ViewArray) ToViewArrayOutputWithContext(ctx context.Context) ViewArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewArrayOutput) +} + +// ViewMapInput is an input type that accepts ViewMap and ViewMapOutput values. +// You can construct a concrete instance of `ViewMapInput` via: +// +// ViewMap{ "key": ViewArgs{...} } +type ViewMapInput interface { + pulumi.Input + + ToViewMapOutput() ViewMapOutput + ToViewMapOutputWithContext(context.Context) ViewMapOutput +} + +type ViewMap map[string]ViewInput + +func (ViewMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*View)(nil)).Elem() +} + +func (i ViewMap) ToViewMapOutput() ViewMapOutput { + return i.ToViewMapOutputWithContext(context.Background()) +} + +func (i ViewMap) ToViewMapOutputWithContext(ctx context.Context) ViewMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(ViewMapOutput) +} + +type ViewOutput struct{ *pulumi.OutputState } + +func (ViewOutput) ElementType() reflect.Type { + return reflect.TypeOf((**View)(nil)).Elem() +} + +func (o ViewOutput) ToViewOutput() ViewOutput { + return o +} + +func (o ViewOutput) ToViewOutputWithContext(ctx context.Context) ViewOutput { + return o +} + +// ARN of the View. +func (o ViewOutput) Arn() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) +} + +// Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. +func (o ViewOutput) BillingViewType() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.BillingViewType }).(pulumi.StringOutput) +} + +// Timestamp when the billing view was created. +func (o ViewOutput) CreatedAt() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.CreatedAt }).(pulumi.StringOutput) +} + +// Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. +func (o ViewOutput) DataFilterExpression() ViewDataFilterExpressionPtrOutput { + return o.ApplyT(func(v *View) ViewDataFilterExpressionPtrOutput { return v.DataFilterExpression }).(ViewDataFilterExpressionPtrOutput) +} + +// Number of billing views that use this billing view as a source. +func (o ViewOutput) DerivedViewCount() pulumi.IntOutput { + return o.ApplyT(func(v *View) pulumi.IntOutput { return v.DerivedViewCount }).(pulumi.IntOutput) +} + +// Description of the custom billing view. +func (o ViewOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *View) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// Name of the custom billing view to be created. +func (o ViewOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// Account owner of the billing view. +func (o ViewOutput) OwnerAccountId() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.OwnerAccountId }).(pulumi.StringOutput) +} + +// AWS account ID that owns the source billing view, if this is a derived billing view. +func (o ViewOutput) SourceAccountId() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.SourceAccountId }).(pulumi.StringOutput) +} + +// Number of source views associated with this billing view. +func (o ViewOutput) SourceViewCount() pulumi.IntOutput { + return o.ApplyT(func(v *View) pulumi.IntOutput { return v.SourceViewCount }).(pulumi.IntOutput) +} + +// List of ARNs of the source data views for the custom billing view. +// +// The following arguments are optional: +func (o ViewOutput) SourceViews() pulumi.StringArrayOutput { + return o.ApplyT(func(v *View) pulumi.StringArrayOutput { return v.SourceViews }).(pulumi.StringArrayOutput) +} + +// List of key value map specifying tags associated to the billing view being created. +func (o ViewOutput) Tags() pulumi.StringMapOutput { + return o.ApplyT(func(v *View) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput) +} + +// List of key value map specifying tags associated to the billing view. +func (o ViewOutput) TagsAll() pulumi.StringMapOutput { + return o.ApplyT(func(v *View) pulumi.StringMapOutput { return v.TagsAll }).(pulumi.StringMapOutput) +} + +func (o ViewOutput) Timeouts() ViewTimeoutsPtrOutput { + return o.ApplyT(func(v *View) ViewTimeoutsPtrOutput { return v.Timeouts }).(ViewTimeoutsPtrOutput) +} + +// Time when the billing view was last updated. +func (o ViewOutput) UpdatedAt() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.UpdatedAt }).(pulumi.StringOutput) +} + +// Timestamp of when the billing view definition was last updated. +func (o ViewOutput) ViewDefinitionLastUpdatedAt() pulumi.StringOutput { + return o.ApplyT(func(v *View) pulumi.StringOutput { return v.ViewDefinitionLastUpdatedAt }).(pulumi.StringOutput) +} + +type ViewArrayOutput struct{ *pulumi.OutputState } + +func (ViewArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*View)(nil)).Elem() +} + +func (o ViewArrayOutput) ToViewArrayOutput() ViewArrayOutput { + return o +} + +func (o ViewArrayOutput) ToViewArrayOutputWithContext(ctx context.Context) ViewArrayOutput { + return o +} + +func (o ViewArrayOutput) Index(i pulumi.IntInput) ViewOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *View { + return vs[0].([]*View)[vs[1].(int)] + }).(ViewOutput) +} + +type ViewMapOutput struct{ *pulumi.OutputState } + +func (ViewMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*View)(nil)).Elem() +} + +func (o ViewMapOutput) ToViewMapOutput() ViewMapOutput { + return o +} + +func (o ViewMapOutput) ToViewMapOutputWithContext(ctx context.Context) ViewMapOutput { + return o +} + +func (o ViewMapOutput) MapIndex(k pulumi.StringInput) ViewOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *View { + return vs[0].(map[string]*View)[vs[1].(string)] + }).(ViewOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ViewInput)(nil)).Elem(), &View{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewArrayInput)(nil)).Elem(), ViewArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ViewMapInput)(nil)).Elem(), ViewMap{}) + pulumi.RegisterOutputType(ViewOutput{}) + pulumi.RegisterOutputType(ViewArrayOutput{}) + pulumi.RegisterOutputType(ViewMapOutput{}) +} diff --git a/sdk/go/aws/codestarnotifications/pulumiTypes.go b/sdk/go/aws/codestarnotifications/pulumiTypes.go index a41f9d1a148..2e97f57bd48 100644 --- a/sdk/go/aws/codestarnotifications/pulumiTypes.go +++ b/sdk/go/aws/codestarnotifications/pulumiTypes.go @@ -14,11 +14,11 @@ import ( var _ = internal.GetEnvOrDefault type NotificationRuleTarget struct { - // The ARN of notification rule target. For example, a SNS Topic ARN. + // The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. Address string `pulumi:"address"` // The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`. Status *string `pulumi:"status"` - // The type of the notification target. Default value is `SNS`. + // The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. Type *string `pulumi:"type"` } @@ -34,11 +34,11 @@ type NotificationRuleTargetInput interface { } type NotificationRuleTargetArgs struct { - // The ARN of notification rule target. For example, a SNS Topic ARN. + // The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. Address pulumi.StringInput `pulumi:"address"` // The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`. Status pulumi.StringPtrInput `pulumi:"status"` - // The type of the notification target. Default value is `SNS`. + // The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. Type pulumi.StringPtrInput `pulumi:"type"` } @@ -93,7 +93,7 @@ func (o NotificationRuleTargetOutput) ToNotificationRuleTargetOutputWithContext( return o } -// The ARN of notification rule target. For example, a SNS Topic ARN. +// The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. func (o NotificationRuleTargetOutput) Address() pulumi.StringOutput { return o.ApplyT(func(v NotificationRuleTarget) string { return v.Address }).(pulumi.StringOutput) } @@ -103,7 +103,7 @@ func (o NotificationRuleTargetOutput) Status() pulumi.StringPtrOutput { return o.ApplyT(func(v NotificationRuleTarget) *string { return v.Status }).(pulumi.StringPtrOutput) } -// The type of the notification target. Default value is `SNS`. +// The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. func (o NotificationRuleTargetOutput) Type() pulumi.StringPtrOutput { return o.ApplyT(func(v NotificationRuleTarget) *string { return v.Type }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/aws/config/config.go b/sdk/go/aws/config/config.go index c67d5c53635..23e4a73df3b 100644 --- a/sdk/go/aws/config/config.go +++ b/sdk/go/aws/config/config.go @@ -176,6 +176,11 @@ func GetStsRegion(ctx *pulumi.Context) string { return config.Get(ctx, "aws:stsRegion") } +// The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. +func GetTagPolicyCompliance(ctx *pulumi.Context) string { + return config.Get(ctx, "aws:tagPolicyCompliance") +} + // session token. A session token is only required if you are // using temporary security credentials. func GetToken(ctx *pulumi.Context) string { diff --git a/sdk/go/aws/dynamodb/pulumiTypes.go b/sdk/go/aws/dynamodb/pulumiTypes.go index 9604c586df2..59c4ee87a5d 100644 --- a/sdk/go/aws/dynamodb/pulumiTypes.go +++ b/sdk/go/aws/dynamodb/pulumiTypes.go @@ -862,6 +862,143 @@ func (o TableGlobalSecondaryIndexWarmThroughputPtrOutput) WriteUnitsPerSecond() }).(pulumi.IntPtrOutput) } +type TableGlobalTableWitness struct { + // Name of the AWS Region that serves as a witness for the MRSC global table. + RegionName *string `pulumi:"regionName"` +} + +// TableGlobalTableWitnessInput is an input type that accepts TableGlobalTableWitnessArgs and TableGlobalTableWitnessOutput values. +// You can construct a concrete instance of `TableGlobalTableWitnessInput` via: +// +// TableGlobalTableWitnessArgs{...} +type TableGlobalTableWitnessInput interface { + pulumi.Input + + ToTableGlobalTableWitnessOutput() TableGlobalTableWitnessOutput + ToTableGlobalTableWitnessOutputWithContext(context.Context) TableGlobalTableWitnessOutput +} + +type TableGlobalTableWitnessArgs struct { + // Name of the AWS Region that serves as a witness for the MRSC global table. + RegionName pulumi.StringPtrInput `pulumi:"regionName"` +} + +func (TableGlobalTableWitnessArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TableGlobalTableWitness)(nil)).Elem() +} + +func (i TableGlobalTableWitnessArgs) ToTableGlobalTableWitnessOutput() TableGlobalTableWitnessOutput { + return i.ToTableGlobalTableWitnessOutputWithContext(context.Background()) +} + +func (i TableGlobalTableWitnessArgs) ToTableGlobalTableWitnessOutputWithContext(ctx context.Context) TableGlobalTableWitnessOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableGlobalTableWitnessOutput) +} + +func (i TableGlobalTableWitnessArgs) ToTableGlobalTableWitnessPtrOutput() TableGlobalTableWitnessPtrOutput { + return i.ToTableGlobalTableWitnessPtrOutputWithContext(context.Background()) +} + +func (i TableGlobalTableWitnessArgs) ToTableGlobalTableWitnessPtrOutputWithContext(ctx context.Context) TableGlobalTableWitnessPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableGlobalTableWitnessOutput).ToTableGlobalTableWitnessPtrOutputWithContext(ctx) +} + +// TableGlobalTableWitnessPtrInput is an input type that accepts TableGlobalTableWitnessArgs, TableGlobalTableWitnessPtr and TableGlobalTableWitnessPtrOutput values. +// You can construct a concrete instance of `TableGlobalTableWitnessPtrInput` via: +// +// TableGlobalTableWitnessArgs{...} +// +// or: +// +// nil +type TableGlobalTableWitnessPtrInput interface { + pulumi.Input + + ToTableGlobalTableWitnessPtrOutput() TableGlobalTableWitnessPtrOutput + ToTableGlobalTableWitnessPtrOutputWithContext(context.Context) TableGlobalTableWitnessPtrOutput +} + +type tableGlobalTableWitnessPtrType TableGlobalTableWitnessArgs + +func TableGlobalTableWitnessPtr(v *TableGlobalTableWitnessArgs) TableGlobalTableWitnessPtrInput { + return (*tableGlobalTableWitnessPtrType)(v) +} + +func (*tableGlobalTableWitnessPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**TableGlobalTableWitness)(nil)).Elem() +} + +func (i *tableGlobalTableWitnessPtrType) ToTableGlobalTableWitnessPtrOutput() TableGlobalTableWitnessPtrOutput { + return i.ToTableGlobalTableWitnessPtrOutputWithContext(context.Background()) +} + +func (i *tableGlobalTableWitnessPtrType) ToTableGlobalTableWitnessPtrOutputWithContext(ctx context.Context) TableGlobalTableWitnessPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableGlobalTableWitnessPtrOutput) +} + +type TableGlobalTableWitnessOutput struct{ *pulumi.OutputState } + +func (TableGlobalTableWitnessOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TableGlobalTableWitness)(nil)).Elem() +} + +func (o TableGlobalTableWitnessOutput) ToTableGlobalTableWitnessOutput() TableGlobalTableWitnessOutput { + return o +} + +func (o TableGlobalTableWitnessOutput) ToTableGlobalTableWitnessOutputWithContext(ctx context.Context) TableGlobalTableWitnessOutput { + return o +} + +func (o TableGlobalTableWitnessOutput) ToTableGlobalTableWitnessPtrOutput() TableGlobalTableWitnessPtrOutput { + return o.ToTableGlobalTableWitnessPtrOutputWithContext(context.Background()) +} + +func (o TableGlobalTableWitnessOutput) ToTableGlobalTableWitnessPtrOutputWithContext(ctx context.Context) TableGlobalTableWitnessPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v TableGlobalTableWitness) *TableGlobalTableWitness { + return &v + }).(TableGlobalTableWitnessPtrOutput) +} + +// Name of the AWS Region that serves as a witness for the MRSC global table. +func (o TableGlobalTableWitnessOutput) RegionName() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableGlobalTableWitness) *string { return v.RegionName }).(pulumi.StringPtrOutput) +} + +type TableGlobalTableWitnessPtrOutput struct{ *pulumi.OutputState } + +func (TableGlobalTableWitnessPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**TableGlobalTableWitness)(nil)).Elem() +} + +func (o TableGlobalTableWitnessPtrOutput) ToTableGlobalTableWitnessPtrOutput() TableGlobalTableWitnessPtrOutput { + return o +} + +func (o TableGlobalTableWitnessPtrOutput) ToTableGlobalTableWitnessPtrOutputWithContext(ctx context.Context) TableGlobalTableWitnessPtrOutput { + return o +} + +func (o TableGlobalTableWitnessPtrOutput) Elem() TableGlobalTableWitnessOutput { + return o.ApplyT(func(v *TableGlobalTableWitness) TableGlobalTableWitness { + if v != nil { + return *v + } + var ret TableGlobalTableWitness + return ret + }).(TableGlobalTableWitnessOutput) +} + +// Name of the AWS Region that serves as a witness for the MRSC global table. +func (o TableGlobalTableWitnessPtrOutput) RegionName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *TableGlobalTableWitness) *string { + if v == nil { + return nil + } + return v.RegionName + }).(pulumi.StringPtrOutput) +} + type TableImportTable struct { // Type of compression to be used on the input coming from the imported table. // Valid values are `GZIP`, `ZSTD` and `NONE`. @@ -3787,6 +3924,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*TableGlobalSecondaryIndexOnDemandThroughputPtrInput)(nil)).Elem(), TableGlobalSecondaryIndexOnDemandThroughputArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableGlobalSecondaryIndexWarmThroughputInput)(nil)).Elem(), TableGlobalSecondaryIndexWarmThroughputArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableGlobalSecondaryIndexWarmThroughputPtrInput)(nil)).Elem(), TableGlobalSecondaryIndexWarmThroughputArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableGlobalTableWitnessInput)(nil)).Elem(), TableGlobalTableWitnessArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableGlobalTableWitnessPtrInput)(nil)).Elem(), TableGlobalTableWitnessArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableImportTableInput)(nil)).Elem(), TableImportTableArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableImportTablePtrInput)(nil)).Elem(), TableImportTableArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableImportTableInputFormatOptionsInput)(nil)).Elem(), TableImportTableInputFormatOptionsArgs{}) @@ -3841,6 +3980,8 @@ func init() { pulumi.RegisterOutputType(TableGlobalSecondaryIndexOnDemandThroughputPtrOutput{}) pulumi.RegisterOutputType(TableGlobalSecondaryIndexWarmThroughputOutput{}) pulumi.RegisterOutputType(TableGlobalSecondaryIndexWarmThroughputPtrOutput{}) + pulumi.RegisterOutputType(TableGlobalTableWitnessOutput{}) + pulumi.RegisterOutputType(TableGlobalTableWitnessPtrOutput{}) pulumi.RegisterOutputType(TableImportTableOutput{}) pulumi.RegisterOutputType(TableImportTablePtrOutput{}) pulumi.RegisterOutputType(TableImportTableInputFormatOptionsOutput{}) diff --git a/sdk/go/aws/dynamodb/table.go b/sdk/go/aws/dynamodb/table.go index fff5212e89b..c3b21f12600 100644 --- a/sdk/go/aws/dynamodb/table.go +++ b/sdk/go/aws/dynamodb/table.go @@ -148,9 +148,13 @@ import ( // // A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read. // +// You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas. +// // **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html). // -// Consistency Mode (`consistencyMode`) is a new argument on the embedded `replica` that allows you to configure consistency mode for Global Tables. +// Consistency Mode (`consistencyMode`) on the embedded `replica` allows you to configure consistency mode for Global Tables. +// +// ##### Consistency mode with 3 Replicas // // ```go // package main @@ -196,6 +200,51 @@ import ( // // ``` // +// ##### Consistency Mode with 2 Replicas and Witness Region +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/dynamodb" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dynamodb.NewTable(ctx, "example", &dynamodb.TableArgs{ +// Name: pulumi.String("example"), +// HashKey: pulumi.String("TestTableHashKey"), +// BillingMode: pulumi.String("PAY_PER_REQUEST"), +// StreamEnabled: pulumi.Bool(true), +// StreamViewType: pulumi.String("NEW_AND_OLD_IMAGES"), +// Attributes: dynamodb.TableAttributeArray{ +// &dynamodb.TableAttributeArgs{ +// Name: pulumi.String("TestTableHashKey"), +// Type: pulumi.String("S"), +// }, +// }, +// Replicas: dynamodb.TableReplicaTypeArray{ +// &dynamodb.TableReplicaTypeArgs{ +// RegionName: pulumi.String("us-east-2"), +// ConsistencyMode: pulumi.String("STRONG"), +// }, +// }, +// GlobalTableWitness: &dynamodb.TableGlobalTableWitnessArgs{ +// RegionName: pulumi.String("us-west-2"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ### Replica Tagging // // You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `dynamodb.Tag` resource for the other. @@ -301,6 +350,8 @@ type Table struct { DeletionProtectionEnabled pulumi.BoolPtrOutput `pulumi:"deletionProtectionEnabled"` // Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below. GlobalSecondaryIndexes TableGlobalSecondaryIndexArrayOutput `pulumi:"globalSecondaryIndexes"` + // Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + GlobalTableWitness TableGlobalTableWitnessOutput `pulumi:"globalTableWitness"` // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. HashKey pulumi.StringOutput `pulumi:"hashKey"` // Import Amazon S3 data into a new table. See below. @@ -397,6 +448,8 @@ type tableState struct { DeletionProtectionEnabled *bool `pulumi:"deletionProtectionEnabled"` // Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below. GlobalSecondaryIndexes []TableGlobalSecondaryIndex `pulumi:"globalSecondaryIndexes"` + // Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + GlobalTableWitness *TableGlobalTableWitness `pulumi:"globalTableWitness"` // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. HashKey *string `pulumi:"hashKey"` // Import Amazon S3 data into a new table. See below. @@ -464,6 +517,8 @@ type TableState struct { DeletionProtectionEnabled pulumi.BoolPtrInput // Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below. GlobalSecondaryIndexes TableGlobalSecondaryIndexArrayInput + // Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + GlobalTableWitness TableGlobalTableWitnessPtrInput // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. HashKey pulumi.StringPtrInput // Import Amazon S3 data into a new table. See below. @@ -533,6 +588,8 @@ type tableArgs struct { DeletionProtectionEnabled *bool `pulumi:"deletionProtectionEnabled"` // Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below. GlobalSecondaryIndexes []TableGlobalSecondaryIndex `pulumi:"globalSecondaryIndexes"` + // Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + GlobalTableWitness *TableGlobalTableWitness `pulumi:"globalTableWitness"` // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. HashKey *string `pulumi:"hashKey"` // Import Amazon S3 data into a new table. See below. @@ -593,6 +650,8 @@ type TableArgs struct { DeletionProtectionEnabled pulumi.BoolPtrInput // Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below. GlobalSecondaryIndexes TableGlobalSecondaryIndexArrayInput + // Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + GlobalTableWitness TableGlobalTableWitnessPtrInput // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. HashKey pulumi.StringPtrInput // Import Amazon S3 data into a new table. See below. @@ -755,6 +814,11 @@ func (o TableOutput) GlobalSecondaryIndexes() TableGlobalSecondaryIndexArrayOutp return o.ApplyT(func(v *Table) TableGlobalSecondaryIndexArrayOutput { return v.GlobalSecondaryIndexes }).(TableGlobalSecondaryIndexArrayOutput) } +// Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. +func (o TableOutput) GlobalTableWitness() TableGlobalTableWitnessOutput { + return o.ApplyT(func(v *Table) TableGlobalTableWitnessOutput { return v.GlobalTableWitness }).(TableGlobalTableWitnessOutput) +} + // Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. func (o TableOutput) HashKey() pulumi.StringOutput { return o.ApplyT(func(v *Table) pulumi.StringOutput { return v.HashKey }).(pulumi.StringOutput) diff --git a/sdk/go/aws/ec2/vpnConnection.go b/sdk/go/aws/ec2/vpnConnection.go index 02a498ef209..8e89bd518a1 100644 --- a/sdk/go/aws/ec2/vpnConnection.go +++ b/sdk/go/aws/ec2/vpnConnection.go @@ -341,6 +341,8 @@ type VpnConnection struct { Tunnel2StartupAction pulumi.StringPtrOutput `pulumi:"tunnel2StartupAction"` // The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side). Tunnel2VgwInsideAddress pulumi.StringOutput `pulumi:"tunnel2VgwInsideAddress"` + // Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + TunnelBandwidth pulumi.StringOutput `pulumi:"tunnelBandwidth"` // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. TunnelInsideIpVersion pulumi.StringOutput `pulumi:"tunnelInsideIpVersion"` // The type of VPN connection. The only type AWS supports at this time is "ipsec.1". @@ -541,6 +543,8 @@ type vpnConnectionState struct { Tunnel2StartupAction *string `pulumi:"tunnel2StartupAction"` // The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side). Tunnel2VgwInsideAddress *string `pulumi:"tunnel2VgwInsideAddress"` + // Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + TunnelBandwidth *string `pulumi:"tunnelBandwidth"` // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. TunnelInsideIpVersion *string `pulumi:"tunnelInsideIpVersion"` // The type of VPN connection. The only type AWS supports at this time is "ipsec.1". @@ -694,6 +698,8 @@ type VpnConnectionState struct { Tunnel2StartupAction pulumi.StringPtrInput // The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side). Tunnel2VgwInsideAddress pulumi.StringPtrInput + // Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + TunnelBandwidth pulumi.StringPtrInput // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. TunnelInsideIpVersion pulumi.StringPtrInput // The type of VPN connection. The only type AWS supports at this time is "ipsec.1". @@ -815,6 +821,8 @@ type vpnConnectionArgs struct { Tunnel2ReplayWindowSize *int `pulumi:"tunnel2ReplayWindowSize"` // The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`. Tunnel2StartupAction *string `pulumi:"tunnel2StartupAction"` + // Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + TunnelBandwidth *string `pulumi:"tunnelBandwidth"` // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. TunnelInsideIpVersion *string `pulumi:"tunnelInsideIpVersion"` // The type of VPN connection. The only type AWS supports at this time is "ipsec.1". @@ -931,6 +939,8 @@ type VpnConnectionArgs struct { Tunnel2ReplayWindowSize pulumi.IntPtrInput // The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`. Tunnel2StartupAction pulumi.StringPtrInput + // Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + TunnelBandwidth pulumi.StringPtrInput // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. TunnelInsideIpVersion pulumi.StringPtrInput // The type of VPN connection. The only type AWS supports at this time is "ipsec.1". @@ -1381,6 +1391,11 @@ func (o VpnConnectionOutput) Tunnel2VgwInsideAddress() pulumi.StringOutput { return o.ApplyT(func(v *VpnConnection) pulumi.StringOutput { return v.Tunnel2VgwInsideAddress }).(pulumi.StringOutput) } +// Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. +func (o VpnConnectionOutput) TunnelBandwidth() pulumi.StringOutput { + return o.ApplyT(func(v *VpnConnection) pulumi.StringOutput { return v.TunnelBandwidth }).(pulumi.StringOutput) +} + // Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. func (o VpnConnectionOutput) TunnelInsideIpVersion() pulumi.StringOutput { return o.ApplyT(func(v *VpnConnection) pulumi.StringOutput { return v.TunnelInsideIpVersion }).(pulumi.StringOutput) diff --git a/sdk/go/aws/emr/managedScalingPolicy.go b/sdk/go/aws/emr/managedScalingPolicy.go index 300b3256186..16f19a33757 100644 --- a/sdk/go/aws/emr/managedScalingPolicy.go +++ b/sdk/go/aws/emr/managedScalingPolicy.go @@ -78,6 +78,10 @@ type ManagedScalingPolicy struct { ComputeLimits ManagedScalingPolicyComputeLimitArrayOutput `pulumi:"computeLimits"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringOutput `pulumi:"region"` + // Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + ScalingStrategy pulumi.StringPtrOutput `pulumi:"scalingStrategy"` + // Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + UtilizationPerformanceIndex pulumi.IntPtrOutput `pulumi:"utilizationPerformanceIndex"` } // NewManagedScalingPolicy registers a new resource with the given unique name, arguments, and options. @@ -122,6 +126,10 @@ type managedScalingPolicyState struct { ComputeLimits []ManagedScalingPolicyComputeLimit `pulumi:"computeLimits"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region *string `pulumi:"region"` + // Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + ScalingStrategy *string `pulumi:"scalingStrategy"` + // Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + UtilizationPerformanceIndex *int `pulumi:"utilizationPerformanceIndex"` } type ManagedScalingPolicyState struct { @@ -131,6 +139,10 @@ type ManagedScalingPolicyState struct { ComputeLimits ManagedScalingPolicyComputeLimitArrayInput // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringPtrInput + // Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + ScalingStrategy pulumi.StringPtrInput + // Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + UtilizationPerformanceIndex pulumi.IntPtrInput } func (ManagedScalingPolicyState) ElementType() reflect.Type { @@ -144,6 +156,10 @@ type managedScalingPolicyArgs struct { ComputeLimits []ManagedScalingPolicyComputeLimit `pulumi:"computeLimits"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region *string `pulumi:"region"` + // Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + ScalingStrategy *string `pulumi:"scalingStrategy"` + // Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + UtilizationPerformanceIndex *int `pulumi:"utilizationPerformanceIndex"` } // The set of arguments for constructing a ManagedScalingPolicy resource. @@ -154,6 +170,10 @@ type ManagedScalingPolicyArgs struct { ComputeLimits ManagedScalingPolicyComputeLimitArrayInput // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringPtrInput + // Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + ScalingStrategy pulumi.StringPtrInput + // Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + UtilizationPerformanceIndex pulumi.IntPtrInput } func (ManagedScalingPolicyArgs) ElementType() reflect.Type { @@ -258,6 +278,16 @@ func (o ManagedScalingPolicyOutput) Region() pulumi.StringOutput { return o.ApplyT(func(v *ManagedScalingPolicy) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) } +// Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. +func (o ManagedScalingPolicyOutput) ScalingStrategy() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ManagedScalingPolicy) pulumi.StringPtrOutput { return v.ScalingStrategy }).(pulumi.StringPtrOutput) +} + +// Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. +func (o ManagedScalingPolicyOutput) UtilizationPerformanceIndex() pulumi.IntPtrOutput { + return o.ApplyT(func(v *ManagedScalingPolicy) pulumi.IntPtrOutput { return v.UtilizationPerformanceIndex }).(pulumi.IntPtrOutput) +} + type ManagedScalingPolicyArrayOutput struct{ *pulumi.OutputState } func (ManagedScalingPolicyArrayOutput) ElementType() reflect.Type { diff --git a/sdk/go/aws/fis/pulumiTypes.go b/sdk/go/aws/fis/pulumiTypes.go index bf39a57e1e8..64f9cf3bdeb 100644 --- a/sdk/go/aws/fis/pulumiTypes.go +++ b/sdk/go/aws/fis/pulumiTypes.go @@ -268,7 +268,7 @@ func (o ExperimentTemplateActionParameterArrayOutput) Index(i pulumi.IntInput) E } type ExperimentTemplateActionTarget struct { - // Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + // Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. Key string `pulumi:"key"` // Target name, referencing a corresponding target. Value string `pulumi:"value"` @@ -286,7 +286,7 @@ type ExperimentTemplateActionTargetInput interface { } type ExperimentTemplateActionTargetArgs struct { - // Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + // Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. Key pulumi.StringInput `pulumi:"key"` // Target name, referencing a corresponding target. Value pulumi.StringInput `pulumi:"value"` @@ -369,7 +369,7 @@ func (o ExperimentTemplateActionTargetOutput) ToExperimentTemplateActionTargetPt }).(ExperimentTemplateActionTargetPtrOutput) } -// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. +// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. func (o ExperimentTemplateActionTargetOutput) Key() pulumi.StringOutput { return o.ApplyT(func(v ExperimentTemplateActionTarget) string { return v.Key }).(pulumi.StringOutput) } @@ -403,7 +403,7 @@ func (o ExperimentTemplateActionTargetPtrOutput) Elem() ExperimentTemplateAction }).(ExperimentTemplateActionTargetOutput) } -// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. +// Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. func (o ExperimentTemplateActionTargetPtrOutput) Key() pulumi.StringPtrOutput { return o.ApplyT(func(v *ExperimentTemplateActionTarget) *string { if v == nil { @@ -1492,7 +1492,7 @@ func (o ExperimentTemplateLogConfigurationPtrOutput) S3Configuration() Experimen } type ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration struct { - // The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + // The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` LogGroupArn string `pulumi:"logGroupArn"` } @@ -1508,7 +1508,7 @@ type ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationInput interfac } type ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs struct { - // The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + // The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` LogGroupArn pulumi.StringInput `pulumi:"logGroupArn"` } @@ -1589,7 +1589,7 @@ func (o ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationOutput) ToE }).(ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationPtrOutput) } -// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. +// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` func (o ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationOutput) LogGroupArn() pulumi.StringOutput { return o.ApplyT(func(v ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration) string { return v.LogGroupArn }).(pulumi.StringOutput) } @@ -1618,7 +1618,7 @@ func (o ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationPtrOutput) }).(ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationOutput) } -// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. +// The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` func (o ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationPtrOutput) LogGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration) *string { if v == nil { diff --git a/sdk/go/aws/lambda/invocation.go b/sdk/go/aws/lambda/invocation.go index 213bd65d83c..7755dedd21f 100644 --- a/sdk/go/aws/lambda/invocation.go +++ b/sdk/go/aws/lambda/invocation.go @@ -185,6 +185,16 @@ import ( // If the `databaseUrl` changes, the Lambda will be invoked again with: // // When the invocation resource is removed, the final invocation will have: +// +// ## Import +// +// Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example: +// +// ```sh +// $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09 +// ``` +// Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function. +// To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function. type Invocation struct { pulumi.CustomResourceState diff --git a/sdk/go/aws/lb/listener.go b/sdk/go/aws/lb/listener.go index b338fde49c2..f18f848f1b1 100644 --- a/sdk/go/aws/lb/listener.go +++ b/sdk/go/aws/lb/listener.go @@ -358,6 +358,66 @@ import ( // // ``` // +// ### JWT Validation Action +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := lb.NewListener(ctx, "test", &lb.ListenerArgs{ +// LoadBalancerArn: pulumi.Any(testAwsLb.Id), +// Protocol: pulumi.String("HTTPS"), +// Port: pulumi.Int(443), +// SslPolicy: pulumi.String("ELBSecurityPolicy-2016-08"), +// CertificateArn: pulumi.Any(testAwsIamServerCertificate.Arn), +// DefaultActions: lb.ListenerDefaultActionArray{ +// &lb.ListenerDefaultActionArgs{ +// Type: pulumi.String("jwt-validation"), +// JwtValidation: &lb.ListenerDefaultActionJwtValidationArgs{ +// Issuer: pulumi.String("https://example.com"), +// JwksEndpoint: pulumi.String("https://example.com/.well-known/jwks.json"), +// AdditionalClaims: lb.ListenerDefaultActionJwtValidationAdditionalClaimArray{ +// &lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{ +// Format: pulumi.String("string-array"), +// Name: pulumi.String("claim_name1"), +// Values: pulumi.StringArray{ +// pulumi.String("value1"), +// pulumi.String("value2"), +// }, +// }, +// &lb.ListenerDefaultActionJwtValidationAdditionalClaimArgs{ +// Format: pulumi.String("single-string"), +// Name: pulumi.String("claim_name2"), +// Values: pulumi.StringArray{ +// pulumi.String("value1"), +// }, +// }, +// }, +// }, +// }, +// &lb.ListenerDefaultActionArgs{ +// TargetGroupArn: pulumi.Any(testAwsLbTargetGroup.Id), +// Type: pulumi.String("forward"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ### Gateway Load Balancer Listener // // ```go diff --git a/sdk/go/aws/lb/listenerRule.go b/sdk/go/aws/lb/listenerRule.go index 0d0116e7f4a..247f4ffe6d9 100644 --- a/sdk/go/aws/lb/listenerRule.go +++ b/sdk/go/aws/lb/listenerRule.go @@ -15,295 +15,6 @@ import ( // Provides a Load Balancer Listener Rule resource. // // > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical. -// -// ## Example Usage -// -// ```go -// package main -// -// import ( -// -// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cognito" -// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lb" -// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -// -// ) -// -// func main() { -// pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := lb.NewLoadBalancer(ctx, "front_end", nil) -// if err != nil { -// return err -// } -// frontEndListener, err := lb.NewListener(ctx, "front_end", nil) -// if err != nil { -// return err -// } -// _, err = lb.NewListenerRule(ctx, "static", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(100), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// PathPattern: &lb.ListenerRuleConditionPathPatternArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("/static/*"), -// }, -// }, -// }, -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("example.com"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Forward action -// _, err = lb.NewListenerRule(ctx, "host_based_weighted_routing", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(99), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("my-service.*.mycompany.io"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Weighted Forward action -// _, err = lb.NewListenerRule(ctx, "host_based_routing", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Priority: pulumi.Int(99), -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// Forward: &lb.ListenerRuleActionForwardArgs{ -// TargetGroups: lb.ListenerRuleActionForwardTargetGroupArray{ -// &lb.ListenerRuleActionForwardTargetGroupArgs{ -// Arn: pulumi.Any(main.Arn), -// Weight: pulumi.Int(80), -// }, -// &lb.ListenerRuleActionForwardTargetGroupArgs{ -// Arn: pulumi.Any(canary.Arn), -// Weight: pulumi.Int(20), -// }, -// }, -// Stickiness: &lb.ListenerRuleActionForwardStickinessArgs{ -// Enabled: pulumi.Bool(true), -// Duration: pulumi.Int(600), -// }, -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HostHeader: &lb.ListenerRuleConditionHostHeaderArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("my-service.*.mycompany.io"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Redirect action -// _, err = lb.NewListenerRule(ctx, "redirect_http_to_https", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("redirect"), -// Redirect: &lb.ListenerRuleActionRedirectArgs{ -// Port: pulumi.String("443"), -// Protocol: pulumi.String("HTTPS"), -// StatusCode: pulumi.String("HTTP_301"), -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// HttpHeader: &lb.ListenerRuleConditionHttpHeaderArgs{ -// HttpHeaderName: pulumi.String("X-Forwarded-For"), -// Values: pulumi.StringArray{ -// pulumi.String("192.168.1.*"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Fixed-response action -// _, err = lb.NewListenerRule(ctx, "health_check", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("fixed-response"), -// FixedResponse: &lb.ListenerRuleActionFixedResponseArgs{ -// ContentType: pulumi.String("text/plain"), -// MessageBody: pulumi.String("HEALTHY"), -// StatusCode: pulumi.String("200"), -// }, -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// QueryStrings: lb.ListenerRuleConditionQueryStringArray{ -// &lb.ListenerRuleConditionQueryStringArgs{ -// Key: pulumi.String("health"), -// Value: pulumi.String("check"), -// }, -// &lb.ListenerRuleConditionQueryStringArgs{ -// Value: pulumi.String("bar"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Authenticate-cognito Action -// pool, err := cognito.NewUserPool(ctx, "pool", nil) -// if err != nil { -// return err -// } -// client, err := cognito.NewUserPoolClient(ctx, "client", nil) -// if err != nil { -// return err -// } -// domain, err := cognito.NewUserPoolDomain(ctx, "domain", nil) -// if err != nil { -// return err -// } -// _, err = lb.NewListenerRule(ctx, "admin", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("authenticate-cognito"), -// AuthenticateCognito: &lb.ListenerRuleActionAuthenticateCognitoArgs{ -// UserPoolArn: pool.Arn, -// UserPoolClientId: client.ID(), -// UserPoolDomain: domain.Domain, -// }, -// }, -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // Authenticate-oidc Action -// _, err = lb.NewListenerRule(ctx, "oidc", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("authenticate-oidc"), -// AuthenticateOidc: &lb.ListenerRuleActionAuthenticateOidcArgs{ -// AuthorizationEndpoint: pulumi.String("https://example.com/authorization_endpoint"), -// ClientId: pulumi.String("client_id"), -// ClientSecret: pulumi.String("client_secret"), -// Issuer: pulumi.String("https://example.com"), -// TokenEndpoint: pulumi.String("https://example.com/token_endpoint"), -// UserInfoEndpoint: pulumi.String("https://example.com/user_info_endpoint"), -// }, -// }, -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// }) -// if err != nil { -// return err -// } -// // With transform -// _, err = lb.NewListenerRule(ctx, "transform", &lb.ListenerRuleArgs{ -// ListenerArn: frontEndListener.Arn, -// Actions: lb.ListenerRuleActionArray{ -// &lb.ListenerRuleActionArgs{ -// Type: pulumi.String("forward"), -// TargetGroupArn: pulumi.Any(staticAwsLbTargetGroup.Arn), -// }, -// }, -// Conditions: lb.ListenerRuleConditionArray{ -// &lb.ListenerRuleConditionArgs{ -// PathPattern: &lb.ListenerRuleConditionPathPatternArgs{ -// Values: pulumi.StringArray{ -// pulumi.String("*"), -// }, -// }, -// }, -// }, -// Transforms: lb.ListenerRuleTransformArray{ -// &lb.ListenerRuleTransformArgs{ -// Type: pulumi.String("host-header-rewrite"), -// HostHeaderRewriteConfig: &lb.ListenerRuleTransformHostHeaderRewriteConfigArgs{ -// Rewrite: &lb.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs{ -// Regex: pulumi.String("^mywebsite-(.+).com$"), -// Replace: pulumi.String("internal.dev.$1.myweb.com"), -// }, -// }, -// }, -// &lb.ListenerRuleTransformArgs{ -// Type: pulumi.String("url-rewrite"), -// UrlRewriteConfig: &lb.ListenerRuleTransformUrlRewriteConfigArgs{ -// Rewrite: &lb.ListenerRuleTransformUrlRewriteConfigRewriteArgs{ -// Regex: pulumi.String("^/dp/([A-Za-z0-9]+)/?$"), -// Replace: pulumi.String("/product.php?id=$1"), -// }, -// }, -// }, -// }, -// }) -// if err != nil { -// return err -// } -// return nil -// }) -// } -// -// ``` -// -// ## Import -// -// ### Identity Schema -// -// #### Required -// -// - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule. -// -// Using `pulumi import`, import rules using their ARN. For example: -// -// console -// -// % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b type ListenerRule struct { pulumi.CustomResourceState diff --git a/sdk/go/aws/lb/pulumiTypes.go b/sdk/go/aws/lb/pulumiTypes.go index 47fda1e8103..cf7d1ffc1ad 100644 --- a/sdk/go/aws/lb/pulumiTypes.go +++ b/sdk/go/aws/lb/pulumiTypes.go @@ -22,13 +22,15 @@ type ListenerDefaultAction struct { FixedResponse *ListenerDefaultActionFixedResponse `pulumi:"fixedResponse"` // Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below. Forward *ListenerDefaultActionForward `pulumi:"forward"` + // Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation *ListenerDefaultActionJwtValidation `pulumi:"jwtValidation"` // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. Order *int `pulumi:"order"` // Configuration block for creating a redirect action. Required if `type` is `redirect`. See below. Redirect *ListenerDefaultActionRedirect `pulumi:"redirect"` // ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match. TargetGroupArn *string `pulumi:"targetGroupArn"` - // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: Type string `pulumi:"type"` @@ -54,13 +56,15 @@ type ListenerDefaultActionArgs struct { FixedResponse ListenerDefaultActionFixedResponsePtrInput `pulumi:"fixedResponse"` // Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below. Forward ListenerDefaultActionForwardPtrInput `pulumi:"forward"` + // Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation ListenerDefaultActionJwtValidationPtrInput `pulumi:"jwtValidation"` // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. Order pulumi.IntPtrInput `pulumi:"order"` // Configuration block for creating a redirect action. Required if `type` is `redirect`. See below. Redirect ListenerDefaultActionRedirectPtrInput `pulumi:"redirect"` // ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match. TargetGroupArn pulumi.StringPtrInput `pulumi:"targetGroupArn"` - // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: Type pulumi.StringInput `pulumi:"type"` @@ -137,6 +141,11 @@ func (o ListenerDefaultActionOutput) Forward() ListenerDefaultActionForwardPtrOu return o.ApplyT(func(v ListenerDefaultAction) *ListenerDefaultActionForward { return v.Forward }).(ListenerDefaultActionForwardPtrOutput) } +// Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`. +func (o ListenerDefaultActionOutput) JwtValidation() ListenerDefaultActionJwtValidationPtrOutput { + return o.ApplyT(func(v ListenerDefaultAction) *ListenerDefaultActionJwtValidation { return v.JwtValidation }).(ListenerDefaultActionJwtValidationPtrOutput) +} + // Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions. func (o ListenerDefaultActionOutput) Order() pulumi.IntPtrOutput { return o.ApplyT(func(v ListenerDefaultAction) *int { return v.Order }).(pulumi.IntPtrOutput) @@ -152,7 +161,7 @@ func (o ListenerDefaultActionOutput) TargetGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v ListenerDefaultAction) *string { return v.TargetGroupArn }).(pulumi.StringPtrOutput) } -// Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. +// Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. // // The following arguments are optional: func (o ListenerDefaultActionOutput) Type() pulumi.StringOutput { @@ -1419,6 +1428,306 @@ func (o ListenerDefaultActionForwardTargetGroupArrayOutput) Index(i pulumi.IntIn }).(ListenerDefaultActionForwardTargetGroupOutput) } +type ListenerDefaultActionJwtValidation struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims []ListenerDefaultActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer string `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + // + // The following arguments are optional: + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// ListenerDefaultActionJwtValidationInput is an input type that accepts ListenerDefaultActionJwtValidationArgs and ListenerDefaultActionJwtValidationOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationInput` via: +// +// ListenerDefaultActionJwtValidationArgs{...} +type ListenerDefaultActionJwtValidationInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput + ToListenerDefaultActionJwtValidationOutputWithContext(context.Context) ListenerDefaultActionJwtValidationOutput +} + +type ListenerDefaultActionJwtValidationArgs struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims ListenerDefaultActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer pulumi.StringInput `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + // + // The following arguments are optional: + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (ListenerDefaultActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput { + return i.ToListenerDefaultActionJwtValidationOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationOutput) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return i.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationArgs) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationOutput).ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx) +} + +// ListenerDefaultActionJwtValidationPtrInput is an input type that accepts ListenerDefaultActionJwtValidationArgs, ListenerDefaultActionJwtValidationPtr and ListenerDefaultActionJwtValidationPtrOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationPtrInput` via: +// +// ListenerDefaultActionJwtValidationArgs{...} +// +// or: +// +// nil +type ListenerDefaultActionJwtValidationPtrInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput + ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Context) ListenerDefaultActionJwtValidationPtrOutput +} + +type listenerDefaultActionJwtValidationPtrType ListenerDefaultActionJwtValidationArgs + +func ListenerDefaultActionJwtValidationPtr(v *ListenerDefaultActionJwtValidationArgs) ListenerDefaultActionJwtValidationPtrInput { + return (*listenerDefaultActionJwtValidationPtrType)(v) +} + +func (*listenerDefaultActionJwtValidationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i *listenerDefaultActionJwtValidationPtrType) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return i.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i *listenerDefaultActionJwtValidationPtrType) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationPtrOutput) +} + +type ListenerDefaultActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationOutput() ListenerDefaultActionJwtValidationOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return o.ToListenerDefaultActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (o ListenerDefaultActionJwtValidationOutput) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ListenerDefaultActionJwtValidation) *ListenerDefaultActionJwtValidation { + return &v + }).(ListenerDefaultActionJwtValidationPtrOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerDefaultActionJwtValidationOutput) AdditionalClaims() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) []ListenerDefaultActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerDefaultActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +// +// The following arguments are optional: +func (o ListenerDefaultActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type ListenerDefaultActionJwtValidationPtrOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) ToListenerDefaultActionJwtValidationPtrOutput() ListenerDefaultActionJwtValidationPtrOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) ToListenerDefaultActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationPtrOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationPtrOutput) Elem() ListenerDefaultActionJwtValidationOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) ListenerDefaultActionJwtValidation { + if v != nil { + return *v + } + var ret ListenerDefaultActionJwtValidation + return ret + }).(ListenerDefaultActionJwtValidationOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerDefaultActionJwtValidationPtrOutput) AdditionalClaims() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) []ListenerDefaultActionJwtValidationAdditionalClaim { + if v == nil { + return nil + } + return v.AdditionalClaims + }).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerDefaultActionJwtValidationPtrOutput) Issuer() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.Issuer + }).(pulumi.StringPtrOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +// +// The following arguments are optional: +func (o ListenerDefaultActionJwtValidationPtrOutput) JwksEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerDefaultActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.JwksEndpoint + }).(pulumi.StringPtrOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaim struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format string `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name string `pulumi:"name"` + // List of expected values of the claim. + Values []string `pulumi:"values"` +} + +// ListenerDefaultActionJwtValidationAdditionalClaimInput is an input type that accepts ListenerDefaultActionJwtValidationAdditionalClaimArgs and ListenerDefaultActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationAdditionalClaimInput` via: +// +// ListenerDefaultActionJwtValidationAdditionalClaimArgs{...} +type ListenerDefaultActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput + ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArgs struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format pulumi.StringInput `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name pulumi.StringInput `pulumi:"name"` + // List of expected values of the claim. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ListenerDefaultActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArgs) ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return i.ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArgs) ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + +// ListenerDefaultActionJwtValidationAdditionalClaimArrayInput is an input type that accepts ListenerDefaultActionJwtValidationAdditionalClaimArray and ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `ListenerDefaultActionJwtValidationAdditionalClaimArrayInput` via: +// +// ListenerDefaultActionJwtValidationAdditionalClaimArray{ ListenerDefaultActionJwtValidationAdditionalClaimArgs{...} } +type ListenerDefaultActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput + ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArray []ListenerDefaultActionJwtValidationAdditionalClaimInput + +func (ListenerDefaultActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArray) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return i.ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i ListenerDefaultActionJwtValidationAdditionalClaimArray) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) ToListenerDefaultActionJwtValidationAdditionalClaimOutput() ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) ToListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +// Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +// List of expected values of the claim. +func (o ListenerDefaultActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ListenerDefaultActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) ListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerDefaultActionJwtValidationAdditionalClaim { + return vs[0].([]ListenerDefaultActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(ListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + type ListenerDefaultActionRedirect struct { // Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`. Host *string `pulumi:"host"` @@ -1868,6 +2177,8 @@ type ListenerRuleAction struct { // Specify only if `type` is `forward`. // Cannot be specified with `targetGroupArn`. Forward *ListenerRuleActionForward `pulumi:"forward"` + // Information for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation *ListenerRuleActionJwtValidation `pulumi:"jwtValidation"` // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -1880,7 +2191,7 @@ type ListenerRuleAction struct { // To route to one or more target groups, use a `forward` block instead. // Cannot be specified with `forward`. TargetGroupArn *string `pulumi:"targetGroupArn"` - // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. Type string `pulumi:"type"` } @@ -1906,6 +2217,8 @@ type ListenerRuleActionArgs struct { // Specify only if `type` is `forward`. // Cannot be specified with `targetGroupArn`. Forward ListenerRuleActionForwardPtrInput `pulumi:"forward"` + // Information for creating a JWT validation action. Required if `type` is `jwt-validation`. + JwtValidation ListenerRuleActionJwtValidationPtrInput `pulumi:"jwtValidation"` // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -1918,7 +2231,7 @@ type ListenerRuleActionArgs struct { // To route to one or more target groups, use a `forward` block instead. // Cannot be specified with `forward`. TargetGroupArn pulumi.StringPtrInput `pulumi:"targetGroupArn"` - // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. + // The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. Type pulumi.StringInput `pulumi:"type"` } @@ -1995,6 +2308,11 @@ func (o ListenerRuleActionOutput) Forward() ListenerRuleActionForwardPtrOutput { return o.ApplyT(func(v ListenerRuleAction) *ListenerRuleActionForward { return v.Forward }).(ListenerRuleActionForwardPtrOutput) } +// Information for creating a JWT validation action. Required if `type` is `jwt-validation`. +func (o ListenerRuleActionOutput) JwtValidation() ListenerRuleActionJwtValidationPtrOutput { + return o.ApplyT(func(v ListenerRuleAction) *ListenerRuleActionJwtValidation { return v.JwtValidation }).(ListenerRuleActionJwtValidationPtrOutput) +} + // Order for the action. // The action with the lowest value for order is performed first. // Valid values are between `1` and `50000`. @@ -2016,7 +2334,7 @@ func (o ListenerRuleActionOutput) TargetGroupArn() pulumi.StringPtrOutput { return o.ApplyT(func(v ListenerRuleAction) *string { return v.TargetGroupArn }).(pulumi.StringPtrOutput) } -// The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`. +// The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`. func (o ListenerRuleActionOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v ListenerRuleAction) string { return v.Type }).(pulumi.StringOutput) } @@ -3187,52 +3505,344 @@ func (i ListenerRuleActionForwardTargetGroupArray) ToListenerRuleActionForwardTa return i.ToListenerRuleActionForwardTargetGroupArrayOutputWithContext(context.Background()) } -func (i ListenerRuleActionForwardTargetGroupArray) ToListenerRuleActionForwardTargetGroupArrayOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupArrayOutput { - return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionForwardTargetGroupArrayOutput) +func (i ListenerRuleActionForwardTargetGroupArray) ToListenerRuleActionForwardTargetGroupArrayOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionForwardTargetGroupArrayOutput) +} + +type ListenerRuleActionForwardTargetGroupOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionForwardTargetGroupOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionForwardTargetGroup)(nil)).Elem() +} + +func (o ListenerRuleActionForwardTargetGroupOutput) ToListenerRuleActionForwardTargetGroupOutput() ListenerRuleActionForwardTargetGroupOutput { + return o +} + +func (o ListenerRuleActionForwardTargetGroupOutput) ToListenerRuleActionForwardTargetGroupOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupOutput { + return o +} + +// The Amazon Resource Name (ARN) of the target group. +func (o ListenerRuleActionForwardTargetGroupOutput) Arn() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionForwardTargetGroup) string { return v.Arn }).(pulumi.StringOutput) +} + +// The weight. The range is 0 to 999. +func (o ListenerRuleActionForwardTargetGroupOutput) Weight() pulumi.IntPtrOutput { + return o.ApplyT(func(v ListenerRuleActionForwardTargetGroup) *int { return v.Weight }).(pulumi.IntPtrOutput) +} + +type ListenerRuleActionForwardTargetGroupArrayOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionForwardTargetGroupArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerRuleActionForwardTargetGroup)(nil)).Elem() +} + +func (o ListenerRuleActionForwardTargetGroupArrayOutput) ToListenerRuleActionForwardTargetGroupArrayOutput() ListenerRuleActionForwardTargetGroupArrayOutput { + return o +} + +func (o ListenerRuleActionForwardTargetGroupArrayOutput) ToListenerRuleActionForwardTargetGroupArrayOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupArrayOutput { + return o +} + +func (o ListenerRuleActionForwardTargetGroupArrayOutput) Index(i pulumi.IntInput) ListenerRuleActionForwardTargetGroupOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerRuleActionForwardTargetGroup { + return vs[0].([]ListenerRuleActionForwardTargetGroup)[vs[1].(int)] + }).(ListenerRuleActionForwardTargetGroupOutput) +} + +type ListenerRuleActionJwtValidation struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims []ListenerRuleActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer string `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// ListenerRuleActionJwtValidationInput is an input type that accepts ListenerRuleActionJwtValidationArgs and ListenerRuleActionJwtValidationOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationInput` via: +// +// ListenerRuleActionJwtValidationArgs{...} +type ListenerRuleActionJwtValidationInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput + ToListenerRuleActionJwtValidationOutputWithContext(context.Context) ListenerRuleActionJwtValidationOutput +} + +type ListenerRuleActionJwtValidationArgs struct { + // Repeatable configuration block for additional claims to validate. + AdditionalClaims ListenerRuleActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer pulumi.StringInput `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (ListenerRuleActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput { + return i.ToListenerRuleActionJwtValidationOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationOutput) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return i.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationArgs) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationOutput).ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx) +} + +// ListenerRuleActionJwtValidationPtrInput is an input type that accepts ListenerRuleActionJwtValidationArgs, ListenerRuleActionJwtValidationPtr and ListenerRuleActionJwtValidationPtrOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationPtrInput` via: +// +// ListenerRuleActionJwtValidationArgs{...} +// +// or: +// +// nil +type ListenerRuleActionJwtValidationPtrInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput + ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Context) ListenerRuleActionJwtValidationPtrOutput +} + +type listenerRuleActionJwtValidationPtrType ListenerRuleActionJwtValidationArgs + +func ListenerRuleActionJwtValidationPtr(v *ListenerRuleActionJwtValidationArgs) ListenerRuleActionJwtValidationPtrInput { + return (*listenerRuleActionJwtValidationPtrType)(v) +} + +func (*listenerRuleActionJwtValidationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i *listenerRuleActionJwtValidationPtrType) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return i.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (i *listenerRuleActionJwtValidationPtrType) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationPtrOutput) +} + +type ListenerRuleActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationOutput() ListenerRuleActionJwtValidationOutput { + return o +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationOutput { + return o +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return o.ToListenerRuleActionJwtValidationPtrOutputWithContext(context.Background()) +} + +func (o ListenerRuleActionJwtValidationOutput) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ListenerRuleActionJwtValidation) *ListenerRuleActionJwtValidation { + return &v + }).(ListenerRuleActionJwtValidationPtrOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerRuleActionJwtValidationOutput) AdditionalClaims() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) []ListenerRuleActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerRuleActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +func (o ListenerRuleActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type ListenerRuleActionJwtValidationPtrOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o ListenerRuleActionJwtValidationPtrOutput) ToListenerRuleActionJwtValidationPtrOutput() ListenerRuleActionJwtValidationPtrOutput { + return o +} + +func (o ListenerRuleActionJwtValidationPtrOutput) ToListenerRuleActionJwtValidationPtrOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationPtrOutput { + return o +} + +func (o ListenerRuleActionJwtValidationPtrOutput) Elem() ListenerRuleActionJwtValidationOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) ListenerRuleActionJwtValidation { + if v != nil { + return *v + } + var ret ListenerRuleActionJwtValidation + return ret + }).(ListenerRuleActionJwtValidationOutput) +} + +// Repeatable configuration block for additional claims to validate. +func (o ListenerRuleActionJwtValidationPtrOutput) AdditionalClaims() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) []ListenerRuleActionJwtValidationAdditionalClaim { + if v == nil { + return nil + } + return v.AdditionalClaims + }).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o ListenerRuleActionJwtValidationPtrOutput) Issuer() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.Issuer + }).(pulumi.StringPtrOutput) +} + +// JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path. +func (o ListenerRuleActionJwtValidationPtrOutput) JwksEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ListenerRuleActionJwtValidation) *string { + if v == nil { + return nil + } + return &v.JwksEndpoint + }).(pulumi.StringPtrOutput) +} + +type ListenerRuleActionJwtValidationAdditionalClaim struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format string `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name string `pulumi:"name"` + // List of expected values of the claim. + Values []string `pulumi:"values"` +} + +// ListenerRuleActionJwtValidationAdditionalClaimInput is an input type that accepts ListenerRuleActionJwtValidationAdditionalClaimArgs and ListenerRuleActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationAdditionalClaimInput` via: +// +// ListenerRuleActionJwtValidationAdditionalClaimArgs{...} +type ListenerRuleActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput + ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput +} + +type ListenerRuleActionJwtValidationAdditionalClaimArgs struct { + // Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. + Format pulumi.StringInput `pulumi:"format"` + // Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. + Name pulumi.StringInput `pulumi:"name"` + // List of expected values of the claim. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (ListenerRuleActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArgs) ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput { + return i.ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArgs) ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationAdditionalClaimOutput) +} + +// ListenerRuleActionJwtValidationAdditionalClaimArrayInput is an input type that accepts ListenerRuleActionJwtValidationAdditionalClaimArray and ListenerRuleActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `ListenerRuleActionJwtValidationAdditionalClaimArrayInput` via: +// +// ListenerRuleActionJwtValidationAdditionalClaimArray{ ListenerRuleActionJwtValidationAdditionalClaimArgs{...} } +type ListenerRuleActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput + ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput +} + +type ListenerRuleActionJwtValidationAdditionalClaimArray []ListenerRuleActionJwtValidationAdditionalClaimInput + +func (ListenerRuleActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArray) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return i.ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i ListenerRuleActionJwtValidationAdditionalClaimArray) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) } -type ListenerRuleActionForwardTargetGroupOutput struct{ *pulumi.OutputState } +type ListenerRuleActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } -func (ListenerRuleActionForwardTargetGroupOutput) ElementType() reflect.Type { - return reflect.TypeOf((*ListenerRuleActionForwardTargetGroup)(nil)).Elem() +func (ListenerRuleActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() } -func (o ListenerRuleActionForwardTargetGroupOutput) ToListenerRuleActionForwardTargetGroupOutput() ListenerRuleActionForwardTargetGroupOutput { +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) ToListenerRuleActionJwtValidationAdditionalClaimOutput() ListenerRuleActionJwtValidationAdditionalClaimOutput { return o } -func (o ListenerRuleActionForwardTargetGroupOutput) ToListenerRuleActionForwardTargetGroupOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupOutput { +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) ToListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimOutput { return o } -// The Amazon Resource Name (ARN) of the target group. -func (o ListenerRuleActionForwardTargetGroupOutput) Arn() pulumi.StringOutput { - return o.ApplyT(func(v ListenerRuleActionForwardTargetGroup) string { return v.Arn }).(pulumi.StringOutput) +// Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) } -// The weight. The range is 0 to 999. -func (o ListenerRuleActionForwardTargetGroupOutput) Weight() pulumi.IntPtrOutput { - return o.ApplyT(func(v ListenerRuleActionForwardTargetGroup) *int { return v.Weight }).(pulumi.IntPtrOutput) +// Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) } -type ListenerRuleActionForwardTargetGroupArrayOutput struct{ *pulumi.OutputState } +// List of expected values of the claim. +func (o ListenerRuleActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v ListenerRuleActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} -func (ListenerRuleActionForwardTargetGroupArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]ListenerRuleActionForwardTargetGroup)(nil)).Elem() +type ListenerRuleActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() } -func (o ListenerRuleActionForwardTargetGroupArrayOutput) ToListenerRuleActionForwardTargetGroupArrayOutput() ListenerRuleActionForwardTargetGroupArrayOutput { +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutput() ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { return o } -func (o ListenerRuleActionForwardTargetGroupArrayOutput) ToListenerRuleActionForwardTargetGroupArrayOutputWithContext(ctx context.Context) ListenerRuleActionForwardTargetGroupArrayOutput { +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) ListenerRuleActionJwtValidationAdditionalClaimArrayOutput { return o } -func (o ListenerRuleActionForwardTargetGroupArrayOutput) Index(i pulumi.IntInput) ListenerRuleActionForwardTargetGroupOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerRuleActionForwardTargetGroup { - return vs[0].([]ListenerRuleActionForwardTargetGroup)[vs[1].(int)] - }).(ListenerRuleActionForwardTargetGroupOutput) +func (o ListenerRuleActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) ListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ListenerRuleActionJwtValidationAdditionalClaim { + return vs[0].([]ListenerRuleActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(ListenerRuleActionJwtValidationAdditionalClaimOutput) } type ListenerRuleActionRedirect struct { @@ -7163,6 +7773,7 @@ type GetListenerDefaultAction struct { AuthenticateOidcs []GetListenerDefaultActionAuthenticateOidc `pulumi:"authenticateOidcs"` FixedResponses []GetListenerDefaultActionFixedResponse `pulumi:"fixedResponses"` Forwards []GetListenerDefaultActionForward `pulumi:"forwards"` + JwtValidations []GetListenerDefaultActionJwtValidation `pulumi:"jwtValidations"` Order int `pulumi:"order"` Redirects []GetListenerDefaultActionRedirect `pulumi:"redirects"` TargetGroupArn string `pulumi:"targetGroupArn"` @@ -7185,6 +7796,7 @@ type GetListenerDefaultActionArgs struct { AuthenticateOidcs GetListenerDefaultActionAuthenticateOidcArrayInput `pulumi:"authenticateOidcs"` FixedResponses GetListenerDefaultActionFixedResponseArrayInput `pulumi:"fixedResponses"` Forwards GetListenerDefaultActionForwardArrayInput `pulumi:"forwards"` + JwtValidations GetListenerDefaultActionJwtValidationArrayInput `pulumi:"jwtValidations"` Order pulumi.IntInput `pulumi:"order"` Redirects GetListenerDefaultActionRedirectArrayInput `pulumi:"redirects"` TargetGroupArn pulumi.StringInput `pulumi:"targetGroupArn"` @@ -7262,6 +7874,10 @@ func (o GetListenerDefaultActionOutput) Forwards() GetListenerDefaultActionForwa return o.ApplyT(func(v GetListenerDefaultAction) []GetListenerDefaultActionForward { return v.Forwards }).(GetListenerDefaultActionForwardArrayOutput) } +func (o GetListenerDefaultActionOutput) JwtValidations() GetListenerDefaultActionJwtValidationArrayOutput { + return o.ApplyT(func(v GetListenerDefaultAction) []GetListenerDefaultActionJwtValidation { return v.JwtValidations }).(GetListenerDefaultActionJwtValidationArrayOutput) +} + func (o GetListenerDefaultActionOutput) Order() pulumi.IntOutput { return o.ApplyT(func(v GetListenerDefaultAction) int { return v.Order }).(pulumi.IntOutput) } @@ -8005,6 +8621,220 @@ func (o GetListenerDefaultActionForwardTargetGroupArrayOutput) Index(i pulumi.In }).(GetListenerDefaultActionForwardTargetGroupOutput) } +type GetListenerDefaultActionJwtValidation struct { + AdditionalClaims []GetListenerDefaultActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + Issuer string `pulumi:"issuer"` + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// GetListenerDefaultActionJwtValidationInput is an input type that accepts GetListenerDefaultActionJwtValidationArgs and GetListenerDefaultActionJwtValidationOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationInput` via: +// +// GetListenerDefaultActionJwtValidationArgs{...} +type GetListenerDefaultActionJwtValidationInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput + ToGetListenerDefaultActionJwtValidationOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationOutput +} + +type GetListenerDefaultActionJwtValidationArgs struct { + AdditionalClaims GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + Issuer pulumi.StringInput `pulumi:"issuer"` + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (GetListenerDefaultActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationArgs) ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput { + return i.ToGetListenerDefaultActionJwtValidationOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationArgs) ToGetListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationOutput) +} + +// GetListenerDefaultActionJwtValidationArrayInput is an input type that accepts GetListenerDefaultActionJwtValidationArray and GetListenerDefaultActionJwtValidationArrayOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationArrayInput` via: +// +// GetListenerDefaultActionJwtValidationArray{ GetListenerDefaultActionJwtValidationArgs{...} } +type GetListenerDefaultActionJwtValidationArrayInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput + ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationArrayOutput +} + +type GetListenerDefaultActionJwtValidationArray []GetListenerDefaultActionJwtValidationInput + +func (GetListenerDefaultActionJwtValidationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationArray) ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput { + return i.ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationArray) ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationArrayOutput) +} + +type GetListenerDefaultActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationOutput) ToGetListenerDefaultActionJwtValidationOutput() GetListenerDefaultActionJwtValidationOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationOutput) ToGetListenerDefaultActionJwtValidationOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationOutput) AdditionalClaims() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) []GetListenerDefaultActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +func (o GetListenerDefaultActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type GetListenerDefaultActionJwtValidationArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) ToGetListenerDefaultActionJwtValidationArrayOutput() GetListenerDefaultActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) ToGetListenerDefaultActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationArrayOutput) Index(i pulumi.IntInput) GetListenerDefaultActionJwtValidationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerDefaultActionJwtValidation { + return vs[0].([]GetListenerDefaultActionJwtValidation)[vs[1].(int)] + }).(GetListenerDefaultActionJwtValidationOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaim struct { + Format string `pulumi:"format"` + Name string `pulumi:"name"` + Values []string `pulumi:"values"` +} + +// GetListenerDefaultActionJwtValidationAdditionalClaimInput is an input type that accepts GetListenerDefaultActionJwtValidationAdditionalClaimArgs and GetListenerDefaultActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationAdditionalClaimInput` via: +// +// GetListenerDefaultActionJwtValidationAdditionalClaimArgs{...} +type GetListenerDefaultActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput + ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArgs struct { + Format pulumi.StringInput `pulumi:"format"` + Name pulumi.StringInput `pulumi:"name"` + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return i.ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArgs) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + +// GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput is an input type that accepts GetListenerDefaultActionJwtValidationAdditionalClaimArray and GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput` via: +// +// GetListenerDefaultActionJwtValidationAdditionalClaimArray{ GetListenerDefaultActionJwtValidationAdditionalClaimArgs{...} } +type GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput + ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArray []GetListenerDefaultActionJwtValidationAdditionalClaimInput + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArray) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return i.ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i GetListenerDefaultActionJwtValidationAdditionalClaimArray) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutput() GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetListenerDefaultActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerDefaultActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput() GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerDefaultActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) GetListenerDefaultActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerDefaultActionJwtValidationAdditionalClaim { + return vs[0].([]GetListenerDefaultActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(GetListenerDefaultActionJwtValidationAdditionalClaimOutput) +} + type GetListenerDefaultActionRedirect struct { Host string `pulumi:"host"` Path string `pulumi:"path"` @@ -8257,6 +9087,9 @@ type GetListenerRuleAction struct { // An action to forward the request. // Detailed below. Forwards []GetListenerRuleActionForward `pulumi:"forwards"` + // An action to validate using JWT. + // Detailed below. + JwtValidations []GetListenerRuleActionJwtValidation `pulumi:"jwtValidations"` // The evaluation order of the action. Order int `pulumi:"order"` // An action to redirect the request. @@ -8290,6 +9123,9 @@ type GetListenerRuleActionArgs struct { // An action to forward the request. // Detailed below. Forwards GetListenerRuleActionForwardArrayInput `pulumi:"forwards"` + // An action to validate using JWT. + // Detailed below. + JwtValidations GetListenerRuleActionJwtValidationArrayInput `pulumi:"jwtValidations"` // The evaluation order of the action. Order pulumi.IntInput `pulumi:"order"` // An action to redirect the request. @@ -8376,6 +9212,12 @@ func (o GetListenerRuleActionOutput) Forwards() GetListenerRuleActionForwardArra return o.ApplyT(func(v GetListenerRuleAction) []GetListenerRuleActionForward { return v.Forwards }).(GetListenerRuleActionForwardArrayOutput) } +// An action to validate using JWT. +// Detailed below. +func (o GetListenerRuleActionOutput) JwtValidations() GetListenerRuleActionJwtValidationArrayOutput { + return o.ApplyT(func(v GetListenerRuleAction) []GetListenerRuleActionJwtValidation { return v.JwtValidations }).(GetListenerRuleActionJwtValidationArrayOutput) +} + // The evaluation order of the action. func (o GetListenerRuleActionOutput) Order() pulumi.IntOutput { return o.ApplyT(func(v GetListenerRuleAction) int { return v.Order }).(pulumi.IntOutput) @@ -8585,7 +9427,7 @@ type GetListenerRuleActionAuthenticateOidc struct { AuthorizationEndpoint string `pulumi:"authorizationEndpoint"` // OAuth 2.0 client identifier. ClientId string `pulumi:"clientId"` - // OIDC issuer identifier of the IdP. + // Issuer of the JWT. Issuer string `pulumi:"issuer"` // Behavior when the client is not authenticated. OnUnauthenticatedRequest string `pulumi:"onUnauthenticatedRequest"` @@ -8620,7 +9462,7 @@ type GetListenerRuleActionAuthenticateOidcArgs struct { AuthorizationEndpoint pulumi.StringInput `pulumi:"authorizationEndpoint"` // OAuth 2.0 client identifier. ClientId pulumi.StringInput `pulumi:"clientId"` - // OIDC issuer identifier of the IdP. + // Issuer of the JWT. Issuer pulumi.StringInput `pulumi:"issuer"` // Behavior when the client is not authenticated. OnUnauthenticatedRequest pulumi.StringInput `pulumi:"onUnauthenticatedRequest"` @@ -8705,7 +9547,7 @@ func (o GetListenerRuleActionAuthenticateOidcOutput) ClientId() pulumi.StringOut return o.ApplyT(func(v GetListenerRuleActionAuthenticateOidc) string { return v.ClientId }).(pulumi.StringOutput) } -// OIDC issuer identifier of the IdP. +// Issuer of the JWT. func (o GetListenerRuleActionAuthenticateOidcOutput) Issuer() pulumi.StringOutput { return o.ApplyT(func(v GetListenerRuleActionAuthenticateOidc) string { return v.Issuer }).(pulumi.StringOutput) } @@ -9202,6 +10044,238 @@ func (o GetListenerRuleActionForwardTargetGroupArrayOutput) Index(i pulumi.IntIn }).(GetListenerRuleActionForwardTargetGroupOutput) } +type GetListenerRuleActionJwtValidation struct { + // Additional claims to validate. + AdditionalClaims []GetListenerRuleActionJwtValidationAdditionalClaim `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer string `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. + JwksEndpoint string `pulumi:"jwksEndpoint"` +} + +// GetListenerRuleActionJwtValidationInput is an input type that accepts GetListenerRuleActionJwtValidationArgs and GetListenerRuleActionJwtValidationOutput values. +// You can construct a concrete instance of `GetListenerRuleActionJwtValidationInput` via: +// +// GetListenerRuleActionJwtValidationArgs{...} +type GetListenerRuleActionJwtValidationInput interface { + pulumi.Input + + ToGetListenerRuleActionJwtValidationOutput() GetListenerRuleActionJwtValidationOutput + ToGetListenerRuleActionJwtValidationOutputWithContext(context.Context) GetListenerRuleActionJwtValidationOutput +} + +type GetListenerRuleActionJwtValidationArgs struct { + // Additional claims to validate. + AdditionalClaims GetListenerRuleActionJwtValidationAdditionalClaimArrayInput `pulumi:"additionalClaims"` + // Issuer of the JWT. + Issuer pulumi.StringInput `pulumi:"issuer"` + // JSON Web Key Set (JWKS) endpoint. + JwksEndpoint pulumi.StringInput `pulumi:"jwksEndpoint"` +} + +func (GetListenerRuleActionJwtValidationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerRuleActionJwtValidationArgs) ToGetListenerRuleActionJwtValidationOutput() GetListenerRuleActionJwtValidationOutput { + return i.ToGetListenerRuleActionJwtValidationOutputWithContext(context.Background()) +} + +func (i GetListenerRuleActionJwtValidationArgs) ToGetListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerRuleActionJwtValidationOutput) +} + +// GetListenerRuleActionJwtValidationArrayInput is an input type that accepts GetListenerRuleActionJwtValidationArray and GetListenerRuleActionJwtValidationArrayOutput values. +// You can construct a concrete instance of `GetListenerRuleActionJwtValidationArrayInput` via: +// +// GetListenerRuleActionJwtValidationArray{ GetListenerRuleActionJwtValidationArgs{...} } +type GetListenerRuleActionJwtValidationArrayInput interface { + pulumi.Input + + ToGetListenerRuleActionJwtValidationArrayOutput() GetListenerRuleActionJwtValidationArrayOutput + ToGetListenerRuleActionJwtValidationArrayOutputWithContext(context.Context) GetListenerRuleActionJwtValidationArrayOutput +} + +type GetListenerRuleActionJwtValidationArray []GetListenerRuleActionJwtValidationInput + +func (GetListenerRuleActionJwtValidationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (i GetListenerRuleActionJwtValidationArray) ToGetListenerRuleActionJwtValidationArrayOutput() GetListenerRuleActionJwtValidationArrayOutput { + return i.ToGetListenerRuleActionJwtValidationArrayOutputWithContext(context.Background()) +} + +func (i GetListenerRuleActionJwtValidationArray) ToGetListenerRuleActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerRuleActionJwtValidationArrayOutput) +} + +type GetListenerRuleActionJwtValidationOutput struct{ *pulumi.OutputState } + +func (GetListenerRuleActionJwtValidationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerRuleActionJwtValidationOutput) ToGetListenerRuleActionJwtValidationOutput() GetListenerRuleActionJwtValidationOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationOutput) ToGetListenerRuleActionJwtValidationOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationOutput { + return o +} + +// Additional claims to validate. +func (o GetListenerRuleActionJwtValidationOutput) AdditionalClaims() GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidation) []GetListenerRuleActionJwtValidationAdditionalClaim { + return v.AdditionalClaims + }).(GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +// Issuer of the JWT. +func (o GetListenerRuleActionJwtValidationOutput) Issuer() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidation) string { return v.Issuer }).(pulumi.StringOutput) +} + +// JSON Web Key Set (JWKS) endpoint. +func (o GetListenerRuleActionJwtValidationOutput) JwksEndpoint() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidation) string { return v.JwksEndpoint }).(pulumi.StringOutput) +} + +type GetListenerRuleActionJwtValidationArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerRuleActionJwtValidationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerRuleActionJwtValidation)(nil)).Elem() +} + +func (o GetListenerRuleActionJwtValidationArrayOutput) ToGetListenerRuleActionJwtValidationArrayOutput() GetListenerRuleActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationArrayOutput) ToGetListenerRuleActionJwtValidationArrayOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationArrayOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationArrayOutput) Index(i pulumi.IntInput) GetListenerRuleActionJwtValidationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerRuleActionJwtValidation { + return vs[0].([]GetListenerRuleActionJwtValidation)[vs[1].(int)] + }).(GetListenerRuleActionJwtValidationOutput) +} + +type GetListenerRuleActionJwtValidationAdditionalClaim struct { + // Format of the claim value. + Format string `pulumi:"format"` + // Name of the claim to validate. + Name string `pulumi:"name"` + // Set of `key`-`value` pairs indicating the query string parameters to match. + Values []string `pulumi:"values"` +} + +// GetListenerRuleActionJwtValidationAdditionalClaimInput is an input type that accepts GetListenerRuleActionJwtValidationAdditionalClaimArgs and GetListenerRuleActionJwtValidationAdditionalClaimOutput values. +// You can construct a concrete instance of `GetListenerRuleActionJwtValidationAdditionalClaimInput` via: +// +// GetListenerRuleActionJwtValidationAdditionalClaimArgs{...} +type GetListenerRuleActionJwtValidationAdditionalClaimInput interface { + pulumi.Input + + ToGetListenerRuleActionJwtValidationAdditionalClaimOutput() GetListenerRuleActionJwtValidationAdditionalClaimOutput + ToGetListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Context) GetListenerRuleActionJwtValidationAdditionalClaimOutput +} + +type GetListenerRuleActionJwtValidationAdditionalClaimArgs struct { + // Format of the claim value. + Format pulumi.StringInput `pulumi:"format"` + // Name of the claim to validate. + Name pulumi.StringInput `pulumi:"name"` + // Set of `key`-`value` pairs indicating the query string parameters to match. + Values pulumi.StringArrayInput `pulumi:"values"` +} + +func (GetListenerRuleActionJwtValidationAdditionalClaimArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerRuleActionJwtValidationAdditionalClaimArgs) ToGetListenerRuleActionJwtValidationAdditionalClaimOutput() GetListenerRuleActionJwtValidationAdditionalClaimOutput { + return i.ToGetListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(context.Background()) +} + +func (i GetListenerRuleActionJwtValidationAdditionalClaimArgs) ToGetListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerRuleActionJwtValidationAdditionalClaimOutput) +} + +// GetListenerRuleActionJwtValidationAdditionalClaimArrayInput is an input type that accepts GetListenerRuleActionJwtValidationAdditionalClaimArray and GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput values. +// You can construct a concrete instance of `GetListenerRuleActionJwtValidationAdditionalClaimArrayInput` via: +// +// GetListenerRuleActionJwtValidationAdditionalClaimArray{ GetListenerRuleActionJwtValidationAdditionalClaimArgs{...} } +type GetListenerRuleActionJwtValidationAdditionalClaimArrayInput interface { + pulumi.Input + + ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutput() GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput + ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Context) GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput +} + +type GetListenerRuleActionJwtValidationAdditionalClaimArray []GetListenerRuleActionJwtValidationAdditionalClaimInput + +func (GetListenerRuleActionJwtValidationAdditionalClaimArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (i GetListenerRuleActionJwtValidationAdditionalClaimArray) ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutput() GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return i.ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(context.Background()) +} + +func (i GetListenerRuleActionJwtValidationAdditionalClaimArray) ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) +} + +type GetListenerRuleActionJwtValidationAdditionalClaimOutput struct{ *pulumi.OutputState } + +func (GetListenerRuleActionJwtValidationAdditionalClaimOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerRuleActionJwtValidationAdditionalClaimOutput) ToGetListenerRuleActionJwtValidationAdditionalClaimOutput() GetListenerRuleActionJwtValidationAdditionalClaimOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationAdditionalClaimOutput) ToGetListenerRuleActionJwtValidationAdditionalClaimOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationAdditionalClaimOutput { + return o +} + +// Format of the claim value. +func (o GetListenerRuleActionJwtValidationAdditionalClaimOutput) Format() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidationAdditionalClaim) string { return v.Format }).(pulumi.StringOutput) +} + +// Name of the claim to validate. +func (o GetListenerRuleActionJwtValidationAdditionalClaimOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidationAdditionalClaim) string { return v.Name }).(pulumi.StringOutput) +} + +// Set of `key`-`value` pairs indicating the query string parameters to match. +func (o GetListenerRuleActionJwtValidationAdditionalClaimOutput) Values() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetListenerRuleActionJwtValidationAdditionalClaim) []string { return v.Values }).(pulumi.StringArrayOutput) +} + +type GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput struct{ *pulumi.OutputState } + +func (GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetListenerRuleActionJwtValidationAdditionalClaim)(nil)).Elem() +} + +func (o GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutput() GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) ToGetListenerRuleActionJwtValidationAdditionalClaimArrayOutputWithContext(ctx context.Context) GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput { + return o +} + +func (o GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput) Index(i pulumi.IntInput) GetListenerRuleActionJwtValidationAdditionalClaimOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetListenerRuleActionJwtValidationAdditionalClaim { + return vs[0].([]GetListenerRuleActionJwtValidationAdditionalClaim)[vs[1].(int)] + }).(GetListenerRuleActionJwtValidationAdditionalClaimOutput) +} + type GetListenerRuleActionRedirect struct { // The hostname. Host string `pulumi:"host"` @@ -11313,6 +12387,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardStickinessPtrInput)(nil)).Elem(), ListenerDefaultActionForwardStickinessArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardTargetGroupInput)(nil)).Elem(), ListenerDefaultActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionForwardTargetGroupArrayInput)(nil)).Elem(), ListenerDefaultActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationInput)(nil)).Elem(), ListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationPtrInput)(nil)).Elem(), ListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaimInput)(nil)).Elem(), ListenerDefaultActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), ListenerDefaultActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionRedirectInput)(nil)).Elem(), ListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerDefaultActionRedirectPtrInput)(nil)).Elem(), ListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerMutualAuthenticationInput)(nil)).Elem(), ListenerMutualAuthenticationArgs{}) @@ -11331,6 +12409,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardStickinessPtrInput)(nil)).Elem(), ListenerRuleActionForwardStickinessArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardTargetGroupInput)(nil)).Elem(), ListenerRuleActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionForwardTargetGroupArrayInput)(nil)).Elem(), ListenerRuleActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationInput)(nil)).Elem(), ListenerRuleActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationPtrInput)(nil)).Elem(), ListenerRuleActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaimInput)(nil)).Elem(), ListenerRuleActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), ListenerRuleActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionRedirectInput)(nil)).Elem(), ListenerRuleActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleActionRedirectPtrInput)(nil)).Elem(), ListenerRuleActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ListenerRuleConditionInput)(nil)).Elem(), ListenerRuleConditionArgs{}) @@ -11395,6 +12477,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardStickinessArrayInput)(nil)).Elem(), GetListenerDefaultActionForwardStickinessArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardTargetGroupInput)(nil)).Elem(), GetListenerDefaultActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionForwardTargetGroupArrayInput)(nil)).Elem(), GetListenerDefaultActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationArrayInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaimInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), GetListenerDefaultActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionRedirectInput)(nil)).Elem(), GetListenerDefaultActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerDefaultActionRedirectArrayInput)(nil)).Elem(), GetListenerDefaultActionRedirectArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerMutualAuthenticationInput)(nil)).Elem(), GetListenerMutualAuthenticationArgs{}) @@ -11413,6 +12499,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionForwardStickinessArrayInput)(nil)).Elem(), GetListenerRuleActionForwardStickinessArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionForwardTargetGroupInput)(nil)).Elem(), GetListenerRuleActionForwardTargetGroupArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionForwardTargetGroupArrayInput)(nil)).Elem(), GetListenerRuleActionForwardTargetGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionJwtValidationInput)(nil)).Elem(), GetListenerRuleActionJwtValidationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionJwtValidationArrayInput)(nil)).Elem(), GetListenerRuleActionJwtValidationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionJwtValidationAdditionalClaimInput)(nil)).Elem(), GetListenerRuleActionJwtValidationAdditionalClaimArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionJwtValidationAdditionalClaimArrayInput)(nil)).Elem(), GetListenerRuleActionJwtValidationAdditionalClaimArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionRedirectInput)(nil)).Elem(), GetListenerRuleActionRedirectArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleActionRedirectArrayInput)(nil)).Elem(), GetListenerRuleActionRedirectArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetListenerRuleConditionInput)(nil)).Elem(), GetListenerRuleConditionArgs{}) @@ -11464,6 +12554,10 @@ func init() { pulumi.RegisterOutputType(ListenerDefaultActionForwardStickinessPtrOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationPtrOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(ListenerDefaultActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionRedirectOutput{}) pulumi.RegisterOutputType(ListenerDefaultActionRedirectPtrOutput{}) pulumi.RegisterOutputType(ListenerMutualAuthenticationOutput{}) @@ -11482,6 +12576,10 @@ func init() { pulumi.RegisterOutputType(ListenerRuleActionForwardStickinessPtrOutput{}) pulumi.RegisterOutputType(ListenerRuleActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(ListenerRuleActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationPtrOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(ListenerRuleActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(ListenerRuleActionRedirectOutput{}) pulumi.RegisterOutputType(ListenerRuleActionRedirectPtrOutput{}) pulumi.RegisterOutputType(ListenerRuleConditionOutput{}) @@ -11546,6 +12644,10 @@ func init() { pulumi.RegisterOutputType(GetListenerDefaultActionForwardStickinessArrayOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationArrayOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(GetListenerDefaultActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionRedirectOutput{}) pulumi.RegisterOutputType(GetListenerDefaultActionRedirectArrayOutput{}) pulumi.RegisterOutputType(GetListenerMutualAuthenticationOutput{}) @@ -11564,6 +12666,10 @@ func init() { pulumi.RegisterOutputType(GetListenerRuleActionForwardStickinessArrayOutput{}) pulumi.RegisterOutputType(GetListenerRuleActionForwardTargetGroupOutput{}) pulumi.RegisterOutputType(GetListenerRuleActionForwardTargetGroupArrayOutput{}) + pulumi.RegisterOutputType(GetListenerRuleActionJwtValidationOutput{}) + pulumi.RegisterOutputType(GetListenerRuleActionJwtValidationArrayOutput{}) + pulumi.RegisterOutputType(GetListenerRuleActionJwtValidationAdditionalClaimOutput{}) + pulumi.RegisterOutputType(GetListenerRuleActionJwtValidationAdditionalClaimArrayOutput{}) pulumi.RegisterOutputType(GetListenerRuleActionRedirectOutput{}) pulumi.RegisterOutputType(GetListenerRuleActionRedirectArrayOutput{}) pulumi.RegisterOutputType(GetListenerRuleConditionOutput{}) diff --git a/sdk/go/aws/notifications/channelAssociation.go b/sdk/go/aws/notifications/channelAssociation.go index 4a3bf149de2..88b0cd1c766 100644 --- a/sdk/go/aws/notifications/channelAssociation.go +++ b/sdk/go/aws/notifications/channelAssociation.go @@ -67,7 +67,7 @@ import ( type ChannelAssociation struct { pulumi.CustomResourceState - // ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + // ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. Arn pulumi.StringOutput `pulumi:"arn"` // ARN of the notification configuration to associate the channel with. NotificationConfigurationArn pulumi.StringOutput `pulumi:"notificationConfigurationArn"` @@ -109,14 +109,14 @@ func GetChannelAssociation(ctx *pulumi.Context, // Input properties used for looking up and filtering ChannelAssociation resources. type channelAssociationState struct { - // ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + // ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. Arn *string `pulumi:"arn"` // ARN of the notification configuration to associate the channel with. NotificationConfigurationArn *string `pulumi:"notificationConfigurationArn"` } type ChannelAssociationState struct { - // ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + // ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. Arn pulumi.StringPtrInput // ARN of the notification configuration to associate the channel with. NotificationConfigurationArn pulumi.StringPtrInput @@ -127,7 +127,7 @@ func (ChannelAssociationState) ElementType() reflect.Type { } type channelAssociationArgs struct { - // ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + // ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. Arn string `pulumi:"arn"` // ARN of the notification configuration to associate the channel with. NotificationConfigurationArn string `pulumi:"notificationConfigurationArn"` @@ -135,7 +135,7 @@ type channelAssociationArgs struct { // The set of arguments for constructing a ChannelAssociation resource. type ChannelAssociationArgs struct { - // ARN of the channel to associate with the notification configuration. This can be an email contact ARN. + // ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. Arn pulumi.StringInput // ARN of the notification configuration to associate the channel with. NotificationConfigurationArn pulumi.StringInput @@ -228,7 +228,7 @@ func (o ChannelAssociationOutput) ToChannelAssociationOutputWithContext(ctx cont return o } -// ARN of the channel to associate with the notification configuration. This can be an email contact ARN. +// ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`. func (o ChannelAssociationOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *ChannelAssociation) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } diff --git a/sdk/go/aws/odb/cloudVmCluster.go b/sdk/go/aws/odb/cloudVmCluster.go index bc0af7f7d9b..91356cc544e 100644 --- a/sdk/go/aws/odb/cloudVmCluster.go +++ b/sdk/go/aws/odb/cloudVmCluster.go @@ -110,7 +110,9 @@ type CloudVmCluster struct { // The Amazon Resource Name (ARN) for the cloud vm cluster. Arn pulumi.StringOutput `pulumi:"arn"` - // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + // The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureArn pulumi.StringOutput `pulumi:"cloudExadataInfrastructureArn"` + // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. CloudExadataInfrastructureId pulumi.StringOutput `pulumi:"cloudExadataInfrastructureId"` // The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. ClusterName pulumi.StringOutput `pulumi:"clusterName"` @@ -167,7 +169,9 @@ type CloudVmCluster struct { OciUrl pulumi.StringOutput `pulumi:"ociUrl"` // The OCID (Oracle Cloud Identifier) of the VM cluster. Ocid pulumi.StringOutput `pulumi:"ocid"` - // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + // The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkArn pulumi.StringOutput `pulumi:"odbNetworkArn"` + // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. OdbNetworkId pulumi.StringOutput `pulumi:"odbNetworkId"` // The percentage of progress made on the current operation for the VM cluster. PercentProgress pulumi.Float64Output `pulumi:"percentProgress"` @@ -211,9 +215,6 @@ func NewCloudVmCluster(ctx *pulumi.Context, return nil, errors.New("missing one or more required arguments") } - if args.CloudExadataInfrastructureId == nil { - return nil, errors.New("invalid value for required argument 'CloudExadataInfrastructureId'") - } if args.CpuCoreCount == nil { return nil, errors.New("invalid value for required argument 'CpuCoreCount'") } @@ -232,9 +233,6 @@ func NewCloudVmCluster(ctx *pulumi.Context, if args.HostnamePrefix == nil { return nil, errors.New("invalid value for required argument 'HostnamePrefix'") } - if args.OdbNetworkId == nil { - return nil, errors.New("invalid value for required argument 'OdbNetworkId'") - } if args.SshPublicKeys == nil { return nil, errors.New("invalid value for required argument 'SshPublicKeys'") } @@ -263,7 +261,9 @@ func GetCloudVmCluster(ctx *pulumi.Context, type cloudVmClusterState struct { // The Amazon Resource Name (ARN) for the cloud vm cluster. Arn *string `pulumi:"arn"` - // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + // The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureArn *string `pulumi:"cloudExadataInfrastructureArn"` + // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. CloudExadataInfrastructureId *string `pulumi:"cloudExadataInfrastructureId"` // The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. ClusterName *string `pulumi:"clusterName"` @@ -320,7 +320,9 @@ type cloudVmClusterState struct { OciUrl *string `pulumi:"ociUrl"` // The OCID (Oracle Cloud Identifier) of the VM cluster. Ocid *string `pulumi:"ocid"` - // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + // The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkArn *string `pulumi:"odbNetworkArn"` + // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. OdbNetworkId *string `pulumi:"odbNetworkId"` // The percentage of progress made on the current operation for the VM cluster. PercentProgress *float64 `pulumi:"percentProgress"` @@ -360,7 +362,9 @@ type cloudVmClusterState struct { type CloudVmClusterState struct { // The Amazon Resource Name (ARN) for the cloud vm cluster. Arn pulumi.StringPtrInput - // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. + // The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureArn pulumi.StringPtrInput + // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. CloudExadataInfrastructureId pulumi.StringPtrInput // The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. ClusterName pulumi.StringPtrInput @@ -417,7 +421,9 @@ type CloudVmClusterState struct { OciUrl pulumi.StringPtrInput // The OCID (Oracle Cloud Identifier) of the VM cluster. Ocid pulumi.StringPtrInput - // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. + // The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkArn pulumi.StringPtrInput + // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. OdbNetworkId pulumi.StringPtrInput // The percentage of progress made on the current operation for the VM cluster. PercentProgress pulumi.Float64PtrInput @@ -459,8 +465,10 @@ func (CloudVmClusterState) ElementType() reflect.Type { } type cloudVmClusterArgs struct { - // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. - CloudExadataInfrastructureId string `pulumi:"cloudExadataInfrastructureId"` + // The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureArn *string `pulumi:"cloudExadataInfrastructureArn"` + // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureId *string `pulumi:"cloudExadataInfrastructureId"` // The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. ClusterName *string `pulumi:"clusterName"` // The number of CPU cores to enable on the VM cluster. Changing this will create a new resource. @@ -489,8 +497,10 @@ type cloudVmClusterArgs struct { LicenseModel *string `pulumi:"licenseModel"` // The amount of memory, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource. MemorySizeInGbs *int `pulumi:"memorySizeInGbs"` - // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. - OdbNetworkId string `pulumi:"odbNetworkId"` + // The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkArn *string `pulumi:"odbNetworkArn"` + // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkId *string `pulumi:"odbNetworkId"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region *string `pulumi:"region"` // The port number for TCP connections to the single client access name (SCAN) listener. Valid values: 1024–8999, except 2484, 6100, 6200, 7060, 7070, 7085, and 7879. Default: 1521. Changing this will create a new resource. @@ -506,8 +516,10 @@ type cloudVmClusterArgs struct { // The set of arguments for constructing a CloudVmCluster resource. type CloudVmClusterArgs struct { - // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. - CloudExadataInfrastructureId pulumi.StringInput + // The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureArn pulumi.StringPtrInput + // The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + CloudExadataInfrastructureId pulumi.StringPtrInput // The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource. ClusterName pulumi.StringPtrInput // The number of CPU cores to enable on the VM cluster. Changing this will create a new resource. @@ -536,8 +548,10 @@ type CloudVmClusterArgs struct { LicenseModel pulumi.StringPtrInput // The amount of memory, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource. MemorySizeInGbs pulumi.IntPtrInput - // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. - OdbNetworkId pulumi.StringInput + // The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkArn pulumi.StringPtrInput + // The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. + OdbNetworkId pulumi.StringPtrInput // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringPtrInput // The port number for TCP connections to the single client access name (SCAN) listener. Valid values: 1024–8999, except 2484, 6100, 6200, 7060, 7070, 7085, and 7879. Default: 1521. Changing this will create a new resource. @@ -643,7 +657,12 @@ func (o CloudVmClusterOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } -// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. +// The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. +func (o CloudVmClusterOutput) CloudExadataInfrastructureArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.CloudExadataInfrastructureArn }).(pulumi.StringOutput) +} + +// The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. func (o CloudVmClusterOutput) CloudExadataInfrastructureId() pulumi.StringOutput { return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.CloudExadataInfrastructureId }).(pulumi.StringOutput) } @@ -781,7 +800,12 @@ func (o CloudVmClusterOutput) Ocid() pulumi.StringOutput { return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.Ocid }).(pulumi.StringOutput) } -// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. +// The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. +func (o CloudVmClusterOutput) OdbNetworkArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.OdbNetworkArn }).(pulumi.StringOutput) +} + +// The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used. func (o CloudVmClusterOutput) OdbNetworkId() pulumi.StringOutput { return o.ApplyT(func(v *CloudVmCluster) pulumi.StringOutput { return v.OdbNetworkId }).(pulumi.StringOutput) } diff --git a/sdk/go/aws/odb/pulumiTypes.go b/sdk/go/aws/odb/pulumiTypes.go index bb6ae399124..484a690fdc7 100644 --- a/sdk/go/aws/odb/pulumiTypes.go +++ b/sdk/go/aws/odb/pulumiTypes.go @@ -4904,7 +4904,8 @@ type GetDbServersDbServer struct { DisplayName string `pulumi:"displayName"` // The ID of the Exadata infrastructure that hosts the database server. ExadataInfrastructureId string `pulumi:"exadataInfrastructureId"` - Id string `pulumi:"id"` + // The unique identifier of the database server. + Id string `pulumi:"id"` // The total number of CPU cores available on the database server. MaxCpuCount int `pulumi:"maxCpuCount"` // The total amount of local node storage, in gigabytes (GB), that's available on the database server. @@ -4957,7 +4958,8 @@ type GetDbServersDbServerArgs struct { DisplayName pulumi.StringInput `pulumi:"displayName"` // The ID of the Exadata infrastructure that hosts the database server. ExadataInfrastructureId pulumi.StringInput `pulumi:"exadataInfrastructureId"` - Id pulumi.StringInput `pulumi:"id"` + // The unique identifier of the database server. + Id pulumi.StringInput `pulumi:"id"` // The total number of CPU cores available on the database server. MaxCpuCount pulumi.IntInput `pulumi:"maxCpuCount"` // The total amount of local node storage, in gigabytes (GB), that's available on the database server. @@ -5078,6 +5080,7 @@ func (o GetDbServersDbServerOutput) ExadataInfrastructureId() pulumi.StringOutpu return o.ApplyT(func(v GetDbServersDbServer) string { return v.ExadataInfrastructureId }).(pulumi.StringOutput) } +// The unique identifier of the database server. func (o GetDbServersDbServerOutput) Id() pulumi.StringOutput { return o.ApplyT(func(v GetDbServersDbServer) string { return v.Id }).(pulumi.StringOutput) } diff --git a/sdk/go/aws/organizations/organization.go b/sdk/go/aws/organizations/organization.go index 62c6881de41..5eba5be7f48 100644 --- a/sdk/go/aws/organizations/organization.go +++ b/sdk/go/aws/organizations/organization.go @@ -73,7 +73,7 @@ type Organization struct { Arn pulumi.StringOutput `pulumi:"arn"` // List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). AwsServiceAccessPrincipals pulumi.StringArrayOutput `pulumi:"awsServiceAccessPrincipals"` - // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. EnabledPolicyTypes pulumi.StringArrayOutput `pulumi:"enabledPolicyTypes"` // Specify `ALL` (default) or `CONSOLIDATED_BILLING`. FeatureSet pulumi.StringPtrOutput `pulumi:"featureSet"` @@ -127,7 +127,7 @@ type organizationState struct { Arn *string `pulumi:"arn"` // List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). AwsServiceAccessPrincipals []string `pulumi:"awsServiceAccessPrincipals"` - // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. EnabledPolicyTypes []string `pulumi:"enabledPolicyTypes"` // Specify `ALL` (default) or `CONSOLIDATED_BILLING`. FeatureSet *string `pulumi:"featureSet"` @@ -152,7 +152,7 @@ type OrganizationState struct { Arn pulumi.StringPtrInput // List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). AwsServiceAccessPrincipals pulumi.StringArrayInput - // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. EnabledPolicyTypes pulumi.StringArrayInput // Specify `ALL` (default) or `CONSOLIDATED_BILLING`. FeatureSet pulumi.StringPtrInput @@ -177,7 +177,7 @@ func (OrganizationState) ElementType() reflect.Type { type organizationArgs struct { // List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). AwsServiceAccessPrincipals []string `pulumi:"awsServiceAccessPrincipals"` - // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. EnabledPolicyTypes []string `pulumi:"enabledPolicyTypes"` // Specify `ALL` (default) or `CONSOLIDATED_BILLING`. FeatureSet *string `pulumi:"featureSet"` @@ -187,7 +187,7 @@ type organizationArgs struct { type OrganizationArgs struct { // List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `featureSet` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html). AwsServiceAccessPrincipals pulumi.StringArrayInput - // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). + // List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. EnabledPolicyTypes pulumi.StringArrayInput // Specify `ALL` (default) or `CONSOLIDATED_BILLING`. FeatureSet pulumi.StringPtrInput @@ -295,7 +295,7 @@ func (o OrganizationOutput) AwsServiceAccessPrincipals() pulumi.StringArrayOutpu return o.ApplyT(func(v *Organization) pulumi.StringArrayOutput { return v.AwsServiceAccessPrincipals }).(pulumi.StringArrayOutput) } -// List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). +// List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`. func (o OrganizationOutput) EnabledPolicyTypes() pulumi.StringArrayOutput { return o.ApplyT(func(v *Organization) pulumi.StringArrayOutput { return v.EnabledPolicyTypes }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/aws/provider.go b/sdk/go/aws/provider.go index 3a0f81ed313..0c46e080db5 100644 --- a/sdk/go/aws/provider.go +++ b/sdk/go/aws/provider.go @@ -49,6 +49,8 @@ type Provider struct { // The region where AWS STS operations will take place. Examples // are us-east-1 and us-west-2. StsRegion pulumi.StringPtrOutput `pulumi:"stsRegion"` + // The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + TagPolicyCompliance pulumi.StringPtrOutput `pulumi:"tagPolicyCompliance"` // session token. A session token is only required if you are // using temporary security credentials. Token pulumi.StringPtrOutput `pulumi:"token"` @@ -160,6 +162,8 @@ type providerArgs struct { // The region where AWS STS operations will take place. Examples // are us-east-1 and us-west-2. StsRegion *string `pulumi:"stsRegion"` + // The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + TagPolicyCompliance *string `pulumi:"tagPolicyCompliance"` // session token. A session token is only required if you are // using temporary security credentials. Token *string `pulumi:"token"` @@ -236,6 +240,8 @@ type ProviderArgs struct { // The region where AWS STS operations will take place. Examples // are us-east-1 and us-west-2. StsRegion pulumi.StringPtrInput + // The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + TagPolicyCompliance pulumi.StringPtrInput // session token. A session token is only required if you are // using temporary security credentials. Token pulumi.StringPtrInput @@ -377,6 +383,11 @@ func (o ProviderOutput) StsRegion() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.StsRegion }).(pulumi.StringPtrOutput) } +// The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. +func (o ProviderOutput) TagPolicyCompliance() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.TagPolicyCompliance }).(pulumi.StringPtrOutput) +} + // session token. A session token is only required if you are // using temporary security credentials. func (o ProviderOutput) Token() pulumi.StringPtrOutput { diff --git a/sdk/go/aws/quicksight/accountSettings.go b/sdk/go/aws/quicksight/accountSettings.go index da843f7f33a..6e53e51e4e8 100644 --- a/sdk/go/aws/quicksight/accountSettings.go +++ b/sdk/go/aws/quicksight/accountSettings.go @@ -65,6 +65,8 @@ type AccountSettings struct { AwsAccountId pulumi.StringOutput `pulumi:"awsAccountId"` // The default namespace for this Amazon Web Services account. Currently, the default is `default`. DefaultNamespace pulumi.StringOutput `pulumi:"defaultNamespace"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringOutput `pulumi:"region"` // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. TerminationProtectionEnabled pulumi.BoolOutput `pulumi:"terminationProtectionEnabled"` Timeouts AccountSettingsTimeoutsPtrOutput `pulumi:"timeouts"` @@ -103,6 +105,8 @@ type accountSettingsState struct { AwsAccountId *string `pulumi:"awsAccountId"` // The default namespace for this Amazon Web Services account. Currently, the default is `default`. DefaultNamespace *string `pulumi:"defaultNamespace"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region *string `pulumi:"region"` // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. TerminationProtectionEnabled *bool `pulumi:"terminationProtectionEnabled"` Timeouts *AccountSettingsTimeouts `pulumi:"timeouts"` @@ -112,6 +116,8 @@ type AccountSettingsState struct { AwsAccountId pulumi.StringPtrInput // The default namespace for this Amazon Web Services account. Currently, the default is `default`. DefaultNamespace pulumi.StringPtrInput + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringPtrInput // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. TerminationProtectionEnabled pulumi.BoolPtrInput Timeouts AccountSettingsTimeoutsPtrInput @@ -125,6 +131,8 @@ type accountSettingsArgs struct { AwsAccountId *string `pulumi:"awsAccountId"` // The default namespace for this Amazon Web Services account. Currently, the default is `default`. DefaultNamespace *string `pulumi:"defaultNamespace"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region *string `pulumi:"region"` // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. TerminationProtectionEnabled *bool `pulumi:"terminationProtectionEnabled"` Timeouts *AccountSettingsTimeouts `pulumi:"timeouts"` @@ -135,6 +143,8 @@ type AccountSettingsArgs struct { AwsAccountId pulumi.StringPtrInput // The default namespace for this Amazon Web Services account. Currently, the default is `default`. DefaultNamespace pulumi.StringPtrInput + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringPtrInput // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. TerminationProtectionEnabled pulumi.BoolPtrInput Timeouts AccountSettingsTimeoutsPtrInput @@ -236,6 +246,11 @@ func (o AccountSettingsOutput) DefaultNamespace() pulumi.StringOutput { return o.ApplyT(func(v *AccountSettings) pulumi.StringOutput { return v.DefaultNamespace }).(pulumi.StringOutput) } +// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. +func (o AccountSettingsOutput) Region() pulumi.StringOutput { + return o.ApplyT(func(v *AccountSettings) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) +} + // A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted. func (o AccountSettingsOutput) TerminationProtectionEnabled() pulumi.BoolOutput { return o.ApplyT(func(v *AccountSettings) pulumi.BoolOutput { return v.TerminationProtectionEnabled }).(pulumi.BoolOutput) diff --git a/sdk/go/aws/route53/getZone.go b/sdk/go/aws/route53/getZone.go index 15d344a8e7c..6361b21f23c 100644 --- a/sdk/go/aws/route53/getZone.go +++ b/sdk/go/aws/route53/getZone.go @@ -57,6 +57,8 @@ import ( // } // // ``` +// +// The following example shows how to get a Hosted Zone from a unique combination of its tags: func LookupZone(ctx *pulumi.Context, args *LookupZoneArgs, opts ...pulumi.InvokeOption) (*LookupZoneResult, error) { opts = internal.PkgInvokeDefaultOpts(opts) var rv LookupZoneResult @@ -69,19 +71,20 @@ func LookupZone(ctx *pulumi.Context, args *LookupZoneArgs, opts ...pulumi.Invoke // A collection of arguments for invoking getZone. type LookupZoneArgs struct { - // Hosted Zone name of the desired Hosted Zone. + // Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. Name *string `pulumi:"name"` - // Used with `name` field to get a private Hosted Zone. + // Filter to only private Hosted Zones. PrivateZone *bool `pulumi:"privateZone"` - // Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + // A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + // + // The arguments of this data source act as filters for querying the available Hosted Zone. // - // The arguments of this data source act as filters for querying the available - // Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - // Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + // - The given filter must match exactly one Hosted Zone. Tags map[string]string `pulumi:"tags"` - // Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + // Filter to private Hosted Zones associated with the specified `vpcId`. VpcId *string `pulumi:"vpcId"` - // Hosted Zone id of the desired Hosted Zone. + // and `name` are mutually exclusive. + // - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. ZoneId *string `pulumi:"zoneId"` } @@ -111,7 +114,7 @@ type LookupZoneResult struct { ResourceRecordSetCount int `pulumi:"resourceRecordSetCount"` // A map of tags assigned to the Hosted Zone. Tags map[string]string `pulumi:"tags"` - VpcId string `pulumi:"vpcId"` + VpcId *string `pulumi:"vpcId"` // The Hosted Zone identifier. ZoneId string `pulumi:"zoneId"` } @@ -127,19 +130,20 @@ func LookupZoneOutput(ctx *pulumi.Context, args LookupZoneOutputArgs, opts ...pu // A collection of arguments for invoking getZone. type LookupZoneOutputArgs struct { - // Hosted Zone name of the desired Hosted Zone. + // Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. Name pulumi.StringPtrInput `pulumi:"name"` - // Used with `name` field to get a private Hosted Zone. + // Filter to only private Hosted Zones. PrivateZone pulumi.BoolPtrInput `pulumi:"privateZone"` - // Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + // A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + // + // The arguments of this data source act as filters for querying the available Hosted Zone. // - // The arguments of this data source act as filters for querying the available - // Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - // Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + // - The given filter must match exactly one Hosted Zone. Tags pulumi.StringMapInput `pulumi:"tags"` - // Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + // Filter to private Hosted Zones associated with the specified `vpcId`. VpcId pulumi.StringPtrInput `pulumi:"vpcId"` - // Hosted Zone id of the desired Hosted Zone. + // and `name` are mutually exclusive. + // - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. ZoneId pulumi.StringPtrInput `pulumi:"zoneId"` } @@ -222,8 +226,8 @@ func (o LookupZoneResultOutput) Tags() pulumi.StringMapOutput { return o.ApplyT(func(v LookupZoneResult) map[string]string { return v.Tags }).(pulumi.StringMapOutput) } -func (o LookupZoneResultOutput) VpcId() pulumi.StringOutput { - return o.ApplyT(func(v LookupZoneResult) string { return v.VpcId }).(pulumi.StringOutput) +func (o LookupZoneResultOutput) VpcId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupZoneResult) *string { return v.VpcId }).(pulumi.StringPtrOutput) } // The Hosted Zone identifier. diff --git a/sdk/go/aws/s3/bucketServerSideEncryptionConfiguration.go b/sdk/go/aws/s3/bucketServerSideEncryptionConfiguration.go index 67b0e61520b..57874143732 100644 --- a/sdk/go/aws/s3/bucketServerSideEncryptionConfiguration.go +++ b/sdk/go/aws/s3/bucketServerSideEncryptionConfiguration.go @@ -16,6 +16,8 @@ import ( // // > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). // +// > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). +// // ## Example Usage // // ```go @@ -64,6 +66,58 @@ import ( // // ``` // +// ### Blocking SSE-C Uploads +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms" +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// mykey, err := kms.NewKey(ctx, "mykey", &kms.KeyArgs{ +// Description: pulumi.String("This key is used to encrypt bucket objects"), +// DeletionWindowInDays: pulumi.Int(10), +// }) +// if err != nil { +// return err +// } +// mybucket, err := s3.NewBucket(ctx, "mybucket", &s3.BucketArgs{ +// Bucket: pulumi.String("mybucket"), +// }) +// if err != nil { +// return err +// } +// _, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, "example", &s3.BucketServerSideEncryptionConfigurationArgs{ +// Bucket: mybucket.ID(), +// Rules: s3.BucketServerSideEncryptionConfigurationRuleArray{ +// &s3.BucketServerSideEncryptionConfigurationRuleArgs{ +// ApplyServerSideEncryptionByDefault: &s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{ +// KmsMasterKeyId: mykey.Arn, +// SseAlgorithm: pulumi.String("aws:kms"), +// }, +// BucketKeyEnabled: pulumi.Bool(true), +// BlockedEncryptionTypes: pulumi.StringArray{ +// pulumi.String("SSE-C"), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // ### Identity Schema diff --git a/sdk/go/aws/s3/bucketServerSideEncryptionConfigurationV2.go b/sdk/go/aws/s3/bucketServerSideEncryptionConfigurationV2.go index 30101785812..09c4a4a01a8 100644 --- a/sdk/go/aws/s3/bucketServerSideEncryptionConfigurationV2.go +++ b/sdk/go/aws/s3/bucketServerSideEncryptionConfigurationV2.go @@ -16,6 +16,8 @@ import ( // // > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). // +// > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). +// // ## Example Usage // // ```go @@ -64,6 +66,58 @@ import ( // // ``` // +// ### Blocking SSE-C Uploads +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/kms" +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// mykey, err := kms.NewKey(ctx, "mykey", &kms.KeyArgs{ +// Description: pulumi.String("This key is used to encrypt bucket objects"), +// DeletionWindowInDays: pulumi.Int(10), +// }) +// if err != nil { +// return err +// } +// mybucket, err := s3.NewBucket(ctx, "mybucket", &s3.BucketArgs{ +// Bucket: pulumi.String("mybucket"), +// }) +// if err != nil { +// return err +// } +// _, err = s3.NewBucketServerSideEncryptionConfiguration(ctx, "example", &s3.BucketServerSideEncryptionConfigurationArgs{ +// Bucket: mybucket.ID(), +// Rules: s3.BucketServerSideEncryptionConfigurationRuleArray{ +// &s3.BucketServerSideEncryptionConfigurationRuleArgs{ +// ApplyServerSideEncryptionByDefault: &s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs{ +// KmsMasterKeyId: mykey.Arn, +// SseAlgorithm: pulumi.String("aws:kms"), +// }, +// BucketKeyEnabled: pulumi.Bool(true), +// BlockedEncryptionTypes: pulumi.StringArray{ +// pulumi.String("SSE-C"), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // ### Identity Schema diff --git a/sdk/go/aws/s3/pulumiTypes.go b/sdk/go/aws/s3/pulumiTypes.go index a9f7ea1553e..ce6f1a910f4 100644 --- a/sdk/go/aws/s3/pulumiTypes.go +++ b/sdk/go/aws/s3/pulumiTypes.go @@ -15540,6 +15540,8 @@ func (o BucketServerSideEncryptionConfigurationTypePtrOutput) Rule() BucketServe type BucketServerSideEncryptionConfigurationRule struct { // Single object for setting server-side encryption by default. See below. ApplyServerSideEncryptionByDefault *BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault `pulumi:"applyServerSideEncryptionByDefault"` + // List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + BlockedEncryptionTypes []string `pulumi:"blockedEncryptionTypes"` // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. BucketKeyEnabled *bool `pulumi:"bucketKeyEnabled"` } @@ -15558,6 +15560,8 @@ type BucketServerSideEncryptionConfigurationRuleInput interface { type BucketServerSideEncryptionConfigurationRuleArgs struct { // Single object for setting server-side encryption by default. See below. ApplyServerSideEncryptionByDefault BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultPtrInput `pulumi:"applyServerSideEncryptionByDefault"` + // List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + BlockedEncryptionTypes pulumi.StringArrayInput `pulumi:"blockedEncryptionTypes"` // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. BucketKeyEnabled pulumi.BoolPtrInput `pulumi:"bucketKeyEnabled"` } @@ -15671,6 +15675,11 @@ func (o BucketServerSideEncryptionConfigurationRuleOutput) ApplyServerSideEncryp }).(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultPtrOutput) } +// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. +func (o BucketServerSideEncryptionConfigurationRuleOutput) BlockedEncryptionTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v BucketServerSideEncryptionConfigurationRule) []string { return v.BlockedEncryptionTypes }).(pulumi.StringArrayOutput) +} + // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. func (o BucketServerSideEncryptionConfigurationRuleOutput) BucketKeyEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v BucketServerSideEncryptionConfigurationRule) *bool { return v.BucketKeyEnabled }).(pulumi.BoolPtrOutput) @@ -15710,6 +15719,16 @@ func (o BucketServerSideEncryptionConfigurationRulePtrOutput) ApplyServerSideEnc }).(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultPtrOutput) } +// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. +func (o BucketServerSideEncryptionConfigurationRulePtrOutput) BlockedEncryptionTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v *BucketServerSideEncryptionConfigurationRule) []string { + if v == nil { + return nil + } + return v.BlockedEncryptionTypes + }).(pulumi.StringArrayOutput) +} + // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. func (o BucketServerSideEncryptionConfigurationRulePtrOutput) BucketKeyEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *BucketServerSideEncryptionConfigurationRule) *bool { @@ -15903,6 +15922,8 @@ func (o BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDe type BucketServerSideEncryptionConfigurationV2Rule struct { // Single object for setting server-side encryption by default. See below. ApplyServerSideEncryptionByDefault *BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault `pulumi:"applyServerSideEncryptionByDefault"` + // List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + BlockedEncryptionTypes []string `pulumi:"blockedEncryptionTypes"` // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. BucketKeyEnabled *bool `pulumi:"bucketKeyEnabled"` } @@ -15921,6 +15942,8 @@ type BucketServerSideEncryptionConfigurationV2RuleInput interface { type BucketServerSideEncryptionConfigurationV2RuleArgs struct { // Single object for setting server-side encryption by default. See below. ApplyServerSideEncryptionByDefault BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultPtrInput `pulumi:"applyServerSideEncryptionByDefault"` + // List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + BlockedEncryptionTypes pulumi.StringArrayInput `pulumi:"blockedEncryptionTypes"` // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. BucketKeyEnabled pulumi.BoolPtrInput `pulumi:"bucketKeyEnabled"` } @@ -15983,6 +16006,11 @@ func (o BucketServerSideEncryptionConfigurationV2RuleOutput) ApplyServerSideEncr }).(BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultPtrOutput) } +// List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. +func (o BucketServerSideEncryptionConfigurationV2RuleOutput) BlockedEncryptionTypes() pulumi.StringArrayOutput { + return o.ApplyT(func(v BucketServerSideEncryptionConfigurationV2Rule) []string { return v.BlockedEncryptionTypes }).(pulumi.StringArrayOutput) +} + // Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. func (o BucketServerSideEncryptionConfigurationV2RuleOutput) BucketKeyEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v BucketServerSideEncryptionConfigurationV2Rule) *bool { return v.BucketKeyEnabled }).(pulumi.BoolPtrOutput) diff --git a/sdk/go/aws/sagemaker/model.go b/sdk/go/aws/sagemaker/model.go index 5ac898d85e0..04f8168d690 100644 --- a/sdk/go/aws/sagemaker/model.go +++ b/sdk/go/aws/sagemaker/model.go @@ -12,11 +12,11 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) -// Provides a SageMaker AI model resource. +// Manages an Amazon SageMaker AI Model. // // ## Example Usage // -// Basic usage: +// ### Basic Usage // // ```go // package main @@ -79,26 +79,17 @@ import ( // // ``` // -// ## Inference Execution Config -// -// * `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`. -// -// ### VPC Config -// -// * `securityGroupIds` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. -// * `subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model. -// // ## Import // // Using `pulumi import`, import models using the `name`. For example: // // ```sh -// $ pulumi import aws:sagemaker/model:Model test_model model-foo +// $ pulumi import aws:sagemaker/model:Model example model-foo // ``` type Model struct { pulumi.CustomResourceState - // The Amazon Resource Name (ARN) assigned by AWS to this model. + // Amazon Resource Name (ARN) assigned by AWS to this model. Arn pulumi.StringOutput `pulumi:"arn"` // Specifies containers in the inference pipeline. If not specified, the `primaryContainer` argument is required. Fields are documented below. Containers ModelContainerArrayOutput `pulumi:"containers"` @@ -108,9 +99,9 @@ type Model struct { ExecutionRoleArn pulumi.StringOutput `pulumi:"executionRoleArn"` // Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config. InferenceExecutionConfig ModelInferenceExecutionConfigOutput `pulumi:"inferenceExecutionConfig"` - // The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + // Name of the model (must be unique). If omitted, the provider will assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` - // The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + // Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. PrimaryContainer ModelPrimaryContainerPtrOutput `pulumi:"primaryContainer"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringOutput `pulumi:"region"` @@ -155,7 +146,7 @@ func GetModel(ctx *pulumi.Context, // Input properties used for looking up and filtering Model resources. type modelState struct { - // The Amazon Resource Name (ARN) assigned by AWS to this model. + // Amazon Resource Name (ARN) assigned by AWS to this model. Arn *string `pulumi:"arn"` // Specifies containers in the inference pipeline. If not specified, the `primaryContainer` argument is required. Fields are documented below. Containers []ModelContainer `pulumi:"containers"` @@ -165,9 +156,9 @@ type modelState struct { ExecutionRoleArn *string `pulumi:"executionRoleArn"` // Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config. InferenceExecutionConfig *ModelInferenceExecutionConfig `pulumi:"inferenceExecutionConfig"` - // The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + // Name of the model (must be unique). If omitted, the provider will assign a random, unique name. Name *string `pulumi:"name"` - // The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + // Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. PrimaryContainer *ModelPrimaryContainer `pulumi:"primaryContainer"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region *string `pulumi:"region"` @@ -180,7 +171,7 @@ type modelState struct { } type ModelState struct { - // The Amazon Resource Name (ARN) assigned by AWS to this model. + // Amazon Resource Name (ARN) assigned by AWS to this model. Arn pulumi.StringPtrInput // Specifies containers in the inference pipeline. If not specified, the `primaryContainer` argument is required. Fields are documented below. Containers ModelContainerArrayInput @@ -190,9 +181,9 @@ type ModelState struct { ExecutionRoleArn pulumi.StringPtrInput // Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config. InferenceExecutionConfig ModelInferenceExecutionConfigPtrInput - // The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + // Name of the model (must be unique). If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput - // The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + // Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. PrimaryContainer ModelPrimaryContainerPtrInput // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringPtrInput @@ -217,9 +208,9 @@ type modelArgs struct { ExecutionRoleArn string `pulumi:"executionRoleArn"` // Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config. InferenceExecutionConfig *ModelInferenceExecutionConfig `pulumi:"inferenceExecutionConfig"` - // The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + // Name of the model (must be unique). If omitted, the provider will assign a random, unique name. Name *string `pulumi:"name"` - // The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + // Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. PrimaryContainer *ModelPrimaryContainer `pulumi:"primaryContainer"` // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region *string `pulumi:"region"` @@ -239,9 +230,9 @@ type ModelArgs struct { ExecutionRoleArn pulumi.StringInput // Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config. InferenceExecutionConfig ModelInferenceExecutionConfigPtrInput - // The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + // Name of the model (must be unique). If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput - // The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + // Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. PrimaryContainer ModelPrimaryContainerPtrInput // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. Region pulumi.StringPtrInput @@ -338,7 +329,7 @@ func (o ModelOutput) ToModelOutputWithContext(ctx context.Context) ModelOutput { return o } -// The Amazon Resource Name (ARN) assigned by AWS to this model. +// Amazon Resource Name (ARN) assigned by AWS to this model. func (o ModelOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *Model) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } @@ -363,12 +354,12 @@ func (o ModelOutput) InferenceExecutionConfig() ModelInferenceExecutionConfigOut return o.ApplyT(func(v *Model) ModelInferenceExecutionConfigOutput { return v.InferenceExecutionConfig }).(ModelInferenceExecutionConfigOutput) } -// The name of the model (must be unique). If omitted, this provider will assign a random, unique name. +// Name of the model (must be unique). If omitted, the provider will assign a random, unique name. func (o ModelOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *Model) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } -// The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. +// Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. func (o ModelOutput) PrimaryContainer() ModelPrimaryContainerPtrOutput { return o.ApplyT(func(v *Model) ModelPrimaryContainerPtrOutput { return v.PrimaryContainer }).(ModelPrimaryContainerPtrOutput) } diff --git a/sdk/go/aws/sagemaker/pulumiTypes.go b/sdk/go/aws/sagemaker/pulumiTypes.go index 316753c178d..e186f6fd071 100644 --- a/sdk/go/aws/sagemaker/pulumiTypes.go +++ b/sdk/go/aws/sagemaker/pulumiTypes.go @@ -23931,24 +23931,26 @@ func (o HumanTaskUIUiTemplatePtrOutput) Url() pulumi.StringPtrOutput { } type ModelContainer struct { - // The DNS host name for the container. + // Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + AdditionalModelDataSources []ModelContainerAdditionalModelDataSource `pulumi:"additionalModelDataSources"` + // DNS host name for the container. ContainerHostname *string `pulumi:"containerHostname"` // Environment variables for the Docker container. - // A list of key value pairs. Environment map[string]string `pulumi:"environment"` - // The registry path where the inference code image is stored in Amazon ECR. + // Registry path where the inference code image is stored in Amazon ECR. Image *string `pulumi:"image"` // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config. ImageConfig *ModelContainerImageConfig `pulumi:"imageConfig"` - // The inference specification name in the model package version. + // Inference specification name in the model package version. InferenceSpecificationName *string `pulumi:"inferenceSpecificationName"` - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + // Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. Mode *string `pulumi:"mode"` - // The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + // Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. ModelDataSource *ModelContainerModelDataSource `pulumi:"modelDataSource"` - // The URL for the S3 location where model artifacts are stored. + // URL for the S3 location where model artifacts are stored. ModelDataUrl *string `pulumi:"modelDataUrl"` - // The Amazon Resource Name (ARN) of the model package to use to create the model. + // Amazon Resource Name (ARN) of the model package to use to create the model. + // A list of key value pairs. ModelPackageName *string `pulumi:"modelPackageName"` // Specifies additional configuration for multi-model endpoints. see Multi Model Config. MultiModelConfig *ModelContainerMultiModelConfig `pulumi:"multiModelConfig"` @@ -23966,24 +23968,26 @@ type ModelContainerInput interface { } type ModelContainerArgs struct { - // The DNS host name for the container. + // Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + AdditionalModelDataSources ModelContainerAdditionalModelDataSourceArrayInput `pulumi:"additionalModelDataSources"` + // DNS host name for the container. ContainerHostname pulumi.StringPtrInput `pulumi:"containerHostname"` // Environment variables for the Docker container. - // A list of key value pairs. Environment pulumi.StringMapInput `pulumi:"environment"` - // The registry path where the inference code image is stored in Amazon ECR. + // Registry path where the inference code image is stored in Amazon ECR. Image pulumi.StringPtrInput `pulumi:"image"` // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config. ImageConfig ModelContainerImageConfigPtrInput `pulumi:"imageConfig"` - // The inference specification name in the model package version. + // Inference specification name in the model package version. InferenceSpecificationName pulumi.StringPtrInput `pulumi:"inferenceSpecificationName"` - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + // Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. Mode pulumi.StringPtrInput `pulumi:"mode"` - // The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + // Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. ModelDataSource ModelContainerModelDataSourcePtrInput `pulumi:"modelDataSource"` - // The URL for the S3 location where model artifacts are stored. + // URL for the S3 location where model artifacts are stored. ModelDataUrl pulumi.StringPtrInput `pulumi:"modelDataUrl"` - // The Amazon Resource Name (ARN) of the model package to use to create the model. + // Amazon Resource Name (ARN) of the model package to use to create the model. + // A list of key value pairs. ModelPackageName pulumi.StringPtrInput `pulumi:"modelPackageName"` // Specifies additional configuration for multi-model endpoints. see Multi Model Config. MultiModelConfig ModelContainerMultiModelConfigPtrInput `pulumi:"multiModelConfig"` @@ -24040,18 +24044,22 @@ func (o ModelContainerOutput) ToModelContainerOutputWithContext(ctx context.Cont return o } -// The DNS host name for the container. +// Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. +func (o ModelContainerOutput) AdditionalModelDataSources() ModelContainerAdditionalModelDataSourceArrayOutput { + return o.ApplyT(func(v ModelContainer) []ModelContainerAdditionalModelDataSource { return v.AdditionalModelDataSources }).(ModelContainerAdditionalModelDataSourceArrayOutput) +} + +// DNS host name for the container. func (o ModelContainerOutput) ContainerHostname() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.ContainerHostname }).(pulumi.StringPtrOutput) } // Environment variables for the Docker container. -// A list of key value pairs. func (o ModelContainerOutput) Environment() pulumi.StringMapOutput { return o.ApplyT(func(v ModelContainer) map[string]string { return v.Environment }).(pulumi.StringMapOutput) } -// The registry path where the inference code image is stored in Amazon ECR. +// Registry path where the inference code image is stored in Amazon ECR. func (o ModelContainerOutput) Image() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.Image }).(pulumi.StringPtrOutput) } @@ -24061,27 +24069,28 @@ func (o ModelContainerOutput) ImageConfig() ModelContainerImageConfigPtrOutput { return o.ApplyT(func(v ModelContainer) *ModelContainerImageConfig { return v.ImageConfig }).(ModelContainerImageConfigPtrOutput) } -// The inference specification name in the model package version. +// Inference specification name in the model package version. func (o ModelContainerOutput) InferenceSpecificationName() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.InferenceSpecificationName }).(pulumi.StringPtrOutput) } -// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. +// Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. func (o ModelContainerOutput) Mode() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.Mode }).(pulumi.StringPtrOutput) } -// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. +// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. func (o ModelContainerOutput) ModelDataSource() ModelContainerModelDataSourcePtrOutput { return o.ApplyT(func(v ModelContainer) *ModelContainerModelDataSource { return v.ModelDataSource }).(ModelContainerModelDataSourcePtrOutput) } -// The URL for the S3 location where model artifacts are stored. +// URL for the S3 location where model artifacts are stored. func (o ModelContainerOutput) ModelDataUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.ModelDataUrl }).(pulumi.StringPtrOutput) } -// The Amazon Resource Name (ARN) of the model package to use to create the model. +// Amazon Resource Name (ARN) of the model package to use to create the model. +// A list of key value pairs. func (o ModelContainerOutput) ModelPackageName() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelContainer) *string { return v.ModelPackageName }).(pulumi.StringPtrOutput) } @@ -24111,6 +24120,377 @@ func (o ModelContainerArrayOutput) Index(i pulumi.IntInput) ModelContainerOutput }).(ModelContainerOutput) } +type ModelContainerAdditionalModelDataSource struct { + // Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. + ChannelName string `pulumi:"channelName"` + // S3 location of model data to deploy. See S3 Data Source. + S3DataSources []ModelContainerAdditionalModelDataSourceS3DataSource `pulumi:"s3DataSources"` +} + +// ModelContainerAdditionalModelDataSourceInput is an input type that accepts ModelContainerAdditionalModelDataSourceArgs and ModelContainerAdditionalModelDataSourceOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceInput` via: +// +// ModelContainerAdditionalModelDataSourceArgs{...} +type ModelContainerAdditionalModelDataSourceInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceOutput() ModelContainerAdditionalModelDataSourceOutput + ToModelContainerAdditionalModelDataSourceOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceOutput +} + +type ModelContainerAdditionalModelDataSourceArgs struct { + // Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. + ChannelName pulumi.StringInput `pulumi:"channelName"` + // S3 location of model data to deploy. See S3 Data Source. + S3DataSources ModelContainerAdditionalModelDataSourceS3DataSourceArrayInput `pulumi:"s3DataSources"` +} + +func (ModelContainerAdditionalModelDataSourceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (i ModelContainerAdditionalModelDataSourceArgs) ToModelContainerAdditionalModelDataSourceOutput() ModelContainerAdditionalModelDataSourceOutput { + return i.ToModelContainerAdditionalModelDataSourceOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceArgs) ToModelContainerAdditionalModelDataSourceOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceOutput) +} + +// ModelContainerAdditionalModelDataSourceArrayInput is an input type that accepts ModelContainerAdditionalModelDataSourceArray and ModelContainerAdditionalModelDataSourceArrayOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceArrayInput` via: +// +// ModelContainerAdditionalModelDataSourceArray{ ModelContainerAdditionalModelDataSourceArgs{...} } +type ModelContainerAdditionalModelDataSourceArrayInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceArrayOutput() ModelContainerAdditionalModelDataSourceArrayOutput + ToModelContainerAdditionalModelDataSourceArrayOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceArrayOutput +} + +type ModelContainerAdditionalModelDataSourceArray []ModelContainerAdditionalModelDataSourceInput + +func (ModelContainerAdditionalModelDataSourceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (i ModelContainerAdditionalModelDataSourceArray) ToModelContainerAdditionalModelDataSourceArrayOutput() ModelContainerAdditionalModelDataSourceArrayOutput { + return i.ToModelContainerAdditionalModelDataSourceArrayOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceArray) ToModelContainerAdditionalModelDataSourceArrayOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceArrayOutput) +} + +type ModelContainerAdditionalModelDataSourceOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceOutput) ToModelContainerAdditionalModelDataSourceOutput() ModelContainerAdditionalModelDataSourceOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceOutput) ToModelContainerAdditionalModelDataSourceOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceOutput { + return o +} + +// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. +func (o ModelContainerAdditionalModelDataSourceOutput) ChannelName() pulumi.StringOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSource) string { return v.ChannelName }).(pulumi.StringOutput) +} + +// S3 location of model data to deploy. See S3 Data Source. +func (o ModelContainerAdditionalModelDataSourceOutput) S3DataSources() ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSource) []ModelContainerAdditionalModelDataSourceS3DataSource { + return v.S3DataSources + }).(ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) +} + +type ModelContainerAdditionalModelDataSourceArrayOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceArrayOutput) ToModelContainerAdditionalModelDataSourceArrayOutput() ModelContainerAdditionalModelDataSourceArrayOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceArrayOutput) ToModelContainerAdditionalModelDataSourceArrayOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceArrayOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceArrayOutput) Index(i pulumi.IntInput) ModelContainerAdditionalModelDataSourceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ModelContainerAdditionalModelDataSource { + return vs[0].([]ModelContainerAdditionalModelDataSource)[vs[1].(int)] + }).(ModelContainerAdditionalModelDataSourceOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSource struct { + // How the model data is prepared. Allowed values are: `None` and `Gzip`. + CompressionType string `pulumi:"compressionType"` + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + ModelAccessConfig *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig `pulumi:"modelAccessConfig"` + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + S3DataType string `pulumi:"s3DataType"` + // The S3 path of model data to deploy. + S3Uri string `pulumi:"s3Uri"` +} + +// ModelContainerAdditionalModelDataSourceS3DataSourceInput is an input type that accepts ModelContainerAdditionalModelDataSourceS3DataSourceArgs and ModelContainerAdditionalModelDataSourceS3DataSourceOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceS3DataSourceInput` via: +// +// ModelContainerAdditionalModelDataSourceS3DataSourceArgs{...} +type ModelContainerAdditionalModelDataSourceS3DataSourceInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceS3DataSourceOutput() ModelContainerAdditionalModelDataSourceS3DataSourceOutput + ToModelContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceOutput +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceArgs struct { + // How the model data is prepared. Allowed values are: `None` and `Gzip`. + CompressionType pulumi.StringInput `pulumi:"compressionType"` + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + ModelAccessConfig ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput `pulumi:"modelAccessConfig"` + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + S3DataType pulumi.StringInput `pulumi:"s3DataType"` + // The S3 path of model data to deploy. + S3Uri pulumi.StringInput `pulumi:"s3Uri"` +} + +func (ModelContainerAdditionalModelDataSourceS3DataSourceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceOutput() ModelContainerAdditionalModelDataSourceS3DataSourceOutput { + return i.ToModelContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceS3DataSourceOutput) +} + +// ModelContainerAdditionalModelDataSourceS3DataSourceArrayInput is an input type that accepts ModelContainerAdditionalModelDataSourceS3DataSourceArray and ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceS3DataSourceArrayInput` via: +// +// ModelContainerAdditionalModelDataSourceS3DataSourceArray{ ModelContainerAdditionalModelDataSourceS3DataSourceArgs{...} } +type ModelContainerAdditionalModelDataSourceS3DataSourceArrayInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput + ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceArray []ModelContainerAdditionalModelDataSourceS3DataSourceInput + +func (ModelContainerAdditionalModelDataSourceS3DataSourceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceArray) ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return i.ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceArray) ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceS3DataSourceOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceOutput() ModelContainerAdditionalModelDataSourceS3DataSourceOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceOutput { + return o +} + +// How the model data is prepared. Allowed values are: `None` and `Gzip`. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) CompressionType() pulumi.StringOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSourceS3DataSource) string { return v.CompressionType }).(pulumi.StringOutput) +} + +// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) ModelAccessConfig() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSourceS3DataSource) *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + return v.ModelAccessConfig + }).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) S3DataType() pulumi.StringOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSourceS3DataSource) string { return v.S3DataType }).(pulumi.StringOutput) +} + +// The S3 path of model data to deploy. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceOutput) S3Uri() pulumi.StringOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSourceS3DataSource) string { return v.S3Uri }).(pulumi.StringOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput) Index(i pulumi.IntInput) ModelContainerAdditionalModelDataSourceS3DataSourceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ModelContainerAdditionalModelDataSourceS3DataSource { + return vs[0].([]ModelContainerAdditionalModelDataSourceS3DataSource)[vs[1].(int)] + }).(ModelContainerAdditionalModelDataSourceS3DataSourceOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig struct { + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + AcceptEula bool `pulumi:"acceptEula"` +} + +// ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput is an input type that accepts ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs and ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput` via: +// +// ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{...} +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput + ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs struct { + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + AcceptEula pulumi.BoolInput `pulumi:"acceptEula"` +} + +func (ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return i.ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return i.ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput).ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx) +} + +// ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput is an input type that accepts ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs, ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtr and ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput values. +// You can construct a concrete instance of `ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput` via: +// +// ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{...} +// +// or: +// +// nil +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput interface { + pulumi.Input + + ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput + ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput +} + +type modelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs + +func ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtr(v *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput { + return (*modelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType)(v) +} + +func (*modelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (i *modelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return i.ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *modelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + return &v + }).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) AcceptEula() pulumi.BoolOutput { + return o.ApplyT(func(v ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) bool { return v.AcceptEula }).(pulumi.BoolOutput) +} + +type ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ToModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o +} + +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) Elem() ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o.ApplyT(func(v *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + if v != nil { + return *v + } + var ret ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig + return ret + }).(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) +} + +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +func (o ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) AcceptEula() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) *bool { + if v == nil { + return nil + } + return &v.AcceptEula + }).(pulumi.BoolPtrOutput) +} + type ModelContainerImageConfig struct { // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`. RepositoryAccessMode string `pulumi:"repositoryAccessMode"` @@ -24270,7 +24650,7 @@ func (o ModelContainerImageConfigPtrOutput) RepositoryAuthConfig() ModelContaine } type ModelContainerImageConfigRepositoryAuthConfig struct { - // The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + // Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. RepositoryCredentialsProviderArn string `pulumi:"repositoryCredentialsProviderArn"` } @@ -24286,7 +24666,7 @@ type ModelContainerImageConfigRepositoryAuthConfigInput interface { } type ModelContainerImageConfigRepositoryAuthConfigArgs struct { - // The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + // Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. RepositoryCredentialsProviderArn pulumi.StringInput `pulumi:"repositoryCredentialsProviderArn"` } @@ -24367,7 +24747,7 @@ func (o ModelContainerImageConfigRepositoryAuthConfigOutput) ToModelContainerIma }).(ModelContainerImageConfigRepositoryAuthConfigPtrOutput) } -// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. +// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. func (o ModelContainerImageConfigRepositoryAuthConfigOutput) RepositoryCredentialsProviderArn() pulumi.StringOutput { return o.ApplyT(func(v ModelContainerImageConfigRepositoryAuthConfig) string { return v.RepositoryCredentialsProviderArn @@ -24398,7 +24778,7 @@ func (o ModelContainerImageConfigRepositoryAuthConfigPtrOutput) Elem() ModelCont }).(ModelContainerImageConfigRepositoryAuthConfigOutput) } -// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. +// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. func (o ModelContainerImageConfigRepositoryAuthConfigPtrOutput) RepositoryCredentialsProviderArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelContainerImageConfigRepositoryAuthConfig) *string { if v == nil { @@ -24409,7 +24789,7 @@ func (o ModelContainerImageConfigRepositoryAuthConfigPtrOutput) RepositoryCreden } type ModelContainerModelDataSource struct { - // The S3 location of model data to deploy. + // S3 location of model data to deploy. See S3 Data Source. S3DataSources []ModelContainerModelDataSourceS3DataSource `pulumi:"s3DataSources"` } @@ -24425,7 +24805,7 @@ type ModelContainerModelDataSourceInput interface { } type ModelContainerModelDataSourceArgs struct { - // The S3 location of model data to deploy. + // S3 location of model data to deploy. See S3 Data Source. S3DataSources ModelContainerModelDataSourceS3DataSourceArrayInput `pulumi:"s3DataSources"` } @@ -24506,7 +24886,7 @@ func (o ModelContainerModelDataSourceOutput) ToModelContainerModelDataSourcePtrO }).(ModelContainerModelDataSourcePtrOutput) } -// The S3 location of model data to deploy. +// S3 location of model data to deploy. See S3 Data Source. func (o ModelContainerModelDataSourceOutput) S3DataSources() ModelContainerModelDataSourceS3DataSourceArrayOutput { return o.ApplyT(func(v ModelContainerModelDataSource) []ModelContainerModelDataSourceS3DataSource { return v.S3DataSources @@ -24537,7 +24917,7 @@ func (o ModelContainerModelDataSourcePtrOutput) Elem() ModelContainerModelDataSo }).(ModelContainerModelDataSourceOutput) } -// The S3 location of model data to deploy. +// S3 location of model data to deploy. See S3 Data Source. func (o ModelContainerModelDataSourcePtrOutput) S3DataSources() ModelContainerModelDataSourceS3DataSourceArrayOutput { return o.ApplyT(func(v *ModelContainerModelDataSource) []ModelContainerModelDataSourceS3DataSource { if v == nil { @@ -24550,9 +24930,9 @@ func (o ModelContainerModelDataSourcePtrOutput) S3DataSources() ModelContainerMo type ModelContainerModelDataSourceS3DataSource struct { // How the model data is prepared. Allowed values are: `None` and `Gzip`. CompressionType string `pulumi:"compressionType"` - // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. ModelAccessConfig *ModelContainerModelDataSourceS3DataSourceModelAccessConfig `pulumi:"modelAccessConfig"` - // The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. S3DataType string `pulumi:"s3DataType"` // The S3 path of model data to deploy. S3Uri string `pulumi:"s3Uri"` @@ -24572,9 +24952,9 @@ type ModelContainerModelDataSourceS3DataSourceInput interface { type ModelContainerModelDataSourceS3DataSourceArgs struct { // How the model data is prepared. Allowed values are: `None` and `Gzip`. CompressionType pulumi.StringInput `pulumi:"compressionType"` - // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. ModelAccessConfig ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrInput `pulumi:"modelAccessConfig"` - // The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. S3DataType pulumi.StringInput `pulumi:"s3DataType"` // The S3 path of model data to deploy. S3Uri pulumi.StringInput `pulumi:"s3Uri"` @@ -24636,14 +25016,14 @@ func (o ModelContainerModelDataSourceS3DataSourceOutput) CompressionType() pulum return o.ApplyT(func(v ModelContainerModelDataSourceS3DataSource) string { return v.CompressionType }).(pulumi.StringOutput) } -// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. +// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. func (o ModelContainerModelDataSourceS3DataSourceOutput) ModelAccessConfig() ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput { return o.ApplyT(func(v ModelContainerModelDataSourceS3DataSource) *ModelContainerModelDataSourceS3DataSourceModelAccessConfig { return v.ModelAccessConfig }).(ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) } -// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. +// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. func (o ModelContainerModelDataSourceS3DataSourceOutput) S3DataType() pulumi.StringOutput { return o.ApplyT(func(v ModelContainerModelDataSourceS3DataSource) string { return v.S3DataType }).(pulumi.StringOutput) } @@ -24674,7 +25054,7 @@ func (o ModelContainerModelDataSourceS3DataSourceArrayOutput) Index(i pulumi.Int } type ModelContainerModelDataSourceS3DataSourceModelAccessConfig struct { - // Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. AcceptEula bool `pulumi:"acceptEula"` } @@ -24690,7 +25070,7 @@ type ModelContainerModelDataSourceS3DataSourceModelAccessConfigInput interface { } type ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs struct { - // Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. AcceptEula pulumi.BoolInput `pulumi:"acceptEula"` } @@ -24771,7 +25151,7 @@ func (o ModelContainerModelDataSourceS3DataSourceModelAccessConfigOutput) ToMode }).(ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) } -// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. func (o ModelContainerModelDataSourceS3DataSourceModelAccessConfigOutput) AcceptEula() pulumi.BoolOutput { return o.ApplyT(func(v ModelContainerModelDataSourceS3DataSourceModelAccessConfig) bool { return v.AcceptEula }).(pulumi.BoolOutput) } @@ -24800,7 +25180,7 @@ func (o ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) Ele }).(ModelContainerModelDataSourceS3DataSourceModelAccessConfigOutput) } -// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. func (o ModelContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) AcceptEula() pulumi.BoolPtrOutput { return o.ApplyT(func(v *ModelContainerModelDataSourceS3DataSourceModelAccessConfig) *bool { if v == nil { @@ -24948,7 +25328,7 @@ func (o ModelContainerMultiModelConfigPtrOutput) ModelCacheSetting() pulumi.Stri } type ModelInferenceExecutionConfig struct { - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + // How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. Mode string `pulumi:"mode"` } @@ -24964,7 +25344,7 @@ type ModelInferenceExecutionConfigInput interface { } type ModelInferenceExecutionConfigArgs struct { - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + // How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. Mode pulumi.StringInput `pulumi:"mode"` } @@ -25045,7 +25425,7 @@ func (o ModelInferenceExecutionConfigOutput) ToModelInferenceExecutionConfigPtrO }).(ModelInferenceExecutionConfigPtrOutput) } -// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. +// How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. func (o ModelInferenceExecutionConfigOutput) Mode() pulumi.StringOutput { return o.ApplyT(func(v ModelInferenceExecutionConfig) string { return v.Mode }).(pulumi.StringOutput) } @@ -25074,7 +25454,7 @@ func (o ModelInferenceExecutionConfigPtrOutput) Elem() ModelInferenceExecutionCo }).(ModelInferenceExecutionConfigOutput) } -// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. +// How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. func (o ModelInferenceExecutionConfigPtrOutput) Mode() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelInferenceExecutionConfig) *string { if v == nil { @@ -25085,24 +25465,25 @@ func (o ModelInferenceExecutionConfigPtrOutput) Mode() pulumi.StringPtrOutput { } type ModelPrimaryContainer struct { - // The DNS host name for the container. + // Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + AdditionalModelDataSources []ModelPrimaryContainerAdditionalModelDataSource `pulumi:"additionalModelDataSources"` + // DNS host name for the container. ContainerHostname *string `pulumi:"containerHostname"` // Environment variables for the Docker container. - // A list of key value pairs. Environment map[string]string `pulumi:"environment"` - // The registry path where the inference code image is stored in Amazon ECR. + // Registry path where the inference code image is stored in Amazon ECR. Image *string `pulumi:"image"` // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config. ImageConfig *ModelPrimaryContainerImageConfig `pulumi:"imageConfig"` - // The inference specification name in the model package version. + // Inference specification name in the model package version. InferenceSpecificationName *string `pulumi:"inferenceSpecificationName"` - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - Mode *string `pulumi:"mode"` - // The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + Mode *string `pulumi:"mode"` + // Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. ModelDataSource *ModelPrimaryContainerModelDataSource `pulumi:"modelDataSource"` - // The URL for the S3 location where model artifacts are stored. + // URL for the S3 location where model artifacts are stored. ModelDataUrl *string `pulumi:"modelDataUrl"` - // The Amazon Resource Name (ARN) of the model package to use to create the model. + // Amazon Resource Name (ARN) of the model package to use to create the model. + // A list of key value pairs. ModelPackageName *string `pulumi:"modelPackageName"` // Specifies additional configuration for multi-model endpoints. see Multi Model Config. MultiModelConfig *ModelPrimaryContainerMultiModelConfig `pulumi:"multiModelConfig"` @@ -25120,24 +25501,25 @@ type ModelPrimaryContainerInput interface { } type ModelPrimaryContainerArgs struct { - // The DNS host name for the container. + // Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + AdditionalModelDataSources ModelPrimaryContainerAdditionalModelDataSourceArrayInput `pulumi:"additionalModelDataSources"` + // DNS host name for the container. ContainerHostname pulumi.StringPtrInput `pulumi:"containerHostname"` // Environment variables for the Docker container. - // A list of key value pairs. Environment pulumi.StringMapInput `pulumi:"environment"` - // The registry path where the inference code image is stored in Amazon ECR. + // Registry path where the inference code image is stored in Amazon ECR. Image pulumi.StringPtrInput `pulumi:"image"` // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config. ImageConfig ModelPrimaryContainerImageConfigPtrInput `pulumi:"imageConfig"` - // The inference specification name in the model package version. + // Inference specification name in the model package version. InferenceSpecificationName pulumi.StringPtrInput `pulumi:"inferenceSpecificationName"` - // The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - Mode pulumi.StringPtrInput `pulumi:"mode"` - // The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + Mode pulumi.StringPtrInput `pulumi:"mode"` + // Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. ModelDataSource ModelPrimaryContainerModelDataSourcePtrInput `pulumi:"modelDataSource"` - // The URL for the S3 location where model artifacts are stored. + // URL for the S3 location where model artifacts are stored. ModelDataUrl pulumi.StringPtrInput `pulumi:"modelDataUrl"` - // The Amazon Resource Name (ARN) of the model package to use to create the model. + // Amazon Resource Name (ARN) of the model package to use to create the model. + // A list of key value pairs. ModelPackageName pulumi.StringPtrInput `pulumi:"modelPackageName"` // Specifies additional configuration for multi-model endpoints. see Multi Model Config. MultiModelConfig ModelPrimaryContainerMultiModelConfigPtrInput `pulumi:"multiModelConfig"` @@ -25220,18 +25602,24 @@ func (o ModelPrimaryContainerOutput) ToModelPrimaryContainerPtrOutputWithContext }).(ModelPrimaryContainerPtrOutput) } -// The DNS host name for the container. +// Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. +func (o ModelPrimaryContainerOutput) AdditionalModelDataSources() ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return o.ApplyT(func(v ModelPrimaryContainer) []ModelPrimaryContainerAdditionalModelDataSource { + return v.AdditionalModelDataSources + }).(ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) +} + +// DNS host name for the container. func (o ModelPrimaryContainerOutput) ContainerHostname() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.ContainerHostname }).(pulumi.StringPtrOutput) } // Environment variables for the Docker container. -// A list of key value pairs. func (o ModelPrimaryContainerOutput) Environment() pulumi.StringMapOutput { return o.ApplyT(func(v ModelPrimaryContainer) map[string]string { return v.Environment }).(pulumi.StringMapOutput) } -// The registry path where the inference code image is stored in Amazon ECR. +// Registry path where the inference code image is stored in Amazon ECR. func (o ModelPrimaryContainerOutput) Image() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.Image }).(pulumi.StringPtrOutput) } @@ -25241,27 +25629,27 @@ func (o ModelPrimaryContainerOutput) ImageConfig() ModelPrimaryContainerImageCon return o.ApplyT(func(v ModelPrimaryContainer) *ModelPrimaryContainerImageConfig { return v.ImageConfig }).(ModelPrimaryContainerImageConfigPtrOutput) } -// The inference specification name in the model package version. +// Inference specification name in the model package version. func (o ModelPrimaryContainerOutput) InferenceSpecificationName() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.InferenceSpecificationName }).(pulumi.StringPtrOutput) } -// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. func (o ModelPrimaryContainerOutput) Mode() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.Mode }).(pulumi.StringPtrOutput) } -// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. +// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. func (o ModelPrimaryContainerOutput) ModelDataSource() ModelPrimaryContainerModelDataSourcePtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *ModelPrimaryContainerModelDataSource { return v.ModelDataSource }).(ModelPrimaryContainerModelDataSourcePtrOutput) } -// The URL for the S3 location where model artifacts are stored. +// URL for the S3 location where model artifacts are stored. func (o ModelPrimaryContainerOutput) ModelDataUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.ModelDataUrl }).(pulumi.StringPtrOutput) } -// The Amazon Resource Name (ARN) of the model package to use to create the model. +// Amazon Resource Name (ARN) of the model package to use to create the model. +// A list of key value pairs. func (o ModelPrimaryContainerOutput) ModelPackageName() pulumi.StringPtrOutput { return o.ApplyT(func(v ModelPrimaryContainer) *string { return v.ModelPackageName }).(pulumi.StringPtrOutput) } @@ -25295,7 +25683,17 @@ func (o ModelPrimaryContainerPtrOutput) Elem() ModelPrimaryContainerOutput { }).(ModelPrimaryContainerOutput) } -// The DNS host name for the container. +// Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. +func (o ModelPrimaryContainerPtrOutput) AdditionalModelDataSources() ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return o.ApplyT(func(v *ModelPrimaryContainer) []ModelPrimaryContainerAdditionalModelDataSource { + if v == nil { + return nil + } + return v.AdditionalModelDataSources + }).(ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) +} + +// DNS host name for the container. func (o ModelPrimaryContainerPtrOutput) ContainerHostname() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25306,7 +25704,6 @@ func (o ModelPrimaryContainerPtrOutput) ContainerHostname() pulumi.StringPtrOutp } // Environment variables for the Docker container. -// A list of key value pairs. func (o ModelPrimaryContainerPtrOutput) Environment() pulumi.StringMapOutput { return o.ApplyT(func(v *ModelPrimaryContainer) map[string]string { if v == nil { @@ -25316,7 +25713,7 @@ func (o ModelPrimaryContainerPtrOutput) Environment() pulumi.StringMapOutput { }).(pulumi.StringMapOutput) } -// The registry path where the inference code image is stored in Amazon ECR. +// Registry path where the inference code image is stored in Amazon ECR. func (o ModelPrimaryContainerPtrOutput) Image() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25336,7 +25733,7 @@ func (o ModelPrimaryContainerPtrOutput) ImageConfig() ModelPrimaryContainerImage }).(ModelPrimaryContainerImageConfigPtrOutput) } -// The inference specification name in the model package version. +// Inference specification name in the model package version. func (o ModelPrimaryContainerPtrOutput) InferenceSpecificationName() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25346,7 +25743,6 @@ func (o ModelPrimaryContainerPtrOutput) InferenceSpecificationName() pulumi.Stri }).(pulumi.StringPtrOutput) } -// The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. func (o ModelPrimaryContainerPtrOutput) Mode() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25356,7 +25752,7 @@ func (o ModelPrimaryContainerPtrOutput) Mode() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } -// The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. +// Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. func (o ModelPrimaryContainerPtrOutput) ModelDataSource() ModelPrimaryContainerModelDataSourcePtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *ModelPrimaryContainerModelDataSource { if v == nil { @@ -25366,7 +25762,7 @@ func (o ModelPrimaryContainerPtrOutput) ModelDataSource() ModelPrimaryContainerM }).(ModelPrimaryContainerModelDataSourcePtrOutput) } -// The URL for the S3 location where model artifacts are stored. +// URL for the S3 location where model artifacts are stored. func (o ModelPrimaryContainerPtrOutput) ModelDataUrl() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25376,7 +25772,8 @@ func (o ModelPrimaryContainerPtrOutput) ModelDataUrl() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } -// The Amazon Resource Name (ARN) of the model package to use to create the model. +// Amazon Resource Name (ARN) of the model package to use to create the model. +// A list of key value pairs. func (o ModelPrimaryContainerPtrOutput) ModelPackageName() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainer) *string { if v == nil { @@ -25396,6 +25793,379 @@ func (o ModelPrimaryContainerPtrOutput) MultiModelConfig() ModelPrimaryContainer }).(ModelPrimaryContainerMultiModelConfigPtrOutput) } +type ModelPrimaryContainerAdditionalModelDataSource struct { + // Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. + ChannelName string `pulumi:"channelName"` + // S3 location of model data to deploy. See S3 Data Source. + S3DataSources []ModelPrimaryContainerAdditionalModelDataSourceS3DataSource `pulumi:"s3DataSources"` +} + +// ModelPrimaryContainerAdditionalModelDataSourceInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceArgs and ModelPrimaryContainerAdditionalModelDataSourceOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceArgs{...} +type ModelPrimaryContainerAdditionalModelDataSourceInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceOutput + ToModelPrimaryContainerAdditionalModelDataSourceOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceOutput +} + +type ModelPrimaryContainerAdditionalModelDataSourceArgs struct { + // Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. + ChannelName pulumi.StringInput `pulumi:"channelName"` + // S3 location of model data to deploy. See S3 Data Source. + S3DataSources ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayInput `pulumi:"s3DataSources"` +} + +func (ModelPrimaryContainerAdditionalModelDataSourceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceArgs) ToModelPrimaryContainerAdditionalModelDataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceArgs) ToModelPrimaryContainerAdditionalModelDataSourceOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceOutput) +} + +// ModelPrimaryContainerAdditionalModelDataSourceArrayInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceArray and ModelPrimaryContainerAdditionalModelDataSourceArrayOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceArrayInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceArray{ ModelPrimaryContainerAdditionalModelDataSourceArgs{...} } +type ModelPrimaryContainerAdditionalModelDataSourceArrayInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceArrayOutput + ToModelPrimaryContainerAdditionalModelDataSourceArrayOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceArrayOutput +} + +type ModelPrimaryContainerAdditionalModelDataSourceArray []ModelPrimaryContainerAdditionalModelDataSourceInput + +func (ModelPrimaryContainerAdditionalModelDataSourceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelPrimaryContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceArray) ToModelPrimaryContainerAdditionalModelDataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceArrayOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceArray) ToModelPrimaryContainerAdditionalModelDataSourceArrayOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceOutput) ToModelPrimaryContainerAdditionalModelDataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceOutput) ToModelPrimaryContainerAdditionalModelDataSourceOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceOutput { + return o +} + +// Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`. +func (o ModelPrimaryContainerAdditionalModelDataSourceOutput) ChannelName() pulumi.StringOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSource) string { return v.ChannelName }).(pulumi.StringOutput) +} + +// S3 location of model data to deploy. See S3 Data Source. +func (o ModelPrimaryContainerAdditionalModelDataSourceOutput) S3DataSources() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSource) []ModelPrimaryContainerAdditionalModelDataSourceS3DataSource { + return v.S3DataSources + }).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceArrayOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelPrimaryContainerAdditionalModelDataSource)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) ToModelPrimaryContainerAdditionalModelDataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) ToModelPrimaryContainerAdditionalModelDataSourceArrayOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceArrayOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceArrayOutput) Index(i pulumi.IntInput) ModelPrimaryContainerAdditionalModelDataSourceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ModelPrimaryContainerAdditionalModelDataSource { + return vs[0].([]ModelPrimaryContainerAdditionalModelDataSource)[vs[1].(int)] + }).(ModelPrimaryContainerAdditionalModelDataSourceOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSource struct { + // How the model data is prepared. Allowed values are: `None` and `Gzip`. + CompressionType string `pulumi:"compressionType"` + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + ModelAccessConfig *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig `pulumi:"modelAccessConfig"` + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + S3DataType string `pulumi:"s3DataType"` + // The S3 path of model data to deploy. + S3Uri string `pulumi:"s3Uri"` +} + +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs and ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs{...} +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs struct { + // How the model data is prepared. Allowed values are: `None` and `Gzip`. + CompressionType pulumi.StringInput `pulumi:"compressionType"` + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + ModelAccessConfig ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput `pulumi:"modelAccessConfig"` + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + S3DataType pulumi.StringInput `pulumi:"s3DataType"` + // The S3 path of model data to deploy. + S3Uri pulumi.StringInput `pulumi:"s3Uri"` +} + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) +} + +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray and ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray{ ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs{...} } +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray []ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceInput + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelPrimaryContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput { + return o +} + +// How the model data is prepared. Allowed values are: `None` and `Gzip`. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) CompressionType() pulumi.StringOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSourceS3DataSource) string { return v.CompressionType }).(pulumi.StringOutput) +} + +// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) ModelAccessConfig() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSourceS3DataSource) *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + return v.ModelAccessConfig + }).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) S3DataType() pulumi.StringOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSourceS3DataSource) string { return v.S3DataType }).(pulumi.StringOutput) +} + +// The S3 path of model data to deploy. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) S3Uri() pulumi.StringOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSourceS3DataSource) string { return v.S3Uri }).(pulumi.StringOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ModelPrimaryContainerAdditionalModelDataSourceS3DataSource)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput) Index(i pulumi.IntInput) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ModelPrimaryContainerAdditionalModelDataSourceS3DataSource { + return vs[0].([]ModelPrimaryContainerAdditionalModelDataSourceS3DataSource)[vs[1].(int)] + }).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig struct { + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + AcceptEula bool `pulumi:"acceptEula"` +} + +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs and ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{...} +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs struct { + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + AcceptEula pulumi.BoolInput `pulumi:"acceptEula"` +} + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput).ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx) +} + +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput is an input type that accepts ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs, ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtr and ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput values. +// You can construct a concrete instance of `ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput` via: +// +// ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{...} +// +// or: +// +// nil +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput interface { + pulumi.Input + + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput + ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput +} + +type modelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs + +func ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtr(v *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput { + return (*modelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType)(v) +} + +func (*modelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (i *modelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return i.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *modelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrType) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + return &v + }).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) +} + +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) AcceptEula() pulumi.BoolOutput { + return o.ApplyT(func(v ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) bool { + return v.AcceptEula + }).(pulumi.BoolOutput) +} + +type ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig)(nil)).Elem() +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) ToModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutputWithContext(ctx context.Context) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput { + return o +} + +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) Elem() ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput { + return o.ApplyT(func(v *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + if v != nil { + return *v + } + var ret ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig + return ret + }).(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput) +} + +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +func (o ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput) AcceptEula() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig) *bool { + if v == nil { + return nil + } + return &v.AcceptEula + }).(pulumi.BoolPtrOutput) +} + type ModelPrimaryContainerImageConfig struct { // Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`. RepositoryAccessMode string `pulumi:"repositoryAccessMode"` @@ -25555,7 +26325,7 @@ func (o ModelPrimaryContainerImageConfigPtrOutput) RepositoryAuthConfig() ModelP } type ModelPrimaryContainerImageConfigRepositoryAuthConfig struct { - // The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + // Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. RepositoryCredentialsProviderArn string `pulumi:"repositoryCredentialsProviderArn"` } @@ -25571,7 +26341,7 @@ type ModelPrimaryContainerImageConfigRepositoryAuthConfigInput interface { } type ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs struct { - // The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + // Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. RepositoryCredentialsProviderArn pulumi.StringInput `pulumi:"repositoryCredentialsProviderArn"` } @@ -25652,7 +26422,7 @@ func (o ModelPrimaryContainerImageConfigRepositoryAuthConfigOutput) ToModelPrima }).(ModelPrimaryContainerImageConfigRepositoryAuthConfigPtrOutput) } -// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. +// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. func (o ModelPrimaryContainerImageConfigRepositoryAuthConfigOutput) RepositoryCredentialsProviderArn() pulumi.StringOutput { return o.ApplyT(func(v ModelPrimaryContainerImageConfigRepositoryAuthConfig) string { return v.RepositoryCredentialsProviderArn @@ -25683,7 +26453,7 @@ func (o ModelPrimaryContainerImageConfigRepositoryAuthConfigPtrOutput) Elem() Mo }).(ModelPrimaryContainerImageConfigRepositoryAuthConfigOutput) } -// The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. +// Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. func (o ModelPrimaryContainerImageConfigRepositoryAuthConfigPtrOutput) RepositoryCredentialsProviderArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainerImageConfigRepositoryAuthConfig) *string { if v == nil { @@ -25694,7 +26464,7 @@ func (o ModelPrimaryContainerImageConfigRepositoryAuthConfigPtrOutput) Repositor } type ModelPrimaryContainerModelDataSource struct { - // The S3 location of model data to deploy. + // S3 location of model data to deploy. See S3 Data Source. S3DataSources []ModelPrimaryContainerModelDataSourceS3DataSource `pulumi:"s3DataSources"` } @@ -25710,7 +26480,7 @@ type ModelPrimaryContainerModelDataSourceInput interface { } type ModelPrimaryContainerModelDataSourceArgs struct { - // The S3 location of model data to deploy. + // S3 location of model data to deploy. See S3 Data Source. S3DataSources ModelPrimaryContainerModelDataSourceS3DataSourceArrayInput `pulumi:"s3DataSources"` } @@ -25791,7 +26561,7 @@ func (o ModelPrimaryContainerModelDataSourceOutput) ToModelPrimaryContainerModel }).(ModelPrimaryContainerModelDataSourcePtrOutput) } -// The S3 location of model data to deploy. +// S3 location of model data to deploy. See S3 Data Source. func (o ModelPrimaryContainerModelDataSourceOutput) S3DataSources() ModelPrimaryContainerModelDataSourceS3DataSourceArrayOutput { return o.ApplyT(func(v ModelPrimaryContainerModelDataSource) []ModelPrimaryContainerModelDataSourceS3DataSource { return v.S3DataSources @@ -25822,7 +26592,7 @@ func (o ModelPrimaryContainerModelDataSourcePtrOutput) Elem() ModelPrimaryContai }).(ModelPrimaryContainerModelDataSourceOutput) } -// The S3 location of model data to deploy. +// S3 location of model data to deploy. See S3 Data Source. func (o ModelPrimaryContainerModelDataSourcePtrOutput) S3DataSources() ModelPrimaryContainerModelDataSourceS3DataSourceArrayOutput { return o.ApplyT(func(v *ModelPrimaryContainerModelDataSource) []ModelPrimaryContainerModelDataSourceS3DataSource { if v == nil { @@ -25835,9 +26605,9 @@ func (o ModelPrimaryContainerModelDataSourcePtrOutput) S3DataSources() ModelPrim type ModelPrimaryContainerModelDataSourceS3DataSource struct { // How the model data is prepared. Allowed values are: `None` and `Gzip`. CompressionType string `pulumi:"compressionType"` - // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. ModelAccessConfig *ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig `pulumi:"modelAccessConfig"` - // The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. S3DataType string `pulumi:"s3DataType"` // The S3 path of model data to deploy. S3Uri string `pulumi:"s3Uri"` @@ -25857,9 +26627,9 @@ type ModelPrimaryContainerModelDataSourceS3DataSourceInput interface { type ModelPrimaryContainerModelDataSourceS3DataSourceArgs struct { // How the model data is prepared. Allowed values are: `None` and `Gzip`. CompressionType pulumi.StringInput `pulumi:"compressionType"` - // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + // Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. ModelAccessConfig ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrInput `pulumi:"modelAccessConfig"` - // The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + // Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. S3DataType pulumi.StringInput `pulumi:"s3DataType"` // The S3 path of model data to deploy. S3Uri pulumi.StringInput `pulumi:"s3Uri"` @@ -25921,14 +26691,14 @@ func (o ModelPrimaryContainerModelDataSourceS3DataSourceOutput) CompressionType( return o.ApplyT(func(v ModelPrimaryContainerModelDataSourceS3DataSource) string { return v.CompressionType }).(pulumi.StringOutput) } -// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. +// Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. func (o ModelPrimaryContainerModelDataSourceS3DataSourceOutput) ModelAccessConfig() ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput { return o.ApplyT(func(v ModelPrimaryContainerModelDataSourceS3DataSource) *ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig { return v.ModelAccessConfig }).(ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) } -// The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. +// Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. func (o ModelPrimaryContainerModelDataSourceS3DataSourceOutput) S3DataType() pulumi.StringOutput { return o.ApplyT(func(v ModelPrimaryContainerModelDataSourceS3DataSource) string { return v.S3DataType }).(pulumi.StringOutput) } @@ -25959,7 +26729,7 @@ func (o ModelPrimaryContainerModelDataSourceS3DataSourceArrayOutput) Index(i pul } type ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig struct { - // Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. AcceptEula bool `pulumi:"acceptEula"` } @@ -25975,7 +26745,7 @@ type ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigInput inte } type ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs struct { - // Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + // Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. AcceptEula pulumi.BoolInput `pulumi:"acceptEula"` } @@ -26056,7 +26826,7 @@ func (o ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigOutput) }).(ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) } -// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. func (o ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigOutput) AcceptEula() pulumi.BoolOutput { return o.ApplyT(func(v ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig) bool { return v.AcceptEula }).(pulumi.BoolOutput) } @@ -26085,7 +26855,7 @@ func (o ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutp }).(ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigOutput) } -// Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. +// Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. func (o ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigPtrOutput) AcceptEula() pulumi.BoolPtrOutput { return o.ApplyT(func(v *ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig) *bool { if v == nil { @@ -26233,8 +27003,10 @@ func (o ModelPrimaryContainerMultiModelConfigPtrOutput) ModelCacheSetting() pulu } type ModelVpcConfig struct { + // List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. SecurityGroupIds []string `pulumi:"securityGroupIds"` - Subnets []string `pulumi:"subnets"` + // List of subnet IDs in the VPC to which you want to connect your training job or model. + Subnets []string `pulumi:"subnets"` } // ModelVpcConfigInput is an input type that accepts ModelVpcConfigArgs and ModelVpcConfigOutput values. @@ -26249,8 +27021,10 @@ type ModelVpcConfigInput interface { } type ModelVpcConfigArgs struct { + // List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. SecurityGroupIds pulumi.StringArrayInput `pulumi:"securityGroupIds"` - Subnets pulumi.StringArrayInput `pulumi:"subnets"` + // List of subnet IDs in the VPC to which you want to connect your training job or model. + Subnets pulumi.StringArrayInput `pulumi:"subnets"` } func (ModelVpcConfigArgs) ElementType() reflect.Type { @@ -26330,10 +27104,12 @@ func (o ModelVpcConfigOutput) ToModelVpcConfigPtrOutputWithContext(ctx context.C }).(ModelVpcConfigPtrOutput) } +// List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. func (o ModelVpcConfigOutput) SecurityGroupIds() pulumi.StringArrayOutput { return o.ApplyT(func(v ModelVpcConfig) []string { return v.SecurityGroupIds }).(pulumi.StringArrayOutput) } +// List of subnet IDs in the VPC to which you want to connect your training job or model. func (o ModelVpcConfigOutput) Subnets() pulumi.StringArrayOutput { return o.ApplyT(func(v ModelVpcConfig) []string { return v.Subnets }).(pulumi.StringArrayOutput) } @@ -26362,6 +27138,7 @@ func (o ModelVpcConfigPtrOutput) Elem() ModelVpcConfigOutput { }).(ModelVpcConfigOutput) } +// List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. func (o ModelVpcConfigPtrOutput) SecurityGroupIds() pulumi.StringArrayOutput { return o.ApplyT(func(v *ModelVpcConfig) []string { if v == nil { @@ -26371,6 +27148,7 @@ func (o ModelVpcConfigPtrOutput) SecurityGroupIds() pulumi.StringArrayOutput { }).(pulumi.StringArrayOutput) } +// List of subnet IDs in the VPC to which you want to connect your training job or model. func (o ModelVpcConfigPtrOutput) Subnets() pulumi.StringArrayOutput { return o.ApplyT(func(v *ModelVpcConfig) []string { if v == nil { @@ -39969,6 +40747,12 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*HumanTaskUIUiTemplatePtrInput)(nil)).Elem(), HumanTaskUIUiTemplateArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerInput)(nil)).Elem(), ModelContainerArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerArrayInput)(nil)).Elem(), ModelContainerArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceArrayInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceS3DataSourceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceArrayInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceS3DataSourceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput)(nil)).Elem(), ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerImageConfigInput)(nil)).Elem(), ModelContainerImageConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerImageConfigPtrInput)(nil)).Elem(), ModelContainerImageConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelContainerImageConfigRepositoryAuthConfigInput)(nil)).Elem(), ModelContainerImageConfigRepositoryAuthConfigArgs{}) @@ -39985,6 +40769,12 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ModelInferenceExecutionConfigPtrInput)(nil)).Elem(), ModelInferenceExecutionConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerInput)(nil)).Elem(), ModelPrimaryContainerArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerPtrInput)(nil)).Elem(), ModelPrimaryContainerArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceArrayInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrInput)(nil)).Elem(), ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerImageConfigInput)(nil)).Elem(), ModelPrimaryContainerImageConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerImageConfigPtrInput)(nil)).Elem(), ModelPrimaryContainerImageConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ModelPrimaryContainerImageConfigRepositoryAuthConfigInput)(nil)).Elem(), ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs{}) @@ -40446,6 +41236,12 @@ func init() { pulumi.RegisterOutputType(HumanTaskUIUiTemplatePtrOutput{}) pulumi.RegisterOutputType(ModelContainerOutput{}) pulumi.RegisterOutputType(ModelContainerArrayOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceArrayOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceS3DataSourceOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceS3DataSourceArrayOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput{}) + pulumi.RegisterOutputType(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput{}) pulumi.RegisterOutputType(ModelContainerImageConfigOutput{}) pulumi.RegisterOutputType(ModelContainerImageConfigPtrOutput{}) pulumi.RegisterOutputType(ModelContainerImageConfigRepositoryAuthConfigOutput{}) @@ -40462,6 +41258,12 @@ func init() { pulumi.RegisterOutputType(ModelInferenceExecutionConfigPtrOutput{}) pulumi.RegisterOutputType(ModelPrimaryContainerOutput{}) pulumi.RegisterOutputType(ModelPrimaryContainerPtrOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceArrayOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArrayOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigOutput{}) + pulumi.RegisterOutputType(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigPtrOutput{}) pulumi.RegisterOutputType(ModelPrimaryContainerImageConfigOutput{}) pulumi.RegisterOutputType(ModelPrimaryContainerImageConfigPtrOutput{}) pulumi.RegisterOutputType(ModelPrimaryContainerImageConfigRepositoryAuthConfigOutput{}) diff --git a/sdk/go/aws/ssoadmin/accountAssignment.go b/sdk/go/aws/ssoadmin/accountAssignment.go index 5aa97e930d5..2e49a97b179 100644 --- a/sdk/go/aws/ssoadmin/accountAssignment.go +++ b/sdk/go/aws/ssoadmin/accountAssignment.go @@ -157,7 +157,7 @@ type AccountAssignment struct { // An AWS account identifier, typically a 10-12 digit string. TargetId pulumi.StringOutput `pulumi:"targetId"` // The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. - TargetType pulumi.StringPtrOutput `pulumi:"targetType"` + TargetType pulumi.StringOutput `pulumi:"targetType"` } // NewAccountAssignment registers a new resource with the given unique name, arguments, and options. @@ -182,6 +182,9 @@ func NewAccountAssignment(ctx *pulumi.Context, if args.TargetId == nil { return nil, errors.New("invalid value for required argument 'TargetId'") } + if args.TargetType == nil { + return nil, errors.New("invalid value for required argument 'TargetType'") + } opts = internal.PkgResourceDefaultOpts(opts) var resource AccountAssignment err := ctx.RegisterResource("aws:ssoadmin/accountAssignment:AccountAssignment", name, args, &resource, opts...) @@ -256,7 +259,7 @@ type accountAssignmentArgs struct { // An AWS account identifier, typically a 10-12 digit string. TargetId string `pulumi:"targetId"` // The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. - TargetType *string `pulumi:"targetType"` + TargetType string `pulumi:"targetType"` } // The set of arguments for constructing a AccountAssignment resource. @@ -274,7 +277,7 @@ type AccountAssignmentArgs struct { // An AWS account identifier, typically a 10-12 digit string. TargetId pulumi.StringInput // The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. - TargetType pulumi.StringPtrInput + TargetType pulumi.StringInput } func (AccountAssignmentArgs) ElementType() reflect.Type { @@ -395,8 +398,8 @@ func (o AccountAssignmentOutput) TargetId() pulumi.StringOutput { } // The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. -func (o AccountAssignmentOutput) TargetType() pulumi.StringPtrOutput { - return o.ApplyT(func(v *AccountAssignment) pulumi.StringPtrOutput { return v.TargetType }).(pulumi.StringPtrOutput) +func (o AccountAssignmentOutput) TargetType() pulumi.StringOutput { + return o.ApplyT(func(v *AccountAssignment) pulumi.StringOutput { return v.TargetType }).(pulumi.StringOutput) } type AccountAssignmentArrayOutput struct{ *pulumi.OutputState } diff --git a/sdk/go/aws/timestreaminfluxdb/dbCluster.go b/sdk/go/aws/timestreaminfluxdb/dbCluster.go index a1f7e25e1c7..642efa0176f 100644 --- a/sdk/go/aws/timestreaminfluxdb/dbCluster.go +++ b/sdk/go/aws/timestreaminfluxdb/dbCluster.go @@ -217,6 +217,69 @@ import ( // // ``` // +// ### Usage with InfluxDB V3 +// +// For InfluxDB V3 clusters, you can create a cluster without providing `allocatedStorage`, `bucket`, `organization`, `username`, `password`, or `deploymentType` by specifying a `dbParameterGroupIdentifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/timestreaminfluxdb" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := timestreaminfluxdb.NewDbCluster(ctx, "example", ×treaminfluxdb.DbClusterArgs{ +// Name: pulumi.String("example-v3-cluster"), +// DbInstanceType: pulumi.String("db.influx.large"), +// DbParameterGroupIdentifier: pulumi.String("InfluxDBV3Core"), +// VpcSubnetIds: pulumi.StringArray{ +// example1.Id, +// example2.Id, +// }, +// VpcSecurityGroupIds: pulumi.StringArray{ +// exampleAwsSecurityGroup.Id, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Cluster Type Requirements +// +// ### InfluxDB V2 Clusters (default) +// +// The following arguments are **required** for InfluxDB V2 clusters: +// +// * `allocatedStorage` +// * `bucket` +// * `deploymentType` +// * `organization` +// * `password` +// * `username` +// +// The `deploymentType` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified. +// +// ### InfluxDB V3 Clusters (when using V3 parameter groups) +// +// The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group): +// +// * `allocatedStorage` +// * `bucket` +// * `deploymentType` +// * `organization` +// * `password` +// * `username` +// // ## Import // // Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example: @@ -227,25 +290,27 @@ import ( type DbCluster struct { pulumi.CustomResourceState - // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. - AllocatedStorage pulumi.IntOutput `pulumi:"allocatedStorage"` + // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + AllocatedStorage pulumi.IntPtrOutput `pulumi:"allocatedStorage"` // ARN of the Timestream for InfluxDB cluster. Arn pulumi.StringOutput `pulumi:"arn"` - // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Bucket pulumi.StringOutput `pulumi:"bucket"` + // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Bucket pulumi.StringPtrOutput `pulumi:"bucket"` // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. DbInstanceType pulumi.StringOutput `pulumi:"dbInstanceType"` // ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `dbParameterGroupIdentifier`, removing `dbParameterGroupIdentifier` will cause the cluster to be destroyed and recreated. DbParameterGroupIdentifier pulumi.StringPtrOutput `pulumi:"dbParameterGroupIdentifier"` // Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use ` "InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocatedStorage` is 400. DbStorageType pulumi.StringOutput `pulumi:"dbStorageType"` - // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). DeploymentType pulumi.StringOutput `pulumi:"deploymentType"` // Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086. Endpoint pulumi.StringOutput `pulumi:"endpoint"` + // Database engine type of the DB cluster. + EngineType pulumi.StringOutput `pulumi:"engineType"` // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. FailoverMode pulumi.StringOutput `pulumi:"failoverMode"` - // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. InfluxAuthParametersSecretArn pulumi.StringOutput `pulumi:"influxAuthParametersSecretArn"` // Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable. LogDeliveryConfiguration DbClusterLogDeliveryConfigurationPtrOutput `pulumi:"logDeliveryConfiguration"` @@ -253,10 +318,10 @@ type DbCluster struct { Name pulumi.StringOutput `pulumi:"name"` // Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols. NetworkType pulumi.StringOutput `pulumi:"networkType"` - // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Organization pulumi.StringOutput `pulumi:"organization"` - // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Password pulumi.StringOutput `pulumi:"password"` + // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Organization pulumi.StringPtrOutput `pulumi:"organization"` + // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. + Password pulumi.StringPtrOutput `pulumi:"password"` // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. Port pulumi.IntOutput `pulumi:"port"` // Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access. @@ -270,8 +335,8 @@ type DbCluster struct { // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` Timeouts DbClusterTimeoutsPtrOutput `pulumi:"timeouts"` - // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Username pulumi.StringOutput `pulumi:"username"` + // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Username pulumi.StringPtrOutput `pulumi:"username"` // List of VPC security group IDs to associate with the cluster. VpcSecurityGroupIds pulumi.StringArrayOutput `pulumi:"vpcSecurityGroupIds"` // List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby. @@ -287,24 +352,9 @@ func NewDbCluster(ctx *pulumi.Context, return nil, errors.New("missing one or more required arguments") } - if args.AllocatedStorage == nil { - return nil, errors.New("invalid value for required argument 'AllocatedStorage'") - } - if args.Bucket == nil { - return nil, errors.New("invalid value for required argument 'Bucket'") - } if args.DbInstanceType == nil { return nil, errors.New("invalid value for required argument 'DbInstanceType'") } - if args.Organization == nil { - return nil, errors.New("invalid value for required argument 'Organization'") - } - if args.Password == nil { - return nil, errors.New("invalid value for required argument 'Password'") - } - if args.Username == nil { - return nil, errors.New("invalid value for required argument 'Username'") - } if args.VpcSecurityGroupIds == nil { return nil, errors.New("invalid value for required argument 'VpcSecurityGroupIds'") } @@ -312,7 +362,7 @@ func NewDbCluster(ctx *pulumi.Context, return nil, errors.New("invalid value for required argument 'VpcSubnetIds'") } if args.Password != nil { - args.Password = pulumi.ToSecret(args.Password).(pulumi.StringInput) + args.Password = pulumi.ToSecret(args.Password).(pulumi.StringPtrInput) } secrets := pulumi.AdditionalSecretOutputs([]string{ "password", @@ -341,11 +391,11 @@ func GetDbCluster(ctx *pulumi.Context, // Input properties used for looking up and filtering DbCluster resources. type dbClusterState struct { - // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). AllocatedStorage *int `pulumi:"allocatedStorage"` // ARN of the Timestream for InfluxDB cluster. Arn *string `pulumi:"arn"` - // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Bucket *string `pulumi:"bucket"` // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. DbInstanceType *string `pulumi:"dbInstanceType"` @@ -353,13 +403,15 @@ type dbClusterState struct { DbParameterGroupIdentifier *string `pulumi:"dbParameterGroupIdentifier"` // Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use ` "InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocatedStorage` is 400. DbStorageType *string `pulumi:"dbStorageType"` - // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). DeploymentType *string `pulumi:"deploymentType"` // Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086. Endpoint *string `pulumi:"endpoint"` + // Database engine type of the DB cluster. + EngineType *string `pulumi:"engineType"` // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. FailoverMode *string `pulumi:"failoverMode"` - // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. InfluxAuthParametersSecretArn *string `pulumi:"influxAuthParametersSecretArn"` // Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable. LogDeliveryConfiguration *DbClusterLogDeliveryConfiguration `pulumi:"logDeliveryConfiguration"` @@ -367,9 +419,9 @@ type dbClusterState struct { Name *string `pulumi:"name"` // Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols. NetworkType *string `pulumi:"networkType"` - // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Organization *string `pulumi:"organization"` - // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. Password *string `pulumi:"password"` // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. Port *int `pulumi:"port"` @@ -384,7 +436,7 @@ type dbClusterState struct { // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll map[string]string `pulumi:"tagsAll"` Timeouts *DbClusterTimeouts `pulumi:"timeouts"` - // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Username *string `pulumi:"username"` // List of VPC security group IDs to associate with the cluster. VpcSecurityGroupIds []string `pulumi:"vpcSecurityGroupIds"` @@ -395,11 +447,11 @@ type dbClusterState struct { } type DbClusterState struct { - // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). AllocatedStorage pulumi.IntPtrInput // ARN of the Timestream for InfluxDB cluster. Arn pulumi.StringPtrInput - // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Bucket pulumi.StringPtrInput // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. DbInstanceType pulumi.StringPtrInput @@ -407,13 +459,15 @@ type DbClusterState struct { DbParameterGroupIdentifier pulumi.StringPtrInput // Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use ` "InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocatedStorage` is 400. DbStorageType pulumi.StringPtrInput - // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). DeploymentType pulumi.StringPtrInput // Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086. Endpoint pulumi.StringPtrInput + // Database engine type of the DB cluster. + EngineType pulumi.StringPtrInput // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. FailoverMode pulumi.StringPtrInput - // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + // ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. InfluxAuthParametersSecretArn pulumi.StringPtrInput // Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable. LogDeliveryConfiguration DbClusterLogDeliveryConfigurationPtrInput @@ -421,9 +475,9 @@ type DbClusterState struct { Name pulumi.StringPtrInput // Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols. NetworkType pulumi.StringPtrInput - // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Organization pulumi.StringPtrInput - // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. Password pulumi.StringPtrInput // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. Port pulumi.IntPtrInput @@ -438,7 +492,7 @@ type DbClusterState struct { // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput Timeouts DbClusterTimeoutsPtrInput - // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). Username pulumi.StringPtrInput // List of VPC security group IDs to associate with the cluster. VpcSecurityGroupIds pulumi.StringArrayInput @@ -453,17 +507,17 @@ func (DbClusterState) ElementType() reflect.Type { } type dbClusterArgs struct { - // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. - AllocatedStorage int `pulumi:"allocatedStorage"` - // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Bucket string `pulumi:"bucket"` + // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + AllocatedStorage *int `pulumi:"allocatedStorage"` + // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Bucket *string `pulumi:"bucket"` // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. DbInstanceType string `pulumi:"dbInstanceType"` // ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `dbParameterGroupIdentifier`, removing `dbParameterGroupIdentifier` will cause the cluster to be destroyed and recreated. DbParameterGroupIdentifier *string `pulumi:"dbParameterGroupIdentifier"` // Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use ` "InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocatedStorage` is 400. DbStorageType *string `pulumi:"dbStorageType"` - // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). DeploymentType *string `pulumi:"deploymentType"` // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. FailoverMode *string `pulumi:"failoverMode"` @@ -473,10 +527,10 @@ type dbClusterArgs struct { Name *string `pulumi:"name"` // Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols. NetworkType *string `pulumi:"networkType"` - // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Organization string `pulumi:"organization"` - // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Password string `pulumi:"password"` + // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Organization *string `pulumi:"organization"` + // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. + Password *string `pulumi:"password"` // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. Port *int `pulumi:"port"` // Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access. @@ -486,8 +540,8 @@ type dbClusterArgs struct { // Map of tags assigned to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags map[string]string `pulumi:"tags"` Timeouts *DbClusterTimeouts `pulumi:"timeouts"` - // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Username string `pulumi:"username"` + // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Username *string `pulumi:"username"` // List of VPC security group IDs to associate with the cluster. VpcSecurityGroupIds []string `pulumi:"vpcSecurityGroupIds"` // List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby. @@ -498,17 +552,17 @@ type dbClusterArgs struct { // The set of arguments for constructing a DbCluster resource. type DbClusterArgs struct { - // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. - AllocatedStorage pulumi.IntInput - // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Bucket pulumi.StringInput + // Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + AllocatedStorage pulumi.IntPtrInput + // Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Bucket pulumi.StringPtrInput // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. DbInstanceType pulumi.StringInput // ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `dbParameterGroupIdentifier`, removing `dbParameterGroupIdentifier` will cause the cluster to be destroyed and recreated. DbParameterGroupIdentifier pulumi.StringPtrInput // Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use ` "InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocatedStorage` is 400. DbStorageType pulumi.StringPtrInput - // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + // Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). DeploymentType pulumi.StringPtrInput // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. FailoverMode pulumi.StringPtrInput @@ -518,10 +572,10 @@ type DbClusterArgs struct { Name pulumi.StringPtrInput // Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols. NetworkType pulumi.StringPtrInput - // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Organization pulumi.StringInput - // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Password pulumi.StringInput + // Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Organization pulumi.StringPtrInput + // Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. + Password pulumi.StringPtrInput // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. Port pulumi.IntPtrInput // Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access. @@ -531,8 +585,8 @@ type DbClusterArgs struct { // Map of tags assigned to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput Timeouts DbClusterTimeoutsPtrInput - // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. - Username pulumi.StringInput + // Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). + Username pulumi.StringPtrInput // List of VPC security group IDs to associate with the cluster. VpcSecurityGroupIds pulumi.StringArrayInput // List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby. @@ -628,9 +682,9 @@ func (o DbClusterOutput) ToDbClusterOutputWithContext(ctx context.Context) DbClu return o } -// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. -func (o DbClusterOutput) AllocatedStorage() pulumi.IntOutput { - return o.ApplyT(func(v *DbCluster) pulumi.IntOutput { return v.AllocatedStorage }).(pulumi.IntOutput) +// Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). +func (o DbClusterOutput) AllocatedStorage() pulumi.IntPtrOutput { + return o.ApplyT(func(v *DbCluster) pulumi.IntPtrOutput { return v.AllocatedStorage }).(pulumi.IntPtrOutput) } // ARN of the Timestream for InfluxDB cluster. @@ -638,9 +692,9 @@ func (o DbClusterOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } -// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. -func (o DbClusterOutput) Bucket() pulumi.StringOutput { - return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Bucket }).(pulumi.StringOutput) +// Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). +func (o DbClusterOutput) Bucket() pulumi.StringPtrOutput { + return o.ApplyT(func(v *DbCluster) pulumi.StringPtrOutput { return v.Bucket }).(pulumi.StringPtrOutput) } // Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. @@ -658,7 +712,7 @@ func (o DbClusterOutput) DbStorageType() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.DbStorageType }).(pulumi.StringOutput) } -// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. +// Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). func (o DbClusterOutput) DeploymentType() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.DeploymentType }).(pulumi.StringOutput) } @@ -668,12 +722,17 @@ func (o DbClusterOutput) Endpoint() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Endpoint }).(pulumi.StringOutput) } +// Database engine type of the DB cluster. +func (o DbClusterOutput) EngineType() pulumi.StringOutput { + return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.EngineType }).(pulumi.StringOutput) +} + // Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. func (o DbClusterOutput) FailoverMode() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.FailoverMode }).(pulumi.StringOutput) } -// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. +// ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. func (o DbClusterOutput) InfluxAuthParametersSecretArn() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.InfluxAuthParametersSecretArn }).(pulumi.StringOutput) } @@ -693,14 +752,14 @@ func (o DbClusterOutput) NetworkType() pulumi.StringOutput { return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.NetworkType }).(pulumi.StringOutput) } -// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. -func (o DbClusterOutput) Organization() pulumi.StringOutput { - return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Organization }).(pulumi.StringOutput) +// Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). +func (o DbClusterOutput) Organization() pulumi.StringPtrOutput { + return o.ApplyT(func(v *DbCluster) pulumi.StringPtrOutput { return v.Organization }).(pulumi.StringPtrOutput) } -// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. -func (o DbClusterOutput) Password() pulumi.StringOutput { - return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Password }).(pulumi.StringOutput) +// Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. +func (o DbClusterOutput) Password() pulumi.StringPtrOutput { + return o.ApplyT(func(v *DbCluster) pulumi.StringPtrOutput { return v.Password }).(pulumi.StringPtrOutput) } // The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. @@ -737,9 +796,9 @@ func (o DbClusterOutput) Timeouts() DbClusterTimeoutsPtrOutput { return o.ApplyT(func(v *DbCluster) DbClusterTimeoutsPtrOutput { return v.Timeouts }).(DbClusterTimeoutsPtrOutput) } -// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. -func (o DbClusterOutput) Username() pulumi.StringOutput { - return o.ApplyT(func(v *DbCluster) pulumi.StringOutput { return v.Username }).(pulumi.StringOutput) +// Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). +func (o DbClusterOutput) Username() pulumi.StringPtrOutput { + return o.ApplyT(func(v *DbCluster) pulumi.StringPtrOutput { return v.Username }).(pulumi.StringPtrOutput) } // List of VPC security group IDs to associate with the cluster. diff --git a/sdk/go/aws/vpclattice/domainVerification.go b/sdk/go/aws/vpclattice/domainVerification.go new file mode 100644 index 00000000000..cc86598a7a8 --- /dev/null +++ b/sdk/go/aws/vpclattice/domainVerification.go @@ -0,0 +1,420 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package vpclattice + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Resource for managing an AWS VPC Lattice Domain Verification. +// +// Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources. +// +// ## Example Usage +// +// ### Basic Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/route53" +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// example, err := vpclattice.NewDomainVerification(ctx, "example", &vpclattice.DomainVerificationArgs{ +// DomainName: pulumi.String("example.com"), +// }) +// if err != nil { +// return err +// } +// // Create DNS TXT record for domain verification +// _, err = route53.NewRecord(ctx, "example", &route53.RecordArgs{ +// ZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId), +// Name: example.TxtRecordName, +// Type: pulumi.String(route53.RecordTypeTXT), +// Ttl: pulumi.Int(300), +// Records: pulumi.StringArray{ +// example.TxtRecordValue, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ### With Tags +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := vpclattice.NewDomainVerification(ctx, "example", &vpclattice.DomainVerificationArgs{ +// DomainName: pulumi.String("example.com"), +// Tags: pulumi.StringMap{ +// "Environment": pulumi.String("production"), +// "Purpose": pulumi.String("domain-verification"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example: +// +// ```sh +// $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f +// ``` +type DomainVerification struct { + pulumi.CustomResourceState + + // The Amazon Resource Name (ARN) of the domain verification. + Arn pulumi.StringOutput `pulumi:"arn"` + // The date and time that the domain verification was created, in ISO-8601 format. + CreatedAt pulumi.StringOutput `pulumi:"createdAt"` + // The domain name to verify ownership for. + // + // The following arguments are optional: + DomainName pulumi.StringOutput `pulumi:"domainName"` + // The date and time that the domain was last successfully verified, in ISO-8601 format. + LastVerifiedTime pulumi.StringOutput `pulumi:"lastVerifiedTime"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringOutput `pulumi:"region"` + // The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + Status pulumi.StringOutput `pulumi:"status"` + // Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + Tags pulumi.StringMapOutput `pulumi:"tags"` + // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. + TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` + // The name of the TXT record that must be created for domain verification. + TxtRecordName pulumi.StringOutput `pulumi:"txtRecordName"` + // The value that must be added to the TXT record for domain verification. + TxtRecordValue pulumi.StringOutput `pulumi:"txtRecordValue"` +} + +// NewDomainVerification registers a new resource with the given unique name, arguments, and options. +func NewDomainVerification(ctx *pulumi.Context, + name string, args *DomainVerificationArgs, opts ...pulumi.ResourceOption) (*DomainVerification, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.DomainName == nil { + return nil, errors.New("invalid value for required argument 'DomainName'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource DomainVerification + err := ctx.RegisterResource("aws:vpclattice/domainVerification:DomainVerification", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetDomainVerification gets an existing DomainVerification resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetDomainVerification(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *DomainVerificationState, opts ...pulumi.ResourceOption) (*DomainVerification, error) { + var resource DomainVerification + err := ctx.ReadResource("aws:vpclattice/domainVerification:DomainVerification", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering DomainVerification resources. +type domainVerificationState struct { + // The Amazon Resource Name (ARN) of the domain verification. + Arn *string `pulumi:"arn"` + // The date and time that the domain verification was created, in ISO-8601 format. + CreatedAt *string `pulumi:"createdAt"` + // The domain name to verify ownership for. + // + // The following arguments are optional: + DomainName *string `pulumi:"domainName"` + // The date and time that the domain was last successfully verified, in ISO-8601 format. + LastVerifiedTime *string `pulumi:"lastVerifiedTime"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region *string `pulumi:"region"` + // The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + Status *string `pulumi:"status"` + // Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + Tags map[string]string `pulumi:"tags"` + // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. + TagsAll map[string]string `pulumi:"tagsAll"` + // The name of the TXT record that must be created for domain verification. + TxtRecordName *string `pulumi:"txtRecordName"` + // The value that must be added to the TXT record for domain verification. + TxtRecordValue *string `pulumi:"txtRecordValue"` +} + +type DomainVerificationState struct { + // The Amazon Resource Name (ARN) of the domain verification. + Arn pulumi.StringPtrInput + // The date and time that the domain verification was created, in ISO-8601 format. + CreatedAt pulumi.StringPtrInput + // The domain name to verify ownership for. + // + // The following arguments are optional: + DomainName pulumi.StringPtrInput + // The date and time that the domain was last successfully verified, in ISO-8601 format. + LastVerifiedTime pulumi.StringPtrInput + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringPtrInput + // The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + Status pulumi.StringPtrInput + // Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + Tags pulumi.StringMapInput + // Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. + TagsAll pulumi.StringMapInput + // The name of the TXT record that must be created for domain verification. + TxtRecordName pulumi.StringPtrInput + // The value that must be added to the TXT record for domain verification. + TxtRecordValue pulumi.StringPtrInput +} + +func (DomainVerificationState) ElementType() reflect.Type { + return reflect.TypeOf((*domainVerificationState)(nil)).Elem() +} + +type domainVerificationArgs struct { + // The domain name to verify ownership for. + // + // The following arguments are optional: + DomainName string `pulumi:"domainName"` + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region *string `pulumi:"region"` + // Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + Tags map[string]string `pulumi:"tags"` +} + +// The set of arguments for constructing a DomainVerification resource. +type DomainVerificationArgs struct { + // The domain name to verify ownership for. + // + // The following arguments are optional: + DomainName pulumi.StringInput + // Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + Region pulumi.StringPtrInput + // Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + Tags pulumi.StringMapInput +} + +func (DomainVerificationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*domainVerificationArgs)(nil)).Elem() +} + +type DomainVerificationInput interface { + pulumi.Input + + ToDomainVerificationOutput() DomainVerificationOutput + ToDomainVerificationOutputWithContext(ctx context.Context) DomainVerificationOutput +} + +func (*DomainVerification) ElementType() reflect.Type { + return reflect.TypeOf((**DomainVerification)(nil)).Elem() +} + +func (i *DomainVerification) ToDomainVerificationOutput() DomainVerificationOutput { + return i.ToDomainVerificationOutputWithContext(context.Background()) +} + +func (i *DomainVerification) ToDomainVerificationOutputWithContext(ctx context.Context) DomainVerificationOutput { + return pulumi.ToOutputWithContext(ctx, i).(DomainVerificationOutput) +} + +// DomainVerificationArrayInput is an input type that accepts DomainVerificationArray and DomainVerificationArrayOutput values. +// You can construct a concrete instance of `DomainVerificationArrayInput` via: +// +// DomainVerificationArray{ DomainVerificationArgs{...} } +type DomainVerificationArrayInput interface { + pulumi.Input + + ToDomainVerificationArrayOutput() DomainVerificationArrayOutput + ToDomainVerificationArrayOutputWithContext(context.Context) DomainVerificationArrayOutput +} + +type DomainVerificationArray []DomainVerificationInput + +func (DomainVerificationArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*DomainVerification)(nil)).Elem() +} + +func (i DomainVerificationArray) ToDomainVerificationArrayOutput() DomainVerificationArrayOutput { + return i.ToDomainVerificationArrayOutputWithContext(context.Background()) +} + +func (i DomainVerificationArray) ToDomainVerificationArrayOutputWithContext(ctx context.Context) DomainVerificationArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(DomainVerificationArrayOutput) +} + +// DomainVerificationMapInput is an input type that accepts DomainVerificationMap and DomainVerificationMapOutput values. +// You can construct a concrete instance of `DomainVerificationMapInput` via: +// +// DomainVerificationMap{ "key": DomainVerificationArgs{...} } +type DomainVerificationMapInput interface { + pulumi.Input + + ToDomainVerificationMapOutput() DomainVerificationMapOutput + ToDomainVerificationMapOutputWithContext(context.Context) DomainVerificationMapOutput +} + +type DomainVerificationMap map[string]DomainVerificationInput + +func (DomainVerificationMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*DomainVerification)(nil)).Elem() +} + +func (i DomainVerificationMap) ToDomainVerificationMapOutput() DomainVerificationMapOutput { + return i.ToDomainVerificationMapOutputWithContext(context.Background()) +} + +func (i DomainVerificationMap) ToDomainVerificationMapOutputWithContext(ctx context.Context) DomainVerificationMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(DomainVerificationMapOutput) +} + +type DomainVerificationOutput struct{ *pulumi.OutputState } + +func (DomainVerificationOutput) ElementType() reflect.Type { + return reflect.TypeOf((**DomainVerification)(nil)).Elem() +} + +func (o DomainVerificationOutput) ToDomainVerificationOutput() DomainVerificationOutput { + return o +} + +func (o DomainVerificationOutput) ToDomainVerificationOutputWithContext(ctx context.Context) DomainVerificationOutput { + return o +} + +// The Amazon Resource Name (ARN) of the domain verification. +func (o DomainVerificationOutput) Arn() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) +} + +// The date and time that the domain verification was created, in ISO-8601 format. +func (o DomainVerificationOutput) CreatedAt() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.CreatedAt }).(pulumi.StringOutput) +} + +// The domain name to verify ownership for. +// +// The following arguments are optional: +func (o DomainVerificationOutput) DomainName() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.DomainName }).(pulumi.StringOutput) +} + +// The date and time that the domain was last successfully verified, in ISO-8601 format. +func (o DomainVerificationOutput) LastVerifiedTime() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.LastVerifiedTime }).(pulumi.StringOutput) +} + +// Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. +func (o DomainVerificationOutput) Region() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) +} + +// The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. +func (o DomainVerificationOutput) Status() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.Status }).(pulumi.StringOutput) +} + +// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. +func (o DomainVerificationOutput) Tags() pulumi.StringMapOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringMapOutput { return v.Tags }).(pulumi.StringMapOutput) +} + +// Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. +func (o DomainVerificationOutput) TagsAll() pulumi.StringMapOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringMapOutput { return v.TagsAll }).(pulumi.StringMapOutput) +} + +// The name of the TXT record that must be created for domain verification. +func (o DomainVerificationOutput) TxtRecordName() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.TxtRecordName }).(pulumi.StringOutput) +} + +// The value that must be added to the TXT record for domain verification. +func (o DomainVerificationOutput) TxtRecordValue() pulumi.StringOutput { + return o.ApplyT(func(v *DomainVerification) pulumi.StringOutput { return v.TxtRecordValue }).(pulumi.StringOutput) +} + +type DomainVerificationArrayOutput struct{ *pulumi.OutputState } + +func (DomainVerificationArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*DomainVerification)(nil)).Elem() +} + +func (o DomainVerificationArrayOutput) ToDomainVerificationArrayOutput() DomainVerificationArrayOutput { + return o +} + +func (o DomainVerificationArrayOutput) ToDomainVerificationArrayOutputWithContext(ctx context.Context) DomainVerificationArrayOutput { + return o +} + +func (o DomainVerificationArrayOutput) Index(i pulumi.IntInput) DomainVerificationOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *DomainVerification { + return vs[0].([]*DomainVerification)[vs[1].(int)] + }).(DomainVerificationOutput) +} + +type DomainVerificationMapOutput struct{ *pulumi.OutputState } + +func (DomainVerificationMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*DomainVerification)(nil)).Elem() +} + +func (o DomainVerificationMapOutput) ToDomainVerificationMapOutput() DomainVerificationMapOutput { + return o +} + +func (o DomainVerificationMapOutput) ToDomainVerificationMapOutputWithContext(ctx context.Context) DomainVerificationMapOutput { + return o +} + +func (o DomainVerificationMapOutput) MapIndex(k pulumi.StringInput) DomainVerificationOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *DomainVerification { + return vs[0].(map[string]*DomainVerification)[vs[1].(string)] + }).(DomainVerificationOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*DomainVerificationInput)(nil)).Elem(), &DomainVerification{}) + pulumi.RegisterInputType(reflect.TypeOf((*DomainVerificationArrayInput)(nil)).Elem(), DomainVerificationArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*DomainVerificationMapInput)(nil)).Elem(), DomainVerificationMap{}) + pulumi.RegisterOutputType(DomainVerificationOutput{}) + pulumi.RegisterOutputType(DomainVerificationArrayOutput{}) + pulumi.RegisterOutputType(DomainVerificationMapOutput{}) +} diff --git a/sdk/go/aws/vpclattice/init.go b/sdk/go/aws/vpclattice/init.go index 9810ba48a09..f3c80ab3b4a 100644 --- a/sdk/go/aws/vpclattice/init.go +++ b/sdk/go/aws/vpclattice/init.go @@ -25,6 +25,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &AccessLogSubscription{} case "aws:vpclattice/authPolicy:AuthPolicy": r = &AuthPolicy{} + case "aws:vpclattice/domainVerification:DomainVerification": + r = &DomainVerification{} case "aws:vpclattice/listener:Listener": r = &Listener{} case "aws:vpclattice/listenerRule:ListenerRule": @@ -72,6 +74,11 @@ func init() { "vpclattice/authPolicy", &module{version}, ) + pulumi.RegisterResourceModule( + "aws", + "vpclattice/domainVerification", + &module{version}, + ) pulumi.RegisterResourceModule( "aws", "vpclattice/listener", diff --git a/sdk/go/aws/vpclattice/resourceConfiguration.go b/sdk/go/aws/vpclattice/resourceConfiguration.go index 99044738451..19635092fa2 100644 --- a/sdk/go/aws/vpclattice/resourceConfiguration.go +++ b/sdk/go/aws/vpclattice/resourceConfiguration.go @@ -94,6 +94,54 @@ import ( // // ``` // +// ### With custom domain +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/vpclattice" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// example, err := vpclattice.NewDomainVerification(ctx, "example", &vpclattice.DomainVerificationArgs{ +// DomainName: pulumi.String("example.com"), +// }) +// if err != nil { +// return err +// } +// _, err = vpclattice.NewResourceConfiguration(ctx, "example", &vpclattice.ResourceConfigurationArgs{ +// Name: pulumi.String("Example"), +// ResourceGatewayIdentifier: pulumi.Any(exampleAwsVpclatticeResourceGateway.Id), +// CustomDomainName: pulumi.String("custom.example.com"), +// DomainVerificationId: example.ID(), +// PortRanges: pulumi.StringArray{ +// pulumi.String("443"), +// }, +// Protocol: pulumi.String("TCP"), +// ResourceConfigurationDefinition: &vpclattice.ResourceConfigurationResourceConfigurationDefinitionArgs{ +// DnsResource: &vpclattice.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs{ +// DomainName: pulumi.String("test.example.com"), +// IpAddressType: pulumi.String("IPV4"), +// }, +// }, +// Tags: pulumi.StringMap{ +// "Environment": pulumi.String("Example"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ### ARN Example // // ```go @@ -141,6 +189,14 @@ type ResourceConfiguration struct { AllowAssociationToShareableServiceNetwork pulumi.BoolOutput `pulumi:"allowAssociationToShareableServiceNetwork"` // ARN of the resource gateway. Arn pulumi.StringOutput `pulumi:"arn"` + // Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. + CustomDomainName pulumi.StringPtrOutput `pulumi:"customDomainName"` + // ARN of the domain verification. + DomainVerificationArn pulumi.StringOutput `pulumi:"domainVerificationArn"` + // The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + DomainVerificationId pulumi.StringOutput `pulumi:"domainVerificationId"` + // Domain verification status. + DomainVerificationStatus pulumi.StringOutput `pulumi:"domainVerificationStatus"` // Name for the Resource Configuration. Name pulumi.StringOutput `pulumi:"name"` // Port ranges to access the Resource either single port `80` or range `80-81` range. @@ -200,6 +256,14 @@ type resourceConfigurationState struct { AllowAssociationToShareableServiceNetwork *bool `pulumi:"allowAssociationToShareableServiceNetwork"` // ARN of the resource gateway. Arn *string `pulumi:"arn"` + // Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. + CustomDomainName *string `pulumi:"customDomainName"` + // ARN of the domain verification. + DomainVerificationArn *string `pulumi:"domainVerificationArn"` + // The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + DomainVerificationId *string `pulumi:"domainVerificationId"` + // Domain verification status. + DomainVerificationStatus *string `pulumi:"domainVerificationStatus"` // Name for the Resource Configuration. Name *string `pulumi:"name"` // Port ranges to access the Resource either single port `80` or range `80-81` range. @@ -230,6 +294,14 @@ type ResourceConfigurationState struct { AllowAssociationToShareableServiceNetwork pulumi.BoolPtrInput // ARN of the resource gateway. Arn pulumi.StringPtrInput + // Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. + CustomDomainName pulumi.StringPtrInput + // ARN of the domain verification. + DomainVerificationArn pulumi.StringPtrInput + // The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + DomainVerificationId pulumi.StringPtrInput + // Domain verification status. + DomainVerificationStatus pulumi.StringPtrInput // Name for the Resource Configuration. Name pulumi.StringPtrInput // Port ranges to access the Resource either single port `80` or range `80-81` range. @@ -262,6 +334,10 @@ func (ResourceConfigurationState) ElementType() reflect.Type { type resourceConfigurationArgs struct { // Allow or Deny the association of this resource to a shareable service network. AllowAssociationToShareableServiceNetwork *bool `pulumi:"allowAssociationToShareableServiceNetwork"` + // Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. + CustomDomainName *string `pulumi:"customDomainName"` + // The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + DomainVerificationId *string `pulumi:"domainVerificationId"` // Name for the Resource Configuration. Name *string `pulumi:"name"` // Port ranges to access the Resource either single port `80` or range `80-81` range. @@ -289,6 +365,10 @@ type resourceConfigurationArgs struct { type ResourceConfigurationArgs struct { // Allow or Deny the association of this resource to a shareable service network. AllowAssociationToShareableServiceNetwork pulumi.BoolPtrInput + // Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. + CustomDomainName pulumi.StringPtrInput + // The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. + DomainVerificationId pulumi.StringPtrInput // Name for the Resource Configuration. Name pulumi.StringPtrInput // Port ranges to access the Resource either single port `80` or range `80-81` range. @@ -409,6 +489,26 @@ func (o ResourceConfigurationOutput) Arn() pulumi.StringOutput { return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) } +// Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain. +func (o ResourceConfigurationOutput) CustomDomainName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringPtrOutput { return v.CustomDomainName }).(pulumi.StringPtrOutput) +} + +// ARN of the domain verification. +func (o ResourceConfigurationOutput) DomainVerificationArn() pulumi.StringOutput { + return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringOutput { return v.DomainVerificationArn }).(pulumi.StringOutput) +} + +// The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself. +func (o ResourceConfigurationOutput) DomainVerificationId() pulumi.StringOutput { + return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringOutput { return v.DomainVerificationId }).(pulumi.StringOutput) +} + +// Domain verification status. +func (o ResourceConfigurationOutput) DomainVerificationStatus() pulumi.StringOutput { + return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringOutput { return v.DomainVerificationStatus }).(pulumi.StringOutput) +} + // Name for the Resource Configuration. func (o ResourceConfigurationOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *ResourceConfiguration) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) diff --git a/sdk/java/src/main/java/com/pulumi/aws/Config.java b/sdk/java/src/main/java/com/pulumi/aws/Config.java index 9915666795f..236674a7c35 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/Config.java +++ b/sdk/java/src/main/java/com/pulumi/aws/Config.java @@ -212,6 +212,13 @@ public Optional skipRequestingAccountId() { public Optional stsRegion() { return Codegen.stringProp("stsRegion").config(config).get(); } +/** + * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + */ + public Optional tagPolicyCompliance() { + return Codegen.stringProp("tagPolicyCompliance").config(config).get(); + } /** * session token. A session token is only required if you are * using temporary security credentials. diff --git a/sdk/java/src/main/java/com/pulumi/aws/Provider.java b/sdk/java/src/main/java/com/pulumi/aws/Provider.java index 03bf195b192..41d9fc1d756 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/Provider.java +++ b/sdk/java/src/main/java/com/pulumi/aws/Provider.java @@ -215,6 +215,20 @@ public Output> secretKey() { public Output> stsRegion() { return Codegen.optional(this.stsRegion); } + /** + * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + */ + @Export(name="tagPolicyCompliance", refs={String.class}, tree="[0]") + private Output tagPolicyCompliance; + + /** + * @return The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + */ + public Output> tagPolicyCompliance() { + return Codegen.optional(this.tagPolicyCompliance); + } /** * session token. A session token is only required if you are * using temporary security credentials. diff --git a/sdk/java/src/main/java/com/pulumi/aws/ProviderArgs.java b/sdk/java/src/main/java/com/pulumi/aws/ProviderArgs.java index 2b1d75d47a7..d3cd183d8d9 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ProviderArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ProviderArgs.java @@ -439,6 +439,21 @@ public Optional> stsRegion() { return Optional.ofNullable(this.stsRegion); } + /** + * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + */ + @Import(name="tagPolicyCompliance") + private @Nullable Output tagPolicyCompliance; + + /** + * @return The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + */ + public Optional> tagPolicyCompliance() { + return Optional.ofNullable(this.tagPolicyCompliance); + } + /** * session token. A session token is only required if you are * using temporary security credentials. @@ -533,6 +548,7 @@ private ProviderArgs(ProviderArgs $) { this.skipRegionValidation = $.skipRegionValidation; this.skipRequestingAccountId = $.skipRequestingAccountId; this.stsRegion = $.stsRegion; + this.tagPolicyCompliance = $.tagPolicyCompliance; this.token = $.token; this.tokenBucketRateLimiterCapacity = $.tokenBucketRateLimiterCapacity; this.useDualstackEndpoint = $.useDualstackEndpoint; @@ -1162,6 +1178,27 @@ public Builder stsRegion(String stsRegion) { return stsRegion(Output.of(stsRegion)); } + /** + * @param tagPolicyCompliance The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + * @return builder + * + */ + public Builder tagPolicyCompliance(@Nullable Output tagPolicyCompliance) { + $.tagPolicyCompliance = tagPolicyCompliance; + return this; + } + + /** + * @param tagPolicyCompliance The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable. + * + * @return builder + * + */ + public Builder tagPolicyCompliance(String tagPolicyCompliance) { + return tagPolicyCompliance(Output.of(tagPolicyCompliance)); + } + /** * @param token session token. A session token is only required if you are * using temporary security credentials. diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/Listener.java b/sdk/java/src/main/java/com/pulumi/aws/alb/Listener.java index dd100eca49f..639b5bc2657 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/alb/Listener.java +++ b/sdk/java/src/main/java/com/pulumi/aws/alb/Listener.java @@ -400,6 +400,70 @@ * } * * + * ### JWT Validation Action + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.lb.Listener;
+ * import com.pulumi.aws.lb.ListenerArgs;
+ * import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
+ * import com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var test = new Listener("test", ListenerArgs.builder()
+ *             .loadBalancerArn(testAwsLb.id())
+ *             .protocol("HTTPS")
+ *             .port(443)
+ *             .sslPolicy("ELBSecurityPolicy-2016-08")
+ *             .certificateArn(testAwsIamServerCertificate.arn())
+ *             .defaultActions(            
+ *                 ListenerDefaultActionArgs.builder()
+ *                     .type("jwt-validation")
+ *                     .jwtValidation(ListenerDefaultActionJwtValidationArgs.builder()
+ *                         .issuer("https://example.com")
+ *                         .jwksEndpoint("https://example.com/.well-known/jwks.json")
+ *                         .additionalClaims(                        
+ *                             ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()
+ *                                 .format("string-array")
+ *                                 .name("claim_name1")
+ *                                 .values(                                
+ *                                     "value1",
+ *                                     "value2")
+ *                                 .build(),
+ *                             ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()
+ *                                 .format("single-string")
+ *                                 .name("claim_name2")
+ *                                 .values("value1")
+ *                                 .build())
+ *                         .build())
+ *                     .build(),
+ *                 ListenerDefaultActionArgs.builder()
+ *                     .targetGroupArn(testAwsLbTargetGroup.id())
+ *                     .type("forward")
+ *                     .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ### Gateway Load Balancer Listener * * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/ListenerRule.java b/sdk/java/src/main/java/com/pulumi/aws/alb/ListenerRule.java
index fe6dd7a85bd..d24f2531d6f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/ListenerRule.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/ListenerRule.java
@@ -26,258 +26,6 @@
  * 
  * > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.
  * 
- * ## Example Usage
- * 
- * 
- * {@code
- * package generated_program;
- * 
- * import com.pulumi.Context;
- * import com.pulumi.Pulumi;
- * import com.pulumi.core.Output;
- * import com.pulumi.aws.lb.LoadBalancer;
- * import com.pulumi.aws.lb.Listener;
- * import com.pulumi.aws.lb.ListenerRule;
- * import com.pulumi.aws.lb.ListenerRuleArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
- * import com.pulumi.aws.cognito.UserPool;
- * import com.pulumi.aws.cognito.UserPoolClient;
- * import com.pulumi.aws.cognito.UserPoolDomain;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs;
- * import java.util.List;
- * import java.util.ArrayList;
- * import java.util.Map;
- * import java.io.File;
- * import java.nio.file.Files;
- * import java.nio.file.Paths;
- * 
- * public class App {
- *     public static void main(String[] args) {
- *         Pulumi.run(App::stack);
- *     }
- * 
- *     public static void stack(Context ctx) {
- *         var frontEnd = new LoadBalancer("frontEnd");
- * 
- *         var frontEndListener = new Listener("frontEndListener");
- * 
- *         var static_ = new ListenerRule("static", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(100)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(            
- *                 ListenerRuleConditionArgs.builder()
- *                     .pathPattern(ListenerRuleConditionPathPatternArgs.builder()
- *                         .values("/static/*")
- *                         .build())
- *                     .build(),
- *                 ListenerRuleConditionArgs.builder()
- *                     .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                         .values("example.com")
- *                         .build())
- *                     .build())
- *             .build());
- * 
- *         // Forward action
- *         var hostBasedWeightedRouting = new ListenerRule("hostBasedWeightedRouting", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(99)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                     .values("my-service.*.mycompany.io")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Weighted Forward action
- *         var hostBasedRouting = new ListenerRule("hostBasedRouting", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(99)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .forward(ListenerRuleActionForwardArgs.builder()
- *                     .targetGroups(                    
- *                         ListenerRuleActionForwardTargetGroupArgs.builder()
- *                             .arn(main.arn())
- *                             .weight(80)
- *                             .build(),
- *                         ListenerRuleActionForwardTargetGroupArgs.builder()
- *                             .arn(canary.arn())
- *                             .weight(20)
- *                             .build())
- *                     .stickiness(ListenerRuleActionForwardStickinessArgs.builder()
- *                         .enabled(true)
- *                         .duration(600)
- *                         .build())
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                     .values("my-service.*.mycompany.io")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Redirect action
- *         var redirectHttpToHttps = new ListenerRule("redirectHttpToHttps", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("redirect")
- *                 .redirect(ListenerRuleActionRedirectArgs.builder()
- *                     .port("443")
- *                     .protocol("HTTPS")
- *                     .statusCode("HTTP_301")
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
- *                     .httpHeaderName("X-Forwarded-For")
- *                     .values("192.168.1.*")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Fixed-response action
- *         var healthCheck = new ListenerRule("healthCheck", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("fixed-response")
- *                 .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
- *                     .contentType("text/plain")
- *                     .messageBody("HEALTHY")
- *                     .statusCode("200")
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .queryStrings(                
- *                     ListenerRuleConditionQueryStringArgs.builder()
- *                         .key("health")
- *                         .value("check")
- *                         .build(),
- *                     ListenerRuleConditionQueryStringArgs.builder()
- *                         .value("bar")
- *                         .build())
- *                 .build())
- *             .build());
- * 
- *         // Authenticate-cognito Action
- *         var pool = new UserPool("pool");
- * 
- *         var client = new UserPoolClient("client");
- * 
- *         var domain = new UserPoolDomain("domain");
- * 
- *         var admin = new ListenerRule("admin", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(            
- *                 ListenerRuleActionArgs.builder()
- *                     .type("authenticate-cognito")
- *                     .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
- *                         .userPoolArn(pool.arn())
- *                         .userPoolClientId(client.id())
- *                         .userPoolDomain(domain.domain())
- *                         .build())
- *                     .build(),
- *                 ListenerRuleActionArgs.builder()
- *                     .type("forward")
- *                     .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                     .build())
- *             .build());
- * 
- *         // Authenticate-oidc Action
- *         var oidc = new ListenerRule("oidc", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(            
- *                 ListenerRuleActionArgs.builder()
- *                     .type("authenticate-oidc")
- *                     .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
- *                         .authorizationEndpoint("https://example.com/authorization_endpoint")
- *                         .clientId("client_id")
- *                         .clientSecret("client_secret")
- *                         .issuer("https://example.com")
- *                         .tokenEndpoint("https://example.com/token_endpoint")
- *                         .userInfoEndpoint("https://example.com/user_info_endpoint")
- *                         .build())
- *                     .build(),
- *                 ListenerRuleActionArgs.builder()
- *                     .type("forward")
- *                     .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                     .build())
- *             .build());
- * 
- *         // With transform
- *         var transform = new ListenerRule("transform", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .pathPattern(ListenerRuleConditionPathPatternArgs.builder()
- *                     .values("*")
- *                     .build())
- *                 .build())
- *             .transforms(            
- *                 ListenerRuleTransformArgs.builder()
- *                     .type("host-header-rewrite")
- *                     .hostHeaderRewriteConfig(ListenerRuleTransformHostHeaderRewriteConfigArgs.builder()
- *                         .rewrite(ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs.builder()
- *                             .regex("^mywebsite-(.+).com$")
- *                             .replace("internal.dev.$1.myweb.com")
- *                             .build())
- *                         .build())
- *                     .build(),
- *                 ListenerRuleTransformArgs.builder()
- *                     .type("url-rewrite")
- *                     .urlRewriteConfig(ListenerRuleTransformUrlRewriteConfigArgs.builder()
- *                         .rewrite(ListenerRuleTransformUrlRewriteConfigRewriteArgs.builder()
- *                             .regex("^/dp/([A-Za-z0-9]+)/?$")
- *                             .replace("/product.php?id=$1")
- *                             .build())
- *                         .build())
- *                     .build())
- *             .build());
- * 
- *     }
- * }
- * }
- * 

- * 
- * ## Import
- * 
- * ### Identity Schema
- * 
- * #### Required
- * 
- * - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
- * 
- * Using `pulumi import`, import rules using their ARN. For example:
- * 
- * console
- * 
- * % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
- * 
  */
 @ResourceType(type="aws:alb/listenerRule:ListenerRule")
 public class ListenerRule extends com.pulumi.resources.CustomResource {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionArgs.java
index 70be9146f32..9b8737925d0 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionArgs.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.alb.inputs.ListenerDefaultActionAuthenticateOidcArgs;
 import com.pulumi.aws.alb.inputs.ListenerDefaultActionFixedResponseArgs;
 import com.pulumi.aws.alb.inputs.ListenerDefaultActionForwardArgs;
+import com.pulumi.aws.alb.inputs.ListenerDefaultActionJwtValidationArgs;
 import com.pulumi.aws.alb.inputs.ListenerDefaultActionRedirectArgs;
 import com.pulumi.core.Output;
 import com.pulumi.core.annotations.Import;
@@ -82,6 +83,21 @@ public Optional> forward() {
         return Optional.ofNullable(this.forward);
     }
 
+    /**
+     * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    @Import(name="jwtValidation")
+    private @Nullable Output jwtValidation;
+
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional> jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
+
     /**
      * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -128,7 +144,7 @@ public Optional> targetGroupArn() {
     }
 
     /**
-     * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -137,7 +153,7 @@ public Optional> targetGroupArn() {
     private Output type;
 
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -153,6 +169,7 @@ private ListenerDefaultActionArgs(ListenerDefaultActionArgs $) {
         this.authenticateOidc = $.authenticateOidc;
         this.fixedResponse = $.fixedResponse;
         this.forward = $.forward;
+        this.jwtValidation = $.jwtValidation;
         this.order = $.order;
         this.redirect = $.redirect;
         this.targetGroupArn = $.targetGroupArn;
@@ -261,6 +278,27 @@ public Builder forward(ListenerDefaultActionForwardArgs forward) {
             return forward(Output.of(forward));
         }
 
+        /**
+         * @param jwtValidation Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(@Nullable Output jwtValidation) {
+            $.jwtValidation = jwtValidation;
+            return this;
+        }
+
+        /**
+         * @param jwtValidation Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(ListenerDefaultActionJwtValidationArgs jwtValidation) {
+            return jwtValidation(Output.of(jwtValidation));
+        }
+
         /**
          * @param order Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          * 
@@ -325,7 +363,7 @@ public Builder targetGroupArn(String targetGroupArn) {
         }
 
         /**
-         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * The following arguments are optional:
          * 
@@ -338,7 +376,7 @@ public Builder type(Output type) {
         }
 
         /**
-         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * The following arguments are optional:
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java
new file mode 100644
index 00000000000..b510679b593
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class ListenerDefaultActionJwtValidationAdditionalClaimArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerDefaultActionJwtValidationAdditionalClaimArgs Empty = new ListenerDefaultActionJwtValidationAdditionalClaimArgs();
+
+    /**
+     * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    @Import(name="format", required=true)
+    private Output format;
+
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public Output format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    @Import(name="name", required=true)
+    private Output name;
+
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public Output name() {
+        return this.name;
+    }
+
+    /**
+     * List of expected values of the claim.
+     * 
+     */
+    @Import(name="values", required=true)
+    private Output> values;
+
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public Output> values() {
+        return this.values;
+    }
+
+    private ListenerDefaultActionJwtValidationAdditionalClaimArgs() {}
+
+    private ListenerDefaultActionJwtValidationAdditionalClaimArgs(ListenerDefaultActionJwtValidationAdditionalClaimArgs $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerDefaultActionJwtValidationAdditionalClaimArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerDefaultActionJwtValidationAdditionalClaimArgs $;
+
+        public Builder() {
+            $ = new ListenerDefaultActionJwtValidationAdditionalClaimArgs();
+        }
+
+        public Builder(ListenerDefaultActionJwtValidationAdditionalClaimArgs defaults) {
+            $ = new ListenerDefaultActionJwtValidationAdditionalClaimArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(Output format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            return format(Output.of(format));
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(Output name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            return name(Output.of(name));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(Output> values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            return values(Output.of(values));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public ListenerDefaultActionJwtValidationAdditionalClaimArgs build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationArgs.java
new file mode 100644
index 00000000000..4e34857bbd3
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerDefaultActionJwtValidationArgs.java
@@ -0,0 +1,184 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.inputs;
+
+import com.pulumi.aws.alb.inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs;
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class ListenerDefaultActionJwtValidationArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerDefaultActionJwtValidationArgs Empty = new ListenerDefaultActionJwtValidationArgs();
+
+    /**
+     * Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable Output> additionalClaims;
+
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public Optional>> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private Output issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public Output issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private Output jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    public Output jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private ListenerDefaultActionJwtValidationArgs() {}
+
+    private ListenerDefaultActionJwtValidationArgs(ListenerDefaultActionJwtValidationArgs $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerDefaultActionJwtValidationArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerDefaultActionJwtValidationArgs $;
+
+        public Builder() {
+            $ = new ListenerDefaultActionJwtValidationArgs();
+        }
+
+        public Builder(ListenerDefaultActionJwtValidationArgs defaults) {
+            $ = new ListenerDefaultActionJwtValidationArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable Output> additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(List additionalClaims) {
+            return additionalClaims(Output.of(additionalClaims));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(ListenerDefaultActionJwtValidationAdditionalClaimArgs... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(Output issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            return issuer(Output.of(issuer));
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(Output jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            return jwksEndpoint(Output.of(jwksEndpoint));
+        }
+
+        public ListenerDefaultActionJwtValidationArgs build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationArgs", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationArgs", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionArgs.java
index 0cc55e48d0d..2f9d0f855d2 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionArgs.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.alb.inputs.ListenerRuleActionAuthenticateOidcArgs;
 import com.pulumi.aws.alb.inputs.ListenerRuleActionFixedResponseArgs;
 import com.pulumi.aws.alb.inputs.ListenerRuleActionForwardArgs;
+import com.pulumi.aws.alb.inputs.ListenerRuleActionJwtValidationArgs;
 import com.pulumi.aws.alb.inputs.ListenerRuleActionRedirectArgs;
 import com.pulumi.core.Output;
 import com.pulumi.core.annotations.Import;
@@ -86,6 +87,21 @@ public Optional> forward() {
         return Optional.ofNullable(this.forward);
     }
 
+    /**
+     * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    @Import(name="jwtValidation")
+    private @Nullable Output jwtValidation;
+
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional> jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
+
     /**
      * Order for the action.
      * The action with the lowest value for order is performed first.
@@ -144,14 +160,14 @@ public Optional> targetGroupArn() {
     }
 
     /**
-     * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     @Import(name="type", required=true)
     private Output type;
 
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     public Output type() {
@@ -165,6 +181,7 @@ private ListenerRuleActionArgs(ListenerRuleActionArgs $) {
         this.authenticateOidc = $.authenticateOidc;
         this.fixedResponse = $.fixedResponse;
         this.forward = $.forward;
+        this.jwtValidation = $.jwtValidation;
         this.order = $.order;
         this.redirect = $.redirect;
         this.targetGroupArn = $.targetGroupArn;
@@ -277,6 +294,27 @@ public Builder forward(ListenerRuleActionForwardArgs forward) {
             return forward(Output.of(forward));
         }
 
+        /**
+         * @param jwtValidation Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(@Nullable Output jwtValidation) {
+            $.jwtValidation = jwtValidation;
+            return this;
+        }
+
+        /**
+         * @param jwtValidation Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(ListenerRuleActionJwtValidationArgs jwtValidation) {
+            return jwtValidation(Output.of(jwtValidation));
+        }
+
         /**
          * @param order Order for the action.
          * The action with the lowest value for order is performed first.
@@ -353,7 +391,7 @@ public Builder targetGroupArn(String targetGroupArn) {
         }
 
         /**
-         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * @return builder
          * 
@@ -364,7 +402,7 @@ public Builder type(Output type) {
         }
 
         /**
-         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java
new file mode 100644
index 00000000000..019d3ad32ba
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class ListenerRuleActionJwtValidationAdditionalClaimArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerRuleActionJwtValidationAdditionalClaimArgs Empty = new ListenerRuleActionJwtValidationAdditionalClaimArgs();
+
+    /**
+     * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    @Import(name="format", required=true)
+    private Output format;
+
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public Output format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    @Import(name="name", required=true)
+    private Output name;
+
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public Output name() {
+        return this.name;
+    }
+
+    /**
+     * List of expected values of the claim.
+     * 
+     */
+    @Import(name="values", required=true)
+    private Output> values;
+
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public Output> values() {
+        return this.values;
+    }
+
+    private ListenerRuleActionJwtValidationAdditionalClaimArgs() {}
+
+    private ListenerRuleActionJwtValidationAdditionalClaimArgs(ListenerRuleActionJwtValidationAdditionalClaimArgs $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerRuleActionJwtValidationAdditionalClaimArgs $;
+
+        public Builder() {
+            $ = new ListenerRuleActionJwtValidationAdditionalClaimArgs();
+        }
+
+        public Builder(ListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+            $ = new ListenerRuleActionJwtValidationAdditionalClaimArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(Output format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            return format(Output.of(format));
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(Output name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            return name(Output.of(name));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(Output> values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            return values(Output.of(values));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public ListenerRuleActionJwtValidationAdditionalClaimArgs build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationArgs.java
new file mode 100644
index 00000000000..93b16f6846a
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/inputs/ListenerRuleActionJwtValidationArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.inputs;
+
+import com.pulumi.aws.alb.inputs.ListenerRuleActionJwtValidationAdditionalClaimArgs;
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class ListenerRuleActionJwtValidationArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerRuleActionJwtValidationArgs Empty = new ListenerRuleActionJwtValidationArgs();
+
+    /**
+     * Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable Output> additionalClaims;
+
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public Optional>> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private Output issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public Output issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private Output jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    public Output jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private ListenerRuleActionJwtValidationArgs() {}
+
+    private ListenerRuleActionJwtValidationArgs(ListenerRuleActionJwtValidationArgs $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerRuleActionJwtValidationArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerRuleActionJwtValidationArgs $;
+
+        public Builder() {
+            $ = new ListenerRuleActionJwtValidationArgs();
+        }
+
+        public Builder(ListenerRuleActionJwtValidationArgs defaults) {
+            $ = new ListenerRuleActionJwtValidationArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable Output> additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(List additionalClaims) {
+            return additionalClaims(Output.of(additionalClaims));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(ListenerRuleActionJwtValidationAdditionalClaimArgs... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(Output issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            return issuer(Output.of(issuer));
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(Output jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            return jwksEndpoint(Output.of(jwksEndpoint));
+        }
+
+        public ListenerRuleActionJwtValidationArgs build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationArgs", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationArgs", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultAction.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultAction.java
index 1bf34a42a0e..c69bade560c 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.alb.outputs.GetListenerDefaultActionAuthenticateOidc;
 import com.pulumi.aws.alb.outputs.GetListenerDefaultActionFixedResponse;
 import com.pulumi.aws.alb.outputs.GetListenerDefaultActionForward;
+import com.pulumi.aws.alb.outputs.GetListenerDefaultActionJwtValidation;
 import com.pulumi.aws.alb.outputs.GetListenerDefaultActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -21,6 +22,7 @@ public final class GetListenerDefaultAction {
     private List authenticateOidcs;
     private List fixedResponses;
     private List forwards;
+    private List jwtValidations;
     private Integer order;
     private List redirects;
     private String targetGroupArn;
@@ -39,6 +41,9 @@ public List fixedResponses() {
     public List forwards() {
         return this.forwards;
     }
+    public List jwtValidations() {
+        return this.jwtValidations;
+    }
     public Integer order() {
         return this.order;
     }
@@ -65,6 +70,7 @@ public static final class Builder {
         private List authenticateOidcs;
         private List fixedResponses;
         private List forwards;
+        private List jwtValidations;
         private Integer order;
         private List redirects;
         private String targetGroupArn;
@@ -76,6 +82,7 @@ public Builder(GetListenerDefaultAction defaults) {
     	      this.authenticateOidcs = defaults.authenticateOidcs;
     	      this.fixedResponses = defaults.fixedResponses;
     	      this.forwards = defaults.forwards;
+    	      this.jwtValidations = defaults.jwtValidations;
     	      this.order = defaults.order;
     	      this.redirects = defaults.redirects;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -127,6 +134,17 @@ public Builder forwards(GetListenerDefaultActionForward... forwards) {
             return forwards(List.of(forwards));
         }
         @CustomType.Setter
+        public Builder jwtValidations(List jwtValidations) {
+            if (jwtValidations == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultAction", "jwtValidations");
+            }
+            this.jwtValidations = jwtValidations;
+            return this;
+        }
+        public Builder jwtValidations(GetListenerDefaultActionJwtValidation... jwtValidations) {
+            return jwtValidations(List.of(jwtValidations));
+        }
+        @CustomType.Setter
         public Builder order(Integer order) {
             if (order == null) {
               throw new MissingRequiredPropertyException("GetListenerDefaultAction", "order");
@@ -167,6 +185,7 @@ public GetListenerDefaultAction build() {
             _resultValue.authenticateOidcs = authenticateOidcs;
             _resultValue.fixedResponses = fixedResponses;
             _resultValue.forwards = forwards;
+            _resultValue.jwtValidations = jwtValidations;
             _resultValue.order = order;
             _resultValue.redirects = redirects;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidation.java
new file mode 100644
index 00000000000..65e8d4eed94
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidation.java
@@ -0,0 +1,85 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.aws.alb.outputs.GetListenerDefaultActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class GetListenerDefaultActionJwtValidation {
+    private List additionalClaims;
+    private String issuer;
+    private String jwksEndpoint;
+
+    private GetListenerDefaultActionJwtValidation() {}
+    public List additionalClaims() {
+        return this.additionalClaims;
+    }
+    public String issuer() {
+        return this.issuer;
+    }
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerDefaultActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(GetListenerDefaultActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(List additionalClaims) {
+            if (additionalClaims == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "additionalClaims");
+            }
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(GetListenerDefaultActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public GetListenerDefaultActionJwtValidation build() {
+            final var _resultValue = new GetListenerDefaultActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..2c4e9932126
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,84 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class GetListenerDefaultActionJwtValidationAdditionalClaim {
+    private String format;
+    private String name;
+    private List values;
+
+    private GetListenerDefaultActionJwtValidationAdditionalClaim() {}
+    public String format() {
+        return this.format;
+    }
+    public String name() {
+        return this.name;
+    }
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(GetListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public GetListenerDefaultActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new GetListenerDefaultActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultAction.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultAction.java
index 42907730447..4af22c5eb7c 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.alb.outputs.ListenerDefaultActionAuthenticateOidc;
 import com.pulumi.aws.alb.outputs.ListenerDefaultActionFixedResponse;
 import com.pulumi.aws.alb.outputs.ListenerDefaultActionForward;
+import com.pulumi.aws.alb.outputs.ListenerDefaultActionJwtValidation;
 import com.pulumi.aws.alb.outputs.ListenerDefaultActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -38,6 +39,11 @@ public final class ListenerDefaultAction {
      * 
      */
     private @Nullable ListenerDefaultActionForward forward;
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    private @Nullable ListenerDefaultActionJwtValidation jwtValidation;
     /**
      * @return Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -54,7 +60,7 @@ public final class ListenerDefaultAction {
      */
     private @Nullable String targetGroupArn;
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -90,6 +96,13 @@ public Optional fixedResponse() {
     public Optional forward() {
         return Optional.ofNullable(this.forward);
     }
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
     /**
      * @return Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -112,7 +125,7 @@ public Optional targetGroupArn() {
         return Optional.ofNullable(this.targetGroupArn);
     }
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -134,6 +147,7 @@ public static final class Builder {
         private @Nullable ListenerDefaultActionAuthenticateOidc authenticateOidc;
         private @Nullable ListenerDefaultActionFixedResponse fixedResponse;
         private @Nullable ListenerDefaultActionForward forward;
+        private @Nullable ListenerDefaultActionJwtValidation jwtValidation;
         private @Nullable Integer order;
         private @Nullable ListenerDefaultActionRedirect redirect;
         private @Nullable String targetGroupArn;
@@ -145,6 +159,7 @@ public Builder(ListenerDefaultAction defaults) {
     	      this.authenticateOidc = defaults.authenticateOidc;
     	      this.fixedResponse = defaults.fixedResponse;
     	      this.forward = defaults.forward;
+    	      this.jwtValidation = defaults.jwtValidation;
     	      this.order = defaults.order;
     	      this.redirect = defaults.redirect;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -176,6 +191,12 @@ public Builder forward(@Nullable ListenerDefaultActionForward forward) {
             return this;
         }
         @CustomType.Setter
+        public Builder jwtValidation(@Nullable ListenerDefaultActionJwtValidation jwtValidation) {
+
+            this.jwtValidation = jwtValidation;
+            return this;
+        }
+        @CustomType.Setter
         public Builder order(@Nullable Integer order) {
 
             this.order = order;
@@ -207,6 +228,7 @@ public ListenerDefaultAction build() {
             _resultValue.authenticateOidc = authenticateOidc;
             _resultValue.fixedResponse = fixedResponse;
             _resultValue.forward = forward;
+            _resultValue.jwtValidation = jwtValidation;
             _resultValue.order = order;
             _resultValue.redirect = redirect;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidation.java
new file mode 100644
index 00000000000..f96752b80b2
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidation.java
@@ -0,0 +1,112 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.aws.alb.outputs.ListenerDefaultActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.Nullable;
+
+@CustomType
+public final class ListenerDefaultActionJwtValidation {
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    private @Nullable List additionalClaims;
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    private String issuer;
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    private String jwksEndpoint;
+
+    private ListenerDefaultActionJwtValidation() {}
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public List additionalClaims() {
+        return this.additionalClaims == null ? List.of() : this.additionalClaims;
+    }
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerDefaultActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private @Nullable List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(ListenerDefaultActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(ListenerDefaultActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public ListenerDefaultActionJwtValidation build() {
+            final var _resultValue = new ListenerDefaultActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..d02ab16cda3
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class ListenerDefaultActionJwtValidationAdditionalClaim {
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    private String format;
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    private String name;
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    private List values;
+
+    private ListenerDefaultActionJwtValidationAdditionalClaim() {}
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(ListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public ListenerDefaultActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new ListenerDefaultActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleAction.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleAction.java
index 4bc63e8d89a..d19d43eee5f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.alb.outputs.ListenerRuleActionAuthenticateOidc;
 import com.pulumi.aws.alb.outputs.ListenerRuleActionFixedResponse;
 import com.pulumi.aws.alb.outputs.ListenerRuleActionForward;
+import com.pulumi.aws.alb.outputs.ListenerRuleActionJwtValidation;
 import com.pulumi.aws.alb.outputs.ListenerRuleActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -40,6 +41,11 @@ public final class ListenerRuleAction {
      * 
      */
     private @Nullable ListenerRuleActionForward forward;
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    private @Nullable ListenerRuleActionJwtValidation jwtValidation;
     /**
      * @return Order for the action.
      * The action with the lowest value for order is performed first.
@@ -62,7 +68,7 @@ public final class ListenerRuleAction {
      */
     private @Nullable String targetGroupArn;
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     private String type;
@@ -98,6 +104,13 @@ public Optional fixedResponse() {
     public Optional forward() {
         return Optional.ofNullable(this.forward);
     }
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
     /**
      * @return Order for the action.
      * The action with the lowest value for order is performed first.
@@ -126,7 +139,7 @@ public Optional targetGroupArn() {
         return Optional.ofNullable(this.targetGroupArn);
     }
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     public String type() {
@@ -146,6 +159,7 @@ public static final class Builder {
         private @Nullable ListenerRuleActionAuthenticateOidc authenticateOidc;
         private @Nullable ListenerRuleActionFixedResponse fixedResponse;
         private @Nullable ListenerRuleActionForward forward;
+        private @Nullable ListenerRuleActionJwtValidation jwtValidation;
         private @Nullable Integer order;
         private @Nullable ListenerRuleActionRedirect redirect;
         private @Nullable String targetGroupArn;
@@ -157,6 +171,7 @@ public Builder(ListenerRuleAction defaults) {
     	      this.authenticateOidc = defaults.authenticateOidc;
     	      this.fixedResponse = defaults.fixedResponse;
     	      this.forward = defaults.forward;
+    	      this.jwtValidation = defaults.jwtValidation;
     	      this.order = defaults.order;
     	      this.redirect = defaults.redirect;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -188,6 +203,12 @@ public Builder forward(@Nullable ListenerRuleActionForward forward) {
             return this;
         }
         @CustomType.Setter
+        public Builder jwtValidation(@Nullable ListenerRuleActionJwtValidation jwtValidation) {
+
+            this.jwtValidation = jwtValidation;
+            return this;
+        }
+        @CustomType.Setter
         public Builder order(@Nullable Integer order) {
 
             this.order = order;
@@ -219,6 +240,7 @@ public ListenerRuleAction build() {
             _resultValue.authenticateOidc = authenticateOidc;
             _resultValue.fixedResponse = fixedResponse;
             _resultValue.forward = forward;
+            _resultValue.jwtValidation = jwtValidation;
             _resultValue.order = order;
             _resultValue.redirect = redirect;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidation.java
new file mode 100644
index 00000000000..b5d148642de
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidation.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.aws.alb.outputs.ListenerRuleActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.Nullable;
+
+@CustomType
+public final class ListenerRuleActionJwtValidation {
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    private @Nullable List additionalClaims;
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    private String issuer;
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    private String jwksEndpoint;
+
+    private ListenerRuleActionJwtValidation() {}
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public List additionalClaims() {
+        return this.additionalClaims == null ? List.of() : this.additionalClaims;
+    }
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerRuleActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private @Nullable List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(ListenerRuleActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(ListenerRuleActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public ListenerRuleActionJwtValidation build() {
+            final var _resultValue = new ListenerRuleActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..03c1e8b39a9
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/alb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.alb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class ListenerRuleActionJwtValidationAdditionalClaim {
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    private String format;
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    private String name;
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    private List values;
+
+    private ListenerRuleActionJwtValidationAdditionalClaim() {}
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerRuleActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(ListenerRuleActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public ListenerRuleActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new ListenerRuleActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.java b/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.java
index c6ceebf3eb0..8d52e62ff4f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/QueryLoggingConfigurationDestinationCloudwatchLogsArgs.java
@@ -15,14 +15,14 @@ public final class QueryLoggingConfigurationDestinationCloudwatchLogsArgs extend
     public static final QueryLoggingConfigurationDestinationCloudwatchLogsArgs Empty = new QueryLoggingConfigurationDestinationCloudwatchLogsArgs();
 
     /**
-     * The ARN of the CloudWatch log group to which query logs will be sent.
+     * The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
      * 
      */
     @Import(name="logGroupArn", required=true)
     private Output logGroupArn;
 
     /**
-     * @return The ARN of the CloudWatch log group to which query logs will be sent.
+     * @return The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
      * 
      */
     public Output logGroupArn() {
@@ -54,7 +54,7 @@ public Builder(QueryLoggingConfigurationDestinationCloudwatchLogsArgs defaults)
         }
 
         /**
-         * @param logGroupArn The ARN of the CloudWatch log group to which query logs will be sent.
+         * @param logGroupArn The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
          * 
          * @return builder
          * 
@@ -65,7 +65,7 @@ public Builder logGroupArn(Output logGroupArn) {
         }
 
         /**
-         * @param logGroupArn The ARN of the CloudWatch log group to which query logs will be sent.
+         * @param logGroupArn The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/WorkspaceLoggingConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/WorkspaceLoggingConfigurationArgs.java
index dd410550d8d..9c4523956c9 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/WorkspaceLoggingConfigurationArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/amp/inputs/WorkspaceLoggingConfigurationArgs.java
@@ -15,14 +15,14 @@ public final class WorkspaceLoggingConfigurationArgs extends com.pulumi.resource
     public static final WorkspaceLoggingConfigurationArgs Empty = new WorkspaceLoggingConfigurationArgs();
 
     /**
-     * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+     * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
      * 
      */
     @Import(name="logGroupArn", required=true)
     private Output logGroupArn;
 
     /**
-     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
      * 
      */
     public Output logGroupArn() {
@@ -54,7 +54,7 @@ public Builder(WorkspaceLoggingConfigurationArgs defaults) {
         }
 
         /**
-         * @param logGroupArn The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+         * @param logGroupArn The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
          * 
          * @return builder
          * 
@@ -65,7 +65,7 @@ public Builder logGroupArn(Output logGroupArn) {
         }
 
         /**
-         * @param logGroupArn The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+         * @param logGroupArn The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.java b/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.java
index ed1c24f88ce..e22a839ff20 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/QueryLoggingConfigurationDestinationCloudwatchLogs.java
@@ -11,14 +11,14 @@
 @CustomType
 public final class QueryLoggingConfigurationDestinationCloudwatchLogs {
     /**
-     * @return The ARN of the CloudWatch log group to which query logs will be sent.
+     * @return The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
      * 
      */
     private String logGroupArn;
 
     private QueryLoggingConfigurationDestinationCloudwatchLogs() {}
     /**
-     * @return The ARN of the CloudWatch log group to which query logs will be sent.
+     * @return The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
      * 
      */
     public String logGroupArn() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/WorkspaceLoggingConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/WorkspaceLoggingConfiguration.java
index 0c7e7abd29d..c6865034a55 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/WorkspaceLoggingConfiguration.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/amp/outputs/WorkspaceLoggingConfiguration.java
@@ -11,14 +11,14 @@
 @CustomType
 public final class WorkspaceLoggingConfiguration {
     /**
-     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
      * 
      */
     private String logGroupArn;
 
     private WorkspaceLoggingConfiguration() {}
     /**
-     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+     * @return The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
      * 
      */
     public String logGroupArn() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVault.java b/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVault.java
index 5a5d56718d7..96dd26537f2 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVault.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVault.java
@@ -82,6 +82,20 @@ public class LogicallyAirGappedVault extends com.pulumi.resources.CustomResource
     public Output arn() {
         return this.arn;
     }
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    @Export(name="encryptionKeyArn", refs={String.class}, tree="[0]")
+    private Output encryptionKeyArn;
+
+    /**
+     * @return The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    public Output encryptionKeyArn() {
+        return this.encryptionKeyArn;
+    }
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVaultArgs.java b/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVaultArgs.java
index f33dbd37b64..66f3f2b2176 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVaultArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/backup/LogicallyAirGappedVaultArgs.java
@@ -19,6 +19,21 @@ public final class LogicallyAirGappedVaultArgs extends com.pulumi.resources.Reso
 
     public static final LogicallyAirGappedVaultArgs Empty = new LogicallyAirGappedVaultArgs();
 
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    @Import(name="encryptionKeyArn")
+    private @Nullable Output encryptionKeyArn;
+
+    /**
+     * @return The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    public Optional> encryptionKeyArn() {
+        return Optional.ofNullable(this.encryptionKeyArn);
+    }
+
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      * 
@@ -104,6 +119,7 @@ public Optional> timeouts() {
     private LogicallyAirGappedVaultArgs() {}
 
     private LogicallyAirGappedVaultArgs(LogicallyAirGappedVaultArgs $) {
+        this.encryptionKeyArn = $.encryptionKeyArn;
         this.maxRetentionDays = $.maxRetentionDays;
         this.minRetentionDays = $.minRetentionDays;
         this.name = $.name;
@@ -130,6 +146,27 @@ public Builder(LogicallyAirGappedVaultArgs defaults) {
             $ = new LogicallyAirGappedVaultArgs(Objects.requireNonNull(defaults));
         }
 
+        /**
+         * @param encryptionKeyArn The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder encryptionKeyArn(@Nullable Output encryptionKeyArn) {
+            $.encryptionKeyArn = encryptionKeyArn;
+            return this;
+        }
+
+        /**
+         * @param encryptionKeyArn The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder encryptionKeyArn(String encryptionKeyArn) {
+            return encryptionKeyArn(Output.of(encryptionKeyArn));
+        }
+
         /**
          * @param maxRetentionDays Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/backup/inputs/LogicallyAirGappedVaultState.java b/sdk/java/src/main/java/com/pulumi/aws/backup/inputs/LogicallyAirGappedVaultState.java
index 0d4351e32e8..1cbf54e3c2f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/backup/inputs/LogicallyAirGappedVaultState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/backup/inputs/LogicallyAirGappedVaultState.java
@@ -33,6 +33,21 @@ public Optional> arn() {
         return Optional.ofNullable(this.arn);
     }
 
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    @Import(name="encryptionKeyArn")
+    private @Nullable Output encryptionKeyArn;
+
+    /**
+     * @return The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     * 
+     */
+    public Optional> encryptionKeyArn() {
+        return Optional.ofNullable(this.encryptionKeyArn);
+    }
+
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      * 
@@ -134,6 +149,7 @@ private LogicallyAirGappedVaultState() {}
 
     private LogicallyAirGappedVaultState(LogicallyAirGappedVaultState $) {
         this.arn = $.arn;
+        this.encryptionKeyArn = $.encryptionKeyArn;
         this.maxRetentionDays = $.maxRetentionDays;
         this.minRetentionDays = $.minRetentionDays;
         this.name = $.name;
@@ -182,6 +198,27 @@ public Builder arn(String arn) {
             return arn(Output.of(arn));
         }
 
+        /**
+         * @param encryptionKeyArn The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder encryptionKeyArn(@Nullable Output encryptionKeyArn) {
+            $.encryptionKeyArn = encryptionKeyArn;
+            return this;
+        }
+
+        /**
+         * @param encryptionKeyArn The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder encryptionKeyArn(String encryptionKeyArn) {
+            return encryptionKeyArn(Output.of(encryptionKeyArn));
+        }
+
         /**
          * @param maxRetentionDays Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/AgentcoreAgentRuntime.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/AgentcoreAgentRuntime.java
index f5a0f689a58..6f8fde0ecbc 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/AgentcoreAgentRuntime.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/AgentcoreAgentRuntime.java
@@ -184,6 +184,60 @@
  * }
  *
* + * ### Agent runtime artifact from S3 with Code Configuration + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.bedrock.AgentcoreAgentRuntime;
+ * import com.pulumi.aws.bedrock.AgentcoreAgentRuntimeArgs;
+ * import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactArgs;
+ * import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs;
+ * import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs;
+ * import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args;
+ * import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeNetworkConfigurationArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new AgentcoreAgentRuntime("example", AgentcoreAgentRuntimeArgs.builder()
+ *             .agentRuntimeName("example_agent_runtime")
+ *             .roleArn(exampleAwsIamRole.arn())
+ *             .agentRuntimeArtifact(AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.builder()
+ *                 .codeConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs.builder()
+ *                     .entryPoints("main.py")
+ *                     .runtime("PYTHON_3_13")
+ *                     .code(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.builder()
+ *                         .s3(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.builder()
+ *                             .bucket("example-bucket")
+ *                             .prefix("example-agent-runtime-code.zip")
+ *                             .build())
+ *                         .build())
+ *                     .build())
+ *                 .build())
+ *             .networkConfiguration(AgentcoreAgentRuntimeNetworkConfigurationArgs.builder()
+ *                 .networkMode("PUBLIC")
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ## Import * * Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example: diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.java index e2c11408d33..8e6ff0567c4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs.java @@ -8,12 +8,29 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.String; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; public final class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs extends com.pulumi.resources.ResourceArgs { public static final AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs Empty = new AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs(); + /** + * Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + */ + @Import(name="customMetadataField") + private @Nullable Output customMetadataField; + + /** + * @return Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + */ + public Optional> customMetadataField() { + return Optional.ofNullable(this.customMetadataField); + } + /** * Name of the field in which Amazon Bedrock stores metadata about the vector store. * @@ -77,6 +94,7 @@ public Output vectorField() { private AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs() {} private AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs(AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs $) { + this.customMetadataField = $.customMetadataField; this.metadataField = $.metadataField; this.primaryKeyField = $.primaryKeyField; this.textField = $.textField; @@ -101,6 +119,27 @@ public Builder(AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappin $ = new AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgs(Objects.requireNonNull(defaults)); } + /** + * @param customMetadataField Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + * @return builder + * + */ + public Builder customMetadataField(@Nullable Output customMetadataField) { + $.customMetadataField = customMetadataField; + return this; + } + + /** + * @param customMetadataField Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + * @return builder + * + */ + public Builder customMetadataField(String customMetadataField) { + return customMetadataField(Output.of(customMetadataField)); + } + /** * @param metadataField Name of the field in which Amazon Bedrock stores metadata about the vector store. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.java index 7e044838e02..ce528956c66 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactArgs.java @@ -3,6 +3,7 @@ package com.pulumi.aws.bedrock.inputs; +import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs; import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs; import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; @@ -16,14 +17,29 @@ public final class AgentcoreAgentRuntimeAgentRuntimeArtifactArgs extends com.pul public static final AgentcoreAgentRuntimeAgentRuntimeArtifactArgs Empty = new AgentcoreAgentRuntimeAgentRuntimeArtifactArgs(); /** - * Container configuration block. See `containerConfiguration` below. + * Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + * + */ + @Import(name="codeConfiguration") + private @Nullable Output codeConfiguration; + + /** + * @return Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + * + */ + public Optional> codeConfiguration() { + return Optional.ofNullable(this.codeConfiguration); + } + + /** + * Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. * */ @Import(name="containerConfiguration") private @Nullable Output containerConfiguration; /** - * @return Container configuration block. See `containerConfiguration` below. + * @return Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. * */ public Optional> containerConfiguration() { @@ -33,6 +49,7 @@ public Optional codeConfiguration) { + $.codeConfiguration = codeConfiguration; + return this; + } + + /** + * @param codeConfiguration Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + * + * @return builder + * + */ + public Builder codeConfiguration(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs codeConfiguration) { + return codeConfiguration(Output.of(codeConfiguration)); + } + + /** + * @param containerConfiguration Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. * * @return builder * @@ -66,7 +104,7 @@ public Builder containerConfiguration(@Nullable Output code; + + /** + * @return Configuration block for the source code location and configuration details. See `code` below. + * + */ + public Optional> code() { + return Optional.ofNullable(this.code); + } + + /** + * Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + */ + @Import(name="entryPoints", required=true) + private Output> entryPoints; + + /** + * @return Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + */ + public Output> entryPoints() { + return this.entryPoints; + } + + /** + * Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + */ + @Import(name="runtime", required=true) + private Output runtime; + + /** + * @return Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + */ + public Output runtime() { + return this.runtime; + } + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs() {} + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs $) { + this.code = $.code; + this.entryPoints = $.entryPoints; + this.runtime = $.runtime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs $; + + public Builder() { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs(); + } + + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs defaults) { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param code Configuration block for the source code location and configuration details. See `code` below. + * + * @return builder + * + */ + public Builder code(@Nullable Output code) { + $.code = code; + return this; + } + + /** + * @param code Configuration block for the source code location and configuration details. See `code` below. + * + * @return builder + * + */ + public Builder code(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs code) { + return code(Output.of(code)); + } + + /** + * @param entryPoints Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + * @return builder + * + */ + public Builder entryPoints(Output> entryPoints) { + $.entryPoints = entryPoints; + return this; + } + + /** + * @param entryPoints Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + * @return builder + * + */ + public Builder entryPoints(List entryPoints) { + return entryPoints(Output.of(entryPoints)); + } + + /** + * @param entryPoints Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + * @return builder + * + */ + public Builder entryPoints(String... entryPoints) { + return entryPoints(List.of(entryPoints)); + } + + /** + * @param runtime Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + * @return builder + * + */ + public Builder runtime(Output runtime) { + $.runtime = runtime; + return this; + } + + /** + * @param runtime Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + * @return builder + * + */ + public Builder runtime(String runtime) { + return runtime(Output.of(runtime)); + } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs build() { + if ($.entryPoints == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs", "entryPoints"); + } + if ($.runtime == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs", "runtime"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.java new file mode 100644 index 00000000000..273066965d7 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.bedrock.inputs; + +import com.pulumi.aws.bedrock.inputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs extends com.pulumi.resources.ResourceArgs { + + public static final AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs Empty = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs(); + + /** + * Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + */ + @Import(name="s3") + private @Nullable Output s3; + + /** + * @return Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + */ + public Optional> s3() { + return Optional.ofNullable(this.s3); + } + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs() {} + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs $) { + this.s3 = $.s3; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs $; + + public Builder() { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs(); + } + + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs defaults) { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param s3 Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + * @return builder + * + */ + public Builder s3(@Nullable Output s3) { + $.s3 = s3; + return this; + } + + /** + * @param s3 Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + * @return builder + * + */ + public Builder s3(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args s3) { + return s3(Output.of(s3)); + } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.java new file mode 100644 index 00000000000..e0a46264f73 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args.java @@ -0,0 +1,164 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.bedrock.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args extends com.pulumi.resources.ResourceArgs { + + public static final AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args Empty = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args(); + + /** + * Name of the Amazon S3 bucket. + * + */ + @Import(name="bucket", required=true) + private Output bucket; + + /** + * @return Name of the Amazon S3 bucket. + * + */ + public Output bucket() { + return this.bucket; + } + + /** + * Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + */ + @Import(name="prefix", required=true) + private Output prefix; + + /** + * @return Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + */ + public Output prefix() { + return this.prefix; + } + + /** + * Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + */ + @Import(name="versionId") + private @Nullable Output versionId; + + /** + * @return Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + */ + public Optional> versionId() { + return Optional.ofNullable(this.versionId); + } + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args() {} + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args $) { + this.bucket = $.bucket; + this.prefix = $.prefix; + this.versionId = $.versionId; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args $; + + public Builder() { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args(); + } + + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args defaults) { + $ = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args(Objects.requireNonNull(defaults)); + } + + /** + * @param bucket Name of the Amazon S3 bucket. + * + * @return builder + * + */ + public Builder bucket(Output bucket) { + $.bucket = bucket; + return this; + } + + /** + * @param bucket Name of the Amazon S3 bucket. + * + * @return builder + * + */ + public Builder bucket(String bucket) { + return bucket(Output.of(bucket)); + } + + /** + * @param prefix Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + * @return builder + * + */ + public Builder prefix(Output prefix) { + $.prefix = prefix; + return this; + } + + /** + * @param prefix Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + * @return builder + * + */ + public Builder prefix(String prefix) { + return prefix(Output.of(prefix)); + } + + /** + * @param versionId Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + * @return builder + * + */ + public Builder versionId(@Nullable Output versionId) { + $.versionId = versionId; + return this; + } + + /** + * @param versionId Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + * @return builder + * + */ + public Builder versionId(String versionId) { + return versionId(Output.of(versionId)); + } + + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args build() { + if ($.bucket == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args", "bucket"); + } + if ($.prefix == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args", "prefix"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/GuardrailContentPolicyConfigFiltersConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/GuardrailContentPolicyConfigFiltersConfigArgs.java index dc305b85545..2db90c8de1e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/GuardrailContentPolicyConfigFiltersConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/inputs/GuardrailContentPolicyConfigFiltersConfigArgs.java @@ -6,8 +6,12 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; import java.lang.String; +import java.util.List; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; public final class GuardrailContentPolicyConfigFiltersConfigArgs extends com.pulumi.resources.ResourceArgs { @@ -15,14 +19,59 @@ public final class GuardrailContentPolicyConfigFiltersConfigArgs extends com.pul public static final GuardrailContentPolicyConfigFiltersConfigArgs Empty = new GuardrailContentPolicyConfigFiltersConfigArgs(); /** - * Strength for filters. + * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + @Import(name="inputAction") + private @Nullable Output inputAction; + + /** + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + public Optional> inputAction() { + return Optional.ofNullable(this.inputAction); + } + + /** + * Toggles guardrail evaluation on input. + * + */ + @Import(name="inputEnabled") + private @Nullable Output inputEnabled; + + /** + * @return Toggles guardrail evaluation on input. + * + */ + public Optional> inputEnabled() { + return Optional.ofNullable(this.inputEnabled); + } + + /** + * List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + @Import(name="inputModalities") + private @Nullable Output> inputModalities; + + /** + * @return List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + public Optional>> inputModalities() { + return Optional.ofNullable(this.inputModalities); + } + + /** + * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ @Import(name="inputStrength", required=true) private Output inputStrength; /** - * @return Strength for filters. + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ public Output inputStrength() { @@ -30,14 +79,59 @@ public Output inputStrength() { } /** - * Strength for filters. + * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + @Import(name="outputAction") + private @Nullable Output outputAction; + + /** + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + public Optional> outputAction() { + return Optional.ofNullable(this.outputAction); + } + + /** + * Toggles guardrail evaluation on output. + * + */ + @Import(name="outputEnabled") + private @Nullable Output outputEnabled; + + /** + * @return Toggles guardrail evaluation on output. + * + */ + public Optional> outputEnabled() { + return Optional.ofNullable(this.outputEnabled); + } + + /** + * List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + @Import(name="outputModalities") + private @Nullable Output> outputModalities; + + /** + * @return List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + public Optional>> outputModalities() { + return Optional.ofNullable(this.outputModalities); + } + + /** + * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ @Import(name="outputStrength", required=true) private Output outputStrength; /** - * @return Strength for filters. + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ public Output outputStrength() { @@ -62,7 +156,13 @@ public Output type() { private GuardrailContentPolicyConfigFiltersConfigArgs() {} private GuardrailContentPolicyConfigFiltersConfigArgs(GuardrailContentPolicyConfigFiltersConfigArgs $) { + this.inputAction = $.inputAction; + this.inputEnabled = $.inputEnabled; + this.inputModalities = $.inputModalities; this.inputStrength = $.inputStrength; + this.outputAction = $.outputAction; + this.outputEnabled = $.outputEnabled; + this.outputModalities = $.outputModalities; this.outputStrength = $.outputStrength; this.type = $.type; } @@ -86,7 +186,80 @@ public Builder(GuardrailContentPolicyConfigFiltersConfigArgs defaults) { } /** - * @param inputStrength Strength for filters. + * @param inputAction Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + * @return builder + * + */ + public Builder inputAction(@Nullable Output inputAction) { + $.inputAction = inputAction; + return this; + } + + /** + * @param inputAction Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + * @return builder + * + */ + public Builder inputAction(String inputAction) { + return inputAction(Output.of(inputAction)); + } + + /** + * @param inputEnabled Toggles guardrail evaluation on input. + * + * @return builder + * + */ + public Builder inputEnabled(@Nullable Output inputEnabled) { + $.inputEnabled = inputEnabled; + return this; + } + + /** + * @param inputEnabled Toggles guardrail evaluation on input. + * + * @return builder + * + */ + public Builder inputEnabled(Boolean inputEnabled) { + return inputEnabled(Output.of(inputEnabled)); + } + + /** + * @param inputModalities List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder inputModalities(@Nullable Output> inputModalities) { + $.inputModalities = inputModalities; + return this; + } + + /** + * @param inputModalities List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder inputModalities(List inputModalities) { + return inputModalities(Output.of(inputModalities)); + } + + /** + * @param inputModalities List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder inputModalities(String... inputModalities) { + return inputModalities(List.of(inputModalities)); + } + + /** + * @param inputStrength Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * * @return builder * @@ -97,7 +270,7 @@ public Builder inputStrength(Output inputStrength) { } /** - * @param inputStrength Strength for filters. + * @param inputStrength Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * * @return builder * @@ -107,7 +280,80 @@ public Builder inputStrength(String inputStrength) { } /** - * @param outputStrength Strength for filters. + * @param outputAction Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + * @return builder + * + */ + public Builder outputAction(@Nullable Output outputAction) { + $.outputAction = outputAction; + return this; + } + + /** + * @param outputAction Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + * @return builder + * + */ + public Builder outputAction(String outputAction) { + return outputAction(Output.of(outputAction)); + } + + /** + * @param outputEnabled Toggles guardrail evaluation on output. + * + * @return builder + * + */ + public Builder outputEnabled(@Nullable Output outputEnabled) { + $.outputEnabled = outputEnabled; + return this; + } + + /** + * @param outputEnabled Toggles guardrail evaluation on output. + * + * @return builder + * + */ + public Builder outputEnabled(Boolean outputEnabled) { + return outputEnabled(Output.of(outputEnabled)); + } + + /** + * @param outputModalities List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder outputModalities(@Nullable Output> outputModalities) { + $.outputModalities = outputModalities; + return this; + } + + /** + * @param outputModalities List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder outputModalities(List outputModalities) { + return outputModalities(Output.of(outputModalities)); + } + + /** + * @param outputModalities List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + * @return builder + * + */ + public Builder outputModalities(String... outputModalities) { + return outputModalities(List.of(outputModalities)); + } + + /** + * @param outputStrength Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * * @return builder * @@ -118,7 +364,7 @@ public Builder outputStrength(Output outputStrength) { } /** - * @param outputStrength Strength for filters. + * @param outputStrength Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.java index 8c2012ddc49..82953893618 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping.java @@ -7,9 +7,16 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.String; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; @CustomType public final class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping { + /** + * @return Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + */ + private @Nullable String customMetadataField; /** * @return Name of the field in which Amazon Bedrock stores metadata about the vector store. * @@ -32,6 +39,13 @@ public final class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMa private String vectorField; private AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping() {} + /** + * @return Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source. + * + */ + public Optional customMetadataField() { + return Optional.ofNullable(this.customMetadataField); + } /** * @return Name of the field in which Amazon Bedrock stores metadata about the vector store. * @@ -70,6 +84,7 @@ public static Builder builder(AgentKnowledgeBaseStorageConfigurationRdsConfigura } @CustomType.Builder public static final class Builder { + private @Nullable String customMetadataField; private String metadataField; private String primaryKeyField; private String textField; @@ -77,12 +92,19 @@ public static final class Builder { public Builder() {} public Builder(AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping defaults) { Objects.requireNonNull(defaults); + this.customMetadataField = defaults.customMetadataField; this.metadataField = defaults.metadataField; this.primaryKeyField = defaults.primaryKeyField; this.textField = defaults.textField; this.vectorField = defaults.vectorField; } + @CustomType.Setter + public Builder customMetadataField(@Nullable String customMetadataField) { + + this.customMetadataField = customMetadataField; + return this; + } @CustomType.Setter public Builder metadataField(String metadataField) { if (metadataField == null) { @@ -117,6 +139,7 @@ public Builder vectorField(String vectorField) { } public AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping build() { final var _resultValue = new AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping(); + _resultValue.customMetadataField = customMetadataField; _resultValue.metadataField = metadataField; _resultValue.primaryKeyField = primaryKeyField; _resultValue.textField = textField; diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.java index 3bb53300a47..60f608ede32 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifact.java @@ -3,6 +3,7 @@ package com.pulumi.aws.bedrock.outputs; +import com.pulumi.aws.bedrock.outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration; import com.pulumi.aws.bedrock.outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration; import com.pulumi.core.annotations.CustomType; import java.util.Objects; @@ -12,14 +13,26 @@ @CustomType public final class AgentcoreAgentRuntimeAgentRuntimeArtifact { /** - * @return Container configuration block. See `containerConfiguration` below. + * @return Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + * + */ + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration codeConfiguration; + /** + * @return Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. * */ private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration containerConfiguration; private AgentcoreAgentRuntimeAgentRuntimeArtifact() {} /** - * @return Container configuration block. See `containerConfiguration` below. + * @return Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below. + * + */ + public Optional codeConfiguration() { + return Optional.ofNullable(this.codeConfiguration); + } + /** + * @return Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below. * */ public Optional containerConfiguration() { @@ -35,13 +48,21 @@ public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifact defaults } @CustomType.Builder public static final class Builder { + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration codeConfiguration; private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration containerConfiguration; public Builder() {} public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifact defaults) { Objects.requireNonNull(defaults); + this.codeConfiguration = defaults.codeConfiguration; this.containerConfiguration = defaults.containerConfiguration; } + @CustomType.Setter + public Builder codeConfiguration(@Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration codeConfiguration) { + + this.codeConfiguration = codeConfiguration; + return this; + } @CustomType.Setter public Builder containerConfiguration(@Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration containerConfiguration) { @@ -50,6 +71,7 @@ public Builder containerConfiguration(@Nullable AgentcoreAgentRuntimeAgentRuntim } public AgentcoreAgentRuntimeAgentRuntimeArtifact build() { final var _resultValue = new AgentcoreAgentRuntimeAgentRuntimeArtifact(); + _resultValue.codeConfiguration = codeConfiguration; _resultValue.containerConfiguration = containerConfiguration; return _resultValue; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.java new file mode 100644 index 00000000000..271b9ab0921 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.java @@ -0,0 +1,109 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.bedrock.outputs; + +import com.pulumi.aws.bedrock.outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode; +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration { + /** + * @return Configuration block for the source code location and configuration details. See `code` below. + * + */ + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode code; + /** + * @return Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + */ + private List entryPoints; + /** + * @return Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + */ + private String runtime; + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration() {} + /** + * @return Configuration block for the source code location and configuration details. See `code` below. + * + */ + public Optional code() { + return Optional.ofNullable(this.code); + } + /** + * @return Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`. + * + */ + public List entryPoints() { + return this.entryPoints; + } + /** + * @return Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`. + * + */ + public String runtime() { + return this.runtime; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode code; + private List entryPoints; + private String runtime; + public Builder() {} + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration defaults) { + Objects.requireNonNull(defaults); + this.code = defaults.code; + this.entryPoints = defaults.entryPoints; + this.runtime = defaults.runtime; + } + + @CustomType.Setter + public Builder code(@Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode code) { + + this.code = code; + return this; + } + @CustomType.Setter + public Builder entryPoints(List entryPoints) { + if (entryPoints == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration", "entryPoints"); + } + this.entryPoints = entryPoints; + return this; + } + public Builder entryPoints(String... entryPoints) { + return entryPoints(List.of(entryPoints)); + } + @CustomType.Setter + public Builder runtime(String runtime) { + if (runtime == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration", "runtime"); + } + this.runtime = runtime; + return this; + } + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration build() { + final var _resultValue = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration(); + _resultValue.code = code; + _resultValue.entryPoints = entryPoints; + _resultValue.runtime = runtime; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.java new file mode 100644 index 00000000000..d5699a28787 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.bedrock.outputs; + +import com.pulumi.aws.bedrock.outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3; +import com.pulumi.core.annotations.CustomType; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode { + /** + * @return Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + */ + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 s3; + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode() {} + /** + * @return Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below. + * + */ + public Optional s3() { + return Optional.ofNullable(this.s3); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 s3; + public Builder() {} + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode defaults) { + Objects.requireNonNull(defaults); + this.s3 = defaults.s3; + } + + @CustomType.Setter + public Builder s3(@Nullable AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 s3) { + + this.s3 = s3; + return this; + } + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode build() { + final var _resultValue = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode(); + _resultValue.s3 = s3; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.java new file mode 100644 index 00000000000..962d5736c89 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.bedrock.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 { + /** + * @return Name of the Amazon S3 bucket. + * + */ + private String bucket; + /** + * @return Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + */ + private String prefix; + /** + * @return Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + */ + private @Nullable String versionId; + + private AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3() {} + /** + * @return Name of the Amazon S3 bucket. + * + */ + public String bucket() { + return this.bucket; + } + /** + * @return Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket. + * + */ + public String prefix() { + return this.prefix; + } + /** + * @return Version ID of the Amazon S3 object. If not specified, the latest version of the object is used. + * + */ + public Optional versionId() { + return Optional.ofNullable(this.versionId); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String bucket; + private String prefix; + private @Nullable String versionId; + public Builder() {} + public Builder(AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 defaults) { + Objects.requireNonNull(defaults); + this.bucket = defaults.bucket; + this.prefix = defaults.prefix; + this.versionId = defaults.versionId; + } + + @CustomType.Setter + public Builder bucket(String bucket) { + if (bucket == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3", "bucket"); + } + this.bucket = bucket; + return this; + } + @CustomType.Setter + public Builder prefix(String prefix) { + if (prefix == null) { + throw new MissingRequiredPropertyException("AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3", "prefix"); + } + this.prefix = prefix; + return this; + } + @CustomType.Setter + public Builder versionId(@Nullable String versionId) { + + this.versionId = versionId; + return this; + } + public AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 build() { + final var _resultValue = new AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3(); + _resultValue.bucket = bucket; + _resultValue.prefix = prefix; + _resultValue.versionId = versionId; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/GuardrailContentPolicyConfigFiltersConfig.java b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/GuardrailContentPolicyConfigFiltersConfig.java index 700362574b3..51175d3c169 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/GuardrailContentPolicyConfigFiltersConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrock/outputs/GuardrailContentPolicyConfigFiltersConfig.java @@ -5,18 +5,52 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; import java.lang.String; +import java.util.List; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; @CustomType public final class GuardrailContentPolicyConfigFiltersConfig { /** - * @return Strength for filters. + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + private @Nullable String inputAction; + /** + * @return Toggles guardrail evaluation on input. + * + */ + private @Nullable Boolean inputEnabled; + /** + * @return List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + private @Nullable List inputModalities; + /** + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ private String inputStrength; /** - * @return Strength for filters. + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + private @Nullable String outputAction; + /** + * @return Toggles guardrail evaluation on output. + * + */ + private @Nullable Boolean outputEnabled; + /** + * @return List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + private @Nullable List outputModalities; + /** + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ private String outputStrength; @@ -28,14 +62,56 @@ public final class GuardrailContentPolicyConfigFiltersConfig { private GuardrailContentPolicyConfigFiltersConfig() {} /** - * @return Strength for filters. + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + public Optional inputAction() { + return Optional.ofNullable(this.inputAction); + } + /** + * @return Toggles guardrail evaluation on input. + * + */ + public Optional inputEnabled() { + return Optional.ofNullable(this.inputEnabled); + } + /** + * @return List of selected input modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + public List inputModalities() { + return this.inputModalities == null ? List.of() : this.inputModalities; + } + /** + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ public String inputStrength() { return this.inputStrength; } /** - * @return Strength for filters. + * @return Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`. + * + */ + public Optional outputAction() { + return Optional.ofNullable(this.outputAction); + } + /** + * @return Toggles guardrail evaluation on output. + * + */ + public Optional outputEnabled() { + return Optional.ofNullable(this.outputEnabled); + } + /** + * @return List of selected output modalities. Valid values: `IMAGE`, `TEXT`. + * + */ + public List outputModalities() { + return this.outputModalities == null ? List.of() : this.outputModalities; + } + /** + * @return Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`. * */ public String outputStrength() { @@ -58,17 +134,50 @@ public static Builder builder(GuardrailContentPolicyConfigFiltersConfig defaults } @CustomType.Builder public static final class Builder { + private @Nullable String inputAction; + private @Nullable Boolean inputEnabled; + private @Nullable List inputModalities; private String inputStrength; + private @Nullable String outputAction; + private @Nullable Boolean outputEnabled; + private @Nullable List outputModalities; private String outputStrength; private String type; public Builder() {} public Builder(GuardrailContentPolicyConfigFiltersConfig defaults) { Objects.requireNonNull(defaults); + this.inputAction = defaults.inputAction; + this.inputEnabled = defaults.inputEnabled; + this.inputModalities = defaults.inputModalities; this.inputStrength = defaults.inputStrength; + this.outputAction = defaults.outputAction; + this.outputEnabled = defaults.outputEnabled; + this.outputModalities = defaults.outputModalities; this.outputStrength = defaults.outputStrength; this.type = defaults.type; } + @CustomType.Setter + public Builder inputAction(@Nullable String inputAction) { + + this.inputAction = inputAction; + return this; + } + @CustomType.Setter + public Builder inputEnabled(@Nullable Boolean inputEnabled) { + + this.inputEnabled = inputEnabled; + return this; + } + @CustomType.Setter + public Builder inputModalities(@Nullable List inputModalities) { + + this.inputModalities = inputModalities; + return this; + } + public Builder inputModalities(String... inputModalities) { + return inputModalities(List.of(inputModalities)); + } @CustomType.Setter public Builder inputStrength(String inputStrength) { if (inputStrength == null) { @@ -78,6 +187,27 @@ public Builder inputStrength(String inputStrength) { return this; } @CustomType.Setter + public Builder outputAction(@Nullable String outputAction) { + + this.outputAction = outputAction; + return this; + } + @CustomType.Setter + public Builder outputEnabled(@Nullable Boolean outputEnabled) { + + this.outputEnabled = outputEnabled; + return this; + } + @CustomType.Setter + public Builder outputModalities(@Nullable List outputModalities) { + + this.outputModalities = outputModalities; + return this; + } + public Builder outputModalities(String... outputModalities) { + return outputModalities(List.of(outputModalities)); + } + @CustomType.Setter public Builder outputStrength(String outputStrength) { if (outputStrength == null) { throw new MissingRequiredPropertyException("GuardrailContentPolicyConfigFiltersConfig", "outputStrength"); @@ -95,7 +225,13 @@ public Builder type(String type) { } public GuardrailContentPolicyConfigFiltersConfig build() { final var _resultValue = new GuardrailContentPolicyConfigFiltersConfig(); + _resultValue.inputAction = inputAction; + _resultValue.inputEnabled = inputEnabled; + _resultValue.inputModalities = inputModalities; _resultValue.inputStrength = inputStrength; + _resultValue.outputAction = outputAction; + _resultValue.outputEnabled = outputEnabled; + _resultValue.outputModalities = outputModalities; _resultValue.outputStrength = outputStrength; _resultValue.type = type; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/View.java b/sdk/java/src/main/java/com/pulumi/aws/billing/View.java new file mode 100644 index 00000000000..23cc8506ec3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/View.java @@ -0,0 +1,349 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing; + +import com.pulumi.aws.Utilities; +import com.pulumi.aws.billing.ViewArgs; +import com.pulumi.aws.billing.inputs.ViewState; +import com.pulumi.aws.billing.outputs.ViewDataFilterExpression; +import com.pulumi.aws.billing.outputs.ViewTimeouts; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Manages an AWS Billing View. + * + * ## Example Usage + * + * ### Basic Usage + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.billing.View;
+ * import com.pulumi.aws.billing.ViewArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new View("example", ViewArgs.builder()
+ *             .name("example")
+ *             .description("example description")
+ *             .sourceViews("arn:aws:billing::123456789012:billingview/example")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * + * ## Import + * + * Using `pulumi import`, import Billing View using the `arn`. For example: + * + * ```sh + * $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example + * ``` + * + */ +@ResourceType(type="aws:billing/view:View") +public class View extends com.pulumi.resources.CustomResource { + /** + * ARN of the View. + * + */ + @Export(name="arn", refs={String.class}, tree="[0]") + private Output arn; + + /** + * @return ARN of the View. + * + */ + public Output arn() { + return this.arn; + } + /** + * Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + */ + @Export(name="billingViewType", refs={String.class}, tree="[0]") + private Output billingViewType; + + /** + * @return Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + */ + public Output billingViewType() { + return this.billingViewType; + } + /** + * Timestamp when the billing view was created. + * + */ + @Export(name="createdAt", refs={String.class}, tree="[0]") + private Output createdAt; + + /** + * @return Timestamp when the billing view was created. + * + */ + public Output createdAt() { + return this.createdAt; + } + /** + * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + @Export(name="dataFilterExpression", refs={ViewDataFilterExpression.class}, tree="[0]") + private Output dataFilterExpression; + + /** + * @return Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + public Output> dataFilterExpression() { + return Codegen.optional(this.dataFilterExpression); + } + /** + * Number of billing views that use this billing view as a source. + * + */ + @Export(name="derivedViewCount", refs={Integer.class}, tree="[0]") + private Output derivedViewCount; + + /** + * @return Number of billing views that use this billing view as a source. + * + */ + public Output derivedViewCount() { + return this.derivedViewCount; + } + /** + * Description of the custom billing view. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return Description of the custom billing view. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * Name of the custom billing view to be created. + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Name of the custom billing view to be created. + * + */ + public Output name() { + return this.name; + } + /** + * Account owner of the billing view. + * + */ + @Export(name="ownerAccountId", refs={String.class}, tree="[0]") + private Output ownerAccountId; + + /** + * @return Account owner of the billing view. + * + */ + public Output ownerAccountId() { + return this.ownerAccountId; + } + /** + * AWS account ID that owns the source billing view, if this is a derived billing view. + * + */ + @Export(name="sourceAccountId", refs={String.class}, tree="[0]") + private Output sourceAccountId; + + /** + * @return AWS account ID that owns the source billing view, if this is a derived billing view. + * + */ + public Output sourceAccountId() { + return this.sourceAccountId; + } + /** + * Number of source views associated with this billing view. + * + */ + @Export(name="sourceViewCount", refs={Integer.class}, tree="[0]") + private Output sourceViewCount; + + /** + * @return Number of source views associated with this billing view. + * + */ + public Output sourceViewCount() { + return this.sourceViewCount; + } + /** + * List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + @Export(name="sourceViews", refs={List.class,String.class}, tree="[0,1]") + private Output> sourceViews; + + /** + * @return List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + public Output>> sourceViews() { + return Codegen.optional(this.sourceViews); + } + /** + * List of key value map specifying tags associated to the billing view being created. + * + */ + @Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> tags; + + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + public Output>> tags() { + return Codegen.optional(this.tags); + } + /** + * List of key value map specifying tags associated to the billing view. + * + */ + @Export(name="tagsAll", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> tagsAll; + + /** + * @return List of key value map specifying tags associated to the billing view. + * + */ + public Output> tagsAll() { + return this.tagsAll; + } + @Export(name="timeouts", refs={ViewTimeouts.class}, tree="[0]") + private Output timeouts; + + public Output> timeouts() { + return Codegen.optional(this.timeouts); + } + /** + * Time when the billing view was last updated. + * + */ + @Export(name="updatedAt", refs={String.class}, tree="[0]") + private Output updatedAt; + + /** + * @return Time when the billing view was last updated. + * + */ + public Output updatedAt() { + return this.updatedAt; + } + /** + * Timestamp of when the billing view definition was last updated. + * + */ + @Export(name="viewDefinitionLastUpdatedAt", refs={String.class}, tree="[0]") + private Output viewDefinitionLastUpdatedAt; + + /** + * @return Timestamp of when the billing view definition was last updated. + * + */ + public Output viewDefinitionLastUpdatedAt() { + return this.viewDefinitionLastUpdatedAt; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public View(java.lang.String name) { + this(name, ViewArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public View(java.lang.String name, @Nullable ViewArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public View(java.lang.String name, @Nullable ViewArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("aws:billing/view:View", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private View(java.lang.String name, Output id, @Nullable ViewState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("aws:billing/view:View", name, state, makeResourceOptions(options, id), false); + } + + private static ViewArgs makeArgs(@Nullable ViewArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? ViewArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static View get(java.lang.String name, Output id, @Nullable ViewState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new View(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/ViewArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/ViewArgs.java new file mode 100644 index 00000000000..b222e7d4cf4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/ViewArgs.java @@ -0,0 +1,272 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing; + +import com.pulumi.aws.billing.inputs.ViewDataFilterExpressionArgs; +import com.pulumi.aws.billing.inputs.ViewTimeoutsArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ViewArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewArgs Empty = new ViewArgs(); + + /** + * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + @Import(name="dataFilterExpression") + private @Nullable Output dataFilterExpression; + + /** + * @return Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + public Optional> dataFilterExpression() { + return Optional.ofNullable(this.dataFilterExpression); + } + + /** + * Description of the custom billing view. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the custom billing view. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Name of the custom billing view to be created. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Name of the custom billing view to be created. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + @Import(name="sourceViews") + private @Nullable Output> sourceViews; + + /** + * @return List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + public Optional>> sourceViews() { + return Optional.ofNullable(this.sourceViews); + } + + /** + * List of key value map specifying tags associated to the billing view being created. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + + @Import(name="timeouts") + private @Nullable Output timeouts; + + public Optional> timeouts() { + return Optional.ofNullable(this.timeouts); + } + + private ViewArgs() {} + + private ViewArgs(ViewArgs $) { + this.dataFilterExpression = $.dataFilterExpression; + this.description = $.description; + this.name = $.name; + this.sourceViews = $.sourceViews; + this.tags = $.tags; + this.timeouts = $.timeouts; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewArgs $; + + public Builder() { + $ = new ViewArgs(); + } + + public Builder(ViewArgs defaults) { + $ = new ViewArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param dataFilterExpression Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + * @return builder + * + */ + public Builder dataFilterExpression(@Nullable Output dataFilterExpression) { + $.dataFilterExpression = dataFilterExpression; + return this; + } + + /** + * @param dataFilterExpression Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + * @return builder + * + */ + public Builder dataFilterExpression(ViewDataFilterExpressionArgs dataFilterExpression) { + return dataFilterExpression(Output.of(dataFilterExpression)); + } + + /** + * @param description Description of the custom billing view. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the custom billing view. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param name Name of the custom billing view to be created. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Name of the custom billing view to be created. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(@Nullable Output> sourceViews) { + $.sourceViews = sourceViews; + return this; + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(List sourceViews) { + return sourceViews(Output.of(sourceViews)); + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(String... sourceViews) { + return sourceViews(List.of(sourceViews)); + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(Map tags) { + return tags(Output.of(tags)); + } + + public Builder timeouts(@Nullable Output timeouts) { + $.timeouts = timeouts; + return this; + } + + public Builder timeouts(ViewTimeoutsArgs timeouts) { + return timeouts(Output.of(timeouts)); + } + + public ViewArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionArgs.java new file mode 100644 index 00000000000..446abaf684b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionArgs.java @@ -0,0 +1,170 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.aws.billing.inputs.ViewDataFilterExpressionDimensionsArgs; +import com.pulumi.aws.billing.inputs.ViewDataFilterExpressionTagArgs; +import com.pulumi.aws.billing.inputs.ViewDataFilterExpressionTimeRangeArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ViewDataFilterExpressionArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewDataFilterExpressionArgs Empty = new ViewDataFilterExpressionArgs(); + + /** + * Dimension to use for `expression`. Refer to #dimensions for more details. + * + */ + @Import(name="dimensions") + private @Nullable Output dimensions; + + /** + * @return Dimension to use for `expression`. Refer to #dimensions for more details. + * + */ + public Optional> dimensions() { + return Optional.ofNullable(this.dimensions); + } + + /** + * List of key value map specifying tags associated to the billing view being created. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + + /** + * Time range to use for `expression`. Refer to #time-range for more details. + * + */ + @Import(name="timeRange") + private @Nullable Output timeRange; + + /** + * @return Time range to use for `expression`. Refer to #time-range for more details. + * + */ + public Optional> timeRange() { + return Optional.ofNullable(this.timeRange); + } + + private ViewDataFilterExpressionArgs() {} + + private ViewDataFilterExpressionArgs(ViewDataFilterExpressionArgs $) { + this.dimensions = $.dimensions; + this.tags = $.tags; + this.timeRange = $.timeRange; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewDataFilterExpressionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewDataFilterExpressionArgs $; + + public Builder() { + $ = new ViewDataFilterExpressionArgs(); + } + + public Builder(ViewDataFilterExpressionArgs defaults) { + $ = new ViewDataFilterExpressionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param dimensions Dimension to use for `expression`. Refer to #dimensions for more details. + * + * @return builder + * + */ + public Builder dimensions(@Nullable Output dimensions) { + $.dimensions = dimensions; + return this; + } + + /** + * @param dimensions Dimension to use for `expression`. Refer to #dimensions for more details. + * + * @return builder + * + */ + public Builder dimensions(ViewDataFilterExpressionDimensionsArgs dimensions) { + return dimensions(Output.of(dimensions)); + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(List tags) { + return tags(Output.of(tags)); + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(ViewDataFilterExpressionTagArgs... tags) { + return tags(List.of(tags)); + } + + /** + * @param timeRange Time range to use for `expression`. Refer to #time-range for more details. + * + * @return builder + * + */ + public Builder timeRange(@Nullable Output timeRange) { + $.timeRange = timeRange; + return this; + } + + /** + * @param timeRange Time range to use for `expression`. Refer to #time-range for more details. + * + * @return builder + * + */ + public Builder timeRange(ViewDataFilterExpressionTimeRangeArgs timeRange) { + return timeRange(Output.of(timeRange)); + } + + public ViewDataFilterExpressionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionDimensionsArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionDimensionsArgs.java new file mode 100644 index 00000000000..8df0e9a6db8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionDimensionsArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ViewDataFilterExpressionDimensionsArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewDataFilterExpressionDimensionsArgs Empty = new ViewDataFilterExpressionDimensionsArgs(); + + /** + * Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + */ + @Import(name="key", required=true) + private Output key; + + /** + * @return Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + */ + public Output key() { + return this.key; + } + + /** + * List of metadata values that you can use to filter and group your results. + * + */ + @Import(name="values", required=true) + private Output> values; + + /** + * @return List of metadata values that you can use to filter and group your results. + * + */ + public Output> values() { + return this.values; + } + + private ViewDataFilterExpressionDimensionsArgs() {} + + private ViewDataFilterExpressionDimensionsArgs(ViewDataFilterExpressionDimensionsArgs $) { + this.key = $.key; + this.values = $.values; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewDataFilterExpressionDimensionsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewDataFilterExpressionDimensionsArgs $; + + public Builder() { + $ = new ViewDataFilterExpressionDimensionsArgs(); + } + + public Builder(ViewDataFilterExpressionDimensionsArgs defaults) { + $ = new ViewDataFilterExpressionDimensionsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param key Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + * @return builder + * + */ + public Builder key(Output key) { + $.key = key; + return this; + } + + /** + * @param key Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + * @return builder + * + */ + public Builder key(String key) { + return key(Output.of(key)); + } + + /** + * @param values List of metadata values that you can use to filter and group your results. + * + * @return builder + * + */ + public Builder values(Output> values) { + $.values = values; + return this; + } + + /** + * @param values List of metadata values that you can use to filter and group your results. + * + * @return builder + * + */ + public Builder values(List values) { + return values(Output.of(values)); + } + + /** + * @param values List of metadata values that you can use to filter and group your results. + * + * @return builder + * + */ + public Builder values(String... values) { + return values(List.of(values)); + } + + public ViewDataFilterExpressionDimensionsArgs build() { + if ($.key == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionDimensionsArgs", "key"); + } + if ($.values == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionDimensionsArgs", "values"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTagArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTagArgs.java new file mode 100644 index 00000000000..a1d1f3a757b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTagArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ViewDataFilterExpressionTagArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewDataFilterExpressionTagArgs Empty = new ViewDataFilterExpressionTagArgs(); + + /** + * Key of the tag. + * + */ + @Import(name="key", required=true) + private Output key; + + /** + * @return Key of the tag. + * + */ + public Output key() { + return this.key; + } + + /** + * List of values for the tag. + * + */ + @Import(name="values", required=true) + private Output> values; + + /** + * @return List of values for the tag. + * + */ + public Output> values() { + return this.values; + } + + private ViewDataFilterExpressionTagArgs() {} + + private ViewDataFilterExpressionTagArgs(ViewDataFilterExpressionTagArgs $) { + this.key = $.key; + this.values = $.values; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewDataFilterExpressionTagArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewDataFilterExpressionTagArgs $; + + public Builder() { + $ = new ViewDataFilterExpressionTagArgs(); + } + + public Builder(ViewDataFilterExpressionTagArgs defaults) { + $ = new ViewDataFilterExpressionTagArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param key Key of the tag. + * + * @return builder + * + */ + public Builder key(Output key) { + $.key = key; + return this; + } + + /** + * @param key Key of the tag. + * + * @return builder + * + */ + public Builder key(String key) { + return key(Output.of(key)); + } + + /** + * @param values List of values for the tag. + * + * @return builder + * + */ + public Builder values(Output> values) { + $.values = values; + return this; + } + + /** + * @param values List of values for the tag. + * + * @return builder + * + */ + public Builder values(List values) { + return values(Output.of(values)); + } + + /** + * @param values List of values for the tag. + * + * @return builder + * + */ + public Builder values(String... values) { + return values(List.of(values)); + } + + public ViewDataFilterExpressionTagArgs build() { + if ($.key == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTagArgs", "key"); + } + if ($.values == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTagArgs", "values"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTimeRangeArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTimeRangeArgs.java new file mode 100644 index 00000000000..37aec99025f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewDataFilterExpressionTimeRangeArgs.java @@ -0,0 +1,105 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ViewDataFilterExpressionTimeRangeArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewDataFilterExpressionTimeRangeArgs Empty = new ViewDataFilterExpressionTimeRangeArgs(); + + /** + * Inclusive end date of the time range. + * + */ + @Import(name="beginDateInclusive", required=true) + private Output beginDateInclusive; + + /** + * @return Inclusive end date of the time range. + * + */ + public Output beginDateInclusive() { + return this.beginDateInclusive; + } + + @Import(name="endDateInclusive", required=true) + private Output endDateInclusive; + + public Output endDateInclusive() { + return this.endDateInclusive; + } + + private ViewDataFilterExpressionTimeRangeArgs() {} + + private ViewDataFilterExpressionTimeRangeArgs(ViewDataFilterExpressionTimeRangeArgs $) { + this.beginDateInclusive = $.beginDateInclusive; + this.endDateInclusive = $.endDateInclusive; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewDataFilterExpressionTimeRangeArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewDataFilterExpressionTimeRangeArgs $; + + public Builder() { + $ = new ViewDataFilterExpressionTimeRangeArgs(); + } + + public Builder(ViewDataFilterExpressionTimeRangeArgs defaults) { + $ = new ViewDataFilterExpressionTimeRangeArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param beginDateInclusive Inclusive end date of the time range. + * + * @return builder + * + */ + public Builder beginDateInclusive(Output beginDateInclusive) { + $.beginDateInclusive = beginDateInclusive; + return this; + } + + /** + * @param beginDateInclusive Inclusive end date of the time range. + * + * @return builder + * + */ + public Builder beginDateInclusive(String beginDateInclusive) { + return beginDateInclusive(Output.of(beginDateInclusive)); + } + + public Builder endDateInclusive(Output endDateInclusive) { + $.endDateInclusive = endDateInclusive; + return this; + } + + public Builder endDateInclusive(String endDateInclusive) { + return endDateInclusive(Output.of(endDateInclusive)); + } + + public ViewDataFilterExpressionTimeRangeArgs build() { + if ($.beginDateInclusive == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTimeRangeArgs", "beginDateInclusive"); + } + if ($.endDateInclusive == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTimeRangeArgs", "endDateInclusive"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewState.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewState.java new file mode 100644 index 00000000000..1142b8af466 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewState.java @@ -0,0 +1,643 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.aws.billing.inputs.ViewDataFilterExpressionArgs; +import com.pulumi.aws.billing.inputs.ViewTimeoutsArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Integer; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ViewState extends com.pulumi.resources.ResourceArgs { + + public static final ViewState Empty = new ViewState(); + + /** + * ARN of the View. + * + */ + @Import(name="arn") + private @Nullable Output arn; + + /** + * @return ARN of the View. + * + */ + public Optional> arn() { + return Optional.ofNullable(this.arn); + } + + /** + * Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + */ + @Import(name="billingViewType") + private @Nullable Output billingViewType; + + /** + * @return Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + */ + public Optional> billingViewType() { + return Optional.ofNullable(this.billingViewType); + } + + /** + * Timestamp when the billing view was created. + * + */ + @Import(name="createdAt") + private @Nullable Output createdAt; + + /** + * @return Timestamp when the billing view was created. + * + */ + public Optional> createdAt() { + return Optional.ofNullable(this.createdAt); + } + + /** + * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + @Import(name="dataFilterExpression") + private @Nullable Output dataFilterExpression; + + /** + * @return Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + */ + public Optional> dataFilterExpression() { + return Optional.ofNullable(this.dataFilterExpression); + } + + /** + * Number of billing views that use this billing view as a source. + * + */ + @Import(name="derivedViewCount") + private @Nullable Output derivedViewCount; + + /** + * @return Number of billing views that use this billing view as a source. + * + */ + public Optional> derivedViewCount() { + return Optional.ofNullable(this.derivedViewCount); + } + + /** + * Description of the custom billing view. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the custom billing view. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * Name of the custom billing view to be created. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Name of the custom billing view to be created. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * Account owner of the billing view. + * + */ + @Import(name="ownerAccountId") + private @Nullable Output ownerAccountId; + + /** + * @return Account owner of the billing view. + * + */ + public Optional> ownerAccountId() { + return Optional.ofNullable(this.ownerAccountId); + } + + /** + * AWS account ID that owns the source billing view, if this is a derived billing view. + * + */ + @Import(name="sourceAccountId") + private @Nullable Output sourceAccountId; + + /** + * @return AWS account ID that owns the source billing view, if this is a derived billing view. + * + */ + public Optional> sourceAccountId() { + return Optional.ofNullable(this.sourceAccountId); + } + + /** + * Number of source views associated with this billing view. + * + */ + @Import(name="sourceViewCount") + private @Nullable Output sourceViewCount; + + /** + * @return Number of source views associated with this billing view. + * + */ + public Optional> sourceViewCount() { + return Optional.ofNullable(this.sourceViewCount); + } + + /** + * List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + @Import(name="sourceViews") + private @Nullable Output> sourceViews; + + /** + * @return List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + */ + public Optional>> sourceViews() { + return Optional.ofNullable(this.sourceViews); + } + + /** + * List of key value map specifying tags associated to the billing view being created. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + + /** + * List of key value map specifying tags associated to the billing view. + * + */ + @Import(name="tagsAll") + private @Nullable Output> tagsAll; + + /** + * @return List of key value map specifying tags associated to the billing view. + * + */ + public Optional>> tagsAll() { + return Optional.ofNullable(this.tagsAll); + } + + @Import(name="timeouts") + private @Nullable Output timeouts; + + public Optional> timeouts() { + return Optional.ofNullable(this.timeouts); + } + + /** + * Time when the billing view was last updated. + * + */ + @Import(name="updatedAt") + private @Nullable Output updatedAt; + + /** + * @return Time when the billing view was last updated. + * + */ + public Optional> updatedAt() { + return Optional.ofNullable(this.updatedAt); + } + + /** + * Timestamp of when the billing view definition was last updated. + * + */ + @Import(name="viewDefinitionLastUpdatedAt") + private @Nullable Output viewDefinitionLastUpdatedAt; + + /** + * @return Timestamp of when the billing view definition was last updated. + * + */ + public Optional> viewDefinitionLastUpdatedAt() { + return Optional.ofNullable(this.viewDefinitionLastUpdatedAt); + } + + private ViewState() {} + + private ViewState(ViewState $) { + this.arn = $.arn; + this.billingViewType = $.billingViewType; + this.createdAt = $.createdAt; + this.dataFilterExpression = $.dataFilterExpression; + this.derivedViewCount = $.derivedViewCount; + this.description = $.description; + this.name = $.name; + this.ownerAccountId = $.ownerAccountId; + this.sourceAccountId = $.sourceAccountId; + this.sourceViewCount = $.sourceViewCount; + this.sourceViews = $.sourceViews; + this.tags = $.tags; + this.tagsAll = $.tagsAll; + this.timeouts = $.timeouts; + this.updatedAt = $.updatedAt; + this.viewDefinitionLastUpdatedAt = $.viewDefinitionLastUpdatedAt; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewState $; + + public Builder() { + $ = new ViewState(); + } + + public Builder(ViewState defaults) { + $ = new ViewState(Objects.requireNonNull(defaults)); + } + + /** + * @param arn ARN of the View. + * + * @return builder + * + */ + public Builder arn(@Nullable Output arn) { + $.arn = arn; + return this; + } + + /** + * @param arn ARN of the View. + * + * @return builder + * + */ + public Builder arn(String arn) { + return arn(Output.of(arn)); + } + + /** + * @param billingViewType Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + * @return builder + * + */ + public Builder billingViewType(@Nullable Output billingViewType) { + $.billingViewType = billingViewType; + return this; + } + + /** + * @param billingViewType Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM. + * + * @return builder + * + */ + public Builder billingViewType(String billingViewType) { + return billingViewType(Output.of(billingViewType)); + } + + /** + * @param createdAt Timestamp when the billing view was created. + * + * @return builder + * + */ + public Builder createdAt(@Nullable Output createdAt) { + $.createdAt = createdAt; + return this; + } + + /** + * @param createdAt Timestamp when the billing view was created. + * + * @return builder + * + */ + public Builder createdAt(String createdAt) { + return createdAt(Output.of(createdAt)); + } + + /** + * @param dataFilterExpression Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + * @return builder + * + */ + public Builder dataFilterExpression(@Nullable Output dataFilterExpression) { + $.dataFilterExpression = dataFilterExpression; + return this; + } + + /** + * @param dataFilterExpression Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details. + * + * @return builder + * + */ + public Builder dataFilterExpression(ViewDataFilterExpressionArgs dataFilterExpression) { + return dataFilterExpression(Output.of(dataFilterExpression)); + } + + /** + * @param derivedViewCount Number of billing views that use this billing view as a source. + * + * @return builder + * + */ + public Builder derivedViewCount(@Nullable Output derivedViewCount) { + $.derivedViewCount = derivedViewCount; + return this; + } + + /** + * @param derivedViewCount Number of billing views that use this billing view as a source. + * + * @return builder + * + */ + public Builder derivedViewCount(Integer derivedViewCount) { + return derivedViewCount(Output.of(derivedViewCount)); + } + + /** + * @param description Description of the custom billing view. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the custom billing view. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param name Name of the custom billing view to be created. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Name of the custom billing view to be created. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param ownerAccountId Account owner of the billing view. + * + * @return builder + * + */ + public Builder ownerAccountId(@Nullable Output ownerAccountId) { + $.ownerAccountId = ownerAccountId; + return this; + } + + /** + * @param ownerAccountId Account owner of the billing view. + * + * @return builder + * + */ + public Builder ownerAccountId(String ownerAccountId) { + return ownerAccountId(Output.of(ownerAccountId)); + } + + /** + * @param sourceAccountId AWS account ID that owns the source billing view, if this is a derived billing view. + * + * @return builder + * + */ + public Builder sourceAccountId(@Nullable Output sourceAccountId) { + $.sourceAccountId = sourceAccountId; + return this; + } + + /** + * @param sourceAccountId AWS account ID that owns the source billing view, if this is a derived billing view. + * + * @return builder + * + */ + public Builder sourceAccountId(String sourceAccountId) { + return sourceAccountId(Output.of(sourceAccountId)); + } + + /** + * @param sourceViewCount Number of source views associated with this billing view. + * + * @return builder + * + */ + public Builder sourceViewCount(@Nullable Output sourceViewCount) { + $.sourceViewCount = sourceViewCount; + return this; + } + + /** + * @param sourceViewCount Number of source views associated with this billing view. + * + * @return builder + * + */ + public Builder sourceViewCount(Integer sourceViewCount) { + return sourceViewCount(Output.of(sourceViewCount)); + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(@Nullable Output> sourceViews) { + $.sourceViews = sourceViews; + return this; + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(List sourceViews) { + return sourceViews(Output.of(sourceViews)); + } + + /** + * @param sourceViews List of ARNs of the source data views for the custom billing view. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder sourceViews(String... sourceViews) { + return sourceViews(List.of(sourceViews)); + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags List of key value map specifying tags associated to the billing view being created. + * + * @return builder + * + */ + public Builder tags(Map tags) { + return tags(Output.of(tags)); + } + + /** + * @param tagsAll List of key value map specifying tags associated to the billing view. + * + * @return builder + * + */ + public Builder tagsAll(@Nullable Output> tagsAll) { + $.tagsAll = tagsAll; + return this; + } + + /** + * @param tagsAll List of key value map specifying tags associated to the billing view. + * + * @return builder + * + */ + public Builder tagsAll(Map tagsAll) { + return tagsAll(Output.of(tagsAll)); + } + + public Builder timeouts(@Nullable Output timeouts) { + $.timeouts = timeouts; + return this; + } + + public Builder timeouts(ViewTimeoutsArgs timeouts) { + return timeouts(Output.of(timeouts)); + } + + /** + * @param updatedAt Time when the billing view was last updated. + * + * @return builder + * + */ + public Builder updatedAt(@Nullable Output updatedAt) { + $.updatedAt = updatedAt; + return this; + } + + /** + * @param updatedAt Time when the billing view was last updated. + * + * @return builder + * + */ + public Builder updatedAt(String updatedAt) { + return updatedAt(Output.of(updatedAt)); + } + + /** + * @param viewDefinitionLastUpdatedAt Timestamp of when the billing view definition was last updated. + * + * @return builder + * + */ + public Builder viewDefinitionLastUpdatedAt(@Nullable Output viewDefinitionLastUpdatedAt) { + $.viewDefinitionLastUpdatedAt = viewDefinitionLastUpdatedAt; + return this; + } + + /** + * @param viewDefinitionLastUpdatedAt Timestamp of when the billing view definition was last updated. + * + * @return builder + * + */ + public Builder viewDefinitionLastUpdatedAt(String viewDefinitionLastUpdatedAt) { + return viewDefinitionLastUpdatedAt(Output.of(viewDefinitionLastUpdatedAt)); + } + + public ViewState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewTimeoutsArgs.java b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewTimeoutsArgs.java new file mode 100644 index 00000000000..39c2a5b285d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/inputs/ViewTimeoutsArgs.java @@ -0,0 +1,157 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ViewTimeoutsArgs extends com.pulumi.resources.ResourceArgs { + + public static final ViewTimeoutsArgs Empty = new ViewTimeoutsArgs(); + + /** + * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + @Import(name="create") + private @Nullable Output create; + + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + public Optional> create() { + return Optional.ofNullable(this.create); + } + + /** + * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + */ + @Import(name="delete") + private @Nullable Output delete; + + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + */ + public Optional> delete() { + return Optional.ofNullable(this.delete); + } + + /** + * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + @Import(name="update") + private @Nullable Output update; + + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + public Optional> update() { + return Optional.ofNullable(this.update); + } + + private ViewTimeoutsArgs() {} + + private ViewTimeoutsArgs(ViewTimeoutsArgs $) { + this.create = $.create; + this.delete = $.delete; + this.update = $.update; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ViewTimeoutsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ViewTimeoutsArgs $; + + public Builder() { + $ = new ViewTimeoutsArgs(); + } + + public Builder(ViewTimeoutsArgs defaults) { + $ = new ViewTimeoutsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param create A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + * @return builder + * + */ + public Builder create(@Nullable Output create) { + $.create = create; + return this; + } + + /** + * @param create A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + * @return builder + * + */ + public Builder create(String create) { + return create(Output.of(create)); + } + + /** + * @param delete A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + * @return builder + * + */ + public Builder delete(@Nullable Output delete) { + $.delete = delete; + return this; + } + + /** + * @param delete A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + * @return builder + * + */ + public Builder delete(String delete) { + return delete(Output.of(delete)); + } + + /** + * @param update A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + * @return builder + * + */ + public Builder update(@Nullable Output update) { + $.update = update; + return this; + } + + /** + * @param update A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + * @return builder + * + */ + public Builder update(String update) { + return update(Output.of(update)); + } + + public ViewTimeoutsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpression.java b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpression.java new file mode 100644 index 00000000000..4d70cb17b3a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpression.java @@ -0,0 +1,105 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.outputs; + +import com.pulumi.aws.billing.outputs.ViewDataFilterExpressionDimensions; +import com.pulumi.aws.billing.outputs.ViewDataFilterExpressionTag; +import com.pulumi.aws.billing.outputs.ViewDataFilterExpressionTimeRange; +import com.pulumi.core.annotations.CustomType; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ViewDataFilterExpression { + /** + * @return Dimension to use for `expression`. Refer to #dimensions for more details. + * + */ + private @Nullable ViewDataFilterExpressionDimensions dimensions; + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + private @Nullable List tags; + /** + * @return Time range to use for `expression`. Refer to #time-range for more details. + * + */ + private @Nullable ViewDataFilterExpressionTimeRange timeRange; + + private ViewDataFilterExpression() {} + /** + * @return Dimension to use for `expression`. Refer to #dimensions for more details. + * + */ + public Optional dimensions() { + return Optional.ofNullable(this.dimensions); + } + /** + * @return List of key value map specifying tags associated to the billing view being created. + * + */ + public List tags() { + return this.tags == null ? List.of() : this.tags; + } + /** + * @return Time range to use for `expression`. Refer to #time-range for more details. + * + */ + public Optional timeRange() { + return Optional.ofNullable(this.timeRange); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ViewDataFilterExpression defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable ViewDataFilterExpressionDimensions dimensions; + private @Nullable List tags; + private @Nullable ViewDataFilterExpressionTimeRange timeRange; + public Builder() {} + public Builder(ViewDataFilterExpression defaults) { + Objects.requireNonNull(defaults); + this.dimensions = defaults.dimensions; + this.tags = defaults.tags; + this.timeRange = defaults.timeRange; + } + + @CustomType.Setter + public Builder dimensions(@Nullable ViewDataFilterExpressionDimensions dimensions) { + + this.dimensions = dimensions; + return this; + } + @CustomType.Setter + public Builder tags(@Nullable List tags) { + + this.tags = tags; + return this; + } + public Builder tags(ViewDataFilterExpressionTag... tags) { + return tags(List.of(tags)); + } + @CustomType.Setter + public Builder timeRange(@Nullable ViewDataFilterExpressionTimeRange timeRange) { + + this.timeRange = timeRange; + return this; + } + public ViewDataFilterExpression build() { + final var _resultValue = new ViewDataFilterExpression(); + _resultValue.dimensions = dimensions; + _resultValue.tags = tags; + _resultValue.timeRange = timeRange; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionDimensions.java b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionDimensions.java new file mode 100644 index 00000000000..cc5655cc430 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionDimensions.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ViewDataFilterExpressionDimensions { + /** + * @return Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + */ + private String key; + /** + * @return List of metadata values that you can use to filter and group your results. + * + */ + private List values; + + private ViewDataFilterExpressionDimensions() {} + /** + * @return Key of the dimension. Possible values are `LINKED_ACCOUNT`. + * + */ + public String key() { + return this.key; + } + /** + * @return List of metadata values that you can use to filter and group your results. + * + */ + public List values() { + return this.values; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ViewDataFilterExpressionDimensions defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String key; + private List values; + public Builder() {} + public Builder(ViewDataFilterExpressionDimensions defaults) { + Objects.requireNonNull(defaults); + this.key = defaults.key; + this.values = defaults.values; + } + + @CustomType.Setter + public Builder key(String key) { + if (key == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionDimensions", "key"); + } + this.key = key; + return this; + } + @CustomType.Setter + public Builder values(List values) { + if (values == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionDimensions", "values"); + } + this.values = values; + return this; + } + public Builder values(String... values) { + return values(List.of(values)); + } + public ViewDataFilterExpressionDimensions build() { + final var _resultValue = new ViewDataFilterExpressionDimensions(); + _resultValue.key = key; + _resultValue.values = values; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTag.java b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTag.java new file mode 100644 index 00000000000..ca4dce2cda0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTag.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ViewDataFilterExpressionTag { + /** + * @return Key of the tag. + * + */ + private String key; + /** + * @return List of values for the tag. + * + */ + private List values; + + private ViewDataFilterExpressionTag() {} + /** + * @return Key of the tag. + * + */ + public String key() { + return this.key; + } + /** + * @return List of values for the tag. + * + */ + public List values() { + return this.values; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ViewDataFilterExpressionTag defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String key; + private List values; + public Builder() {} + public Builder(ViewDataFilterExpressionTag defaults) { + Objects.requireNonNull(defaults); + this.key = defaults.key; + this.values = defaults.values; + } + + @CustomType.Setter + public Builder key(String key) { + if (key == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTag", "key"); + } + this.key = key; + return this; + } + @CustomType.Setter + public Builder values(List values) { + if (values == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTag", "values"); + } + this.values = values; + return this; + } + public Builder values(String... values) { + return values(List.of(values)); + } + public ViewDataFilterExpressionTag build() { + final var _resultValue = new ViewDataFilterExpressionTag(); + _resultValue.key = key; + _resultValue.values = values; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTimeRange.java b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTimeRange.java new file mode 100644 index 00000000000..40f7ca6066e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewDataFilterExpressionTimeRange.java @@ -0,0 +1,73 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class ViewDataFilterExpressionTimeRange { + /** + * @return Inclusive end date of the time range. + * + */ + private String beginDateInclusive; + private String endDateInclusive; + + private ViewDataFilterExpressionTimeRange() {} + /** + * @return Inclusive end date of the time range. + * + */ + public String beginDateInclusive() { + return this.beginDateInclusive; + } + public String endDateInclusive() { + return this.endDateInclusive; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ViewDataFilterExpressionTimeRange defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String beginDateInclusive; + private String endDateInclusive; + public Builder() {} + public Builder(ViewDataFilterExpressionTimeRange defaults) { + Objects.requireNonNull(defaults); + this.beginDateInclusive = defaults.beginDateInclusive; + this.endDateInclusive = defaults.endDateInclusive; + } + + @CustomType.Setter + public Builder beginDateInclusive(String beginDateInclusive) { + if (beginDateInclusive == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTimeRange", "beginDateInclusive"); + } + this.beginDateInclusive = beginDateInclusive; + return this; + } + @CustomType.Setter + public Builder endDateInclusive(String endDateInclusive) { + if (endDateInclusive == null) { + throw new MissingRequiredPropertyException("ViewDataFilterExpressionTimeRange", "endDateInclusive"); + } + this.endDateInclusive = endDateInclusive; + return this; + } + public ViewDataFilterExpressionTimeRange build() { + final var _resultValue = new ViewDataFilterExpressionTimeRange(); + _resultValue.beginDateInclusive = beginDateInclusive; + _resultValue.endDateInclusive = endDateInclusive; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewTimeouts.java b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewTimeouts.java new file mode 100644 index 00000000000..be5471db12d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/billing/outputs/ViewTimeouts.java @@ -0,0 +1,99 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.billing.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ViewTimeouts { + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + private @Nullable String create; + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + */ + private @Nullable String delete; + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + private @Nullable String update; + + private ViewTimeouts() {} + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + public Optional create() { + return Optional.ofNullable(this.create); + } + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs. + * + */ + public Optional delete() { + return Optional.ofNullable(this.delete); + } + /** + * @return A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). + * + */ + public Optional update() { + return Optional.ofNullable(this.update); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ViewTimeouts defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String create; + private @Nullable String delete; + private @Nullable String update; + public Builder() {} + public Builder(ViewTimeouts defaults) { + Objects.requireNonNull(defaults); + this.create = defaults.create; + this.delete = defaults.delete; + this.update = defaults.update; + } + + @CustomType.Setter + public Builder create(@Nullable String create) { + + this.create = create; + return this; + } + @CustomType.Setter + public Builder delete(@Nullable String delete) { + + this.delete = delete; + return this; + } + @CustomType.Setter + public Builder update(@Nullable String update) { + + this.update = update; + return this; + } + public ViewTimeouts build() { + final var _resultValue = new ViewTimeouts(); + _resultValue.create = create; + _resultValue.delete = delete; + _resultValue.update = update; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/inputs/NotificationRuleTargetArgs.java b/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/inputs/NotificationRuleTargetArgs.java index f548350bfcc..1d5f678d329 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/inputs/NotificationRuleTargetArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/inputs/NotificationRuleTargetArgs.java @@ -17,14 +17,14 @@ public final class NotificationRuleTargetArgs extends com.pulumi.resources.Resou public static final NotificationRuleTargetArgs Empty = new NotificationRuleTargetArgs(); /** - * The ARN of notification rule target. For example, a SNS Topic ARN. + * The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * */ @Import(name="address", required=true) private Output address; /** - * @return The ARN of notification rule target. For example, a SNS Topic ARN. + * @return The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * */ public Output address() { @@ -47,14 +47,14 @@ public Optional> status() { } /** - * The type of the notification target. Default value is `SNS`. + * The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * */ @Import(name="type") private @Nullable Output type; /** - * @return The type of the notification target. Default value is `SNS`. + * @return The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * */ public Optional> type() { @@ -88,7 +88,7 @@ public Builder(NotificationRuleTargetArgs defaults) { } /** - * @param address The ARN of notification rule target. For example, a SNS Topic ARN. + * @param address The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * * @return builder * @@ -99,7 +99,7 @@ public Builder address(Output address) { } /** - * @param address The ARN of notification rule target. For example, a SNS Topic ARN. + * @param address The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * * @return builder * @@ -130,7 +130,7 @@ public Builder status(String status) { } /** - * @param type The type of the notification target. Default value is `SNS`. + * @param type The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * * @return builder * @@ -141,7 +141,7 @@ public Builder type(@Nullable Output type) { } /** - * @param type The type of the notification target. Default value is `SNS`. + * @param type The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/outputs/NotificationRuleTarget.java b/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/outputs/NotificationRuleTarget.java index b62a5a266cf..f7b875dbe64 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/outputs/NotificationRuleTarget.java +++ b/sdk/java/src/main/java/com/pulumi/aws/codestarnotifications/outputs/NotificationRuleTarget.java @@ -13,7 +13,7 @@ @CustomType public final class NotificationRuleTarget { /** - * @return The ARN of notification rule target. For example, a SNS Topic ARN. + * @return The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * */ private String address; @@ -23,14 +23,14 @@ public final class NotificationRuleTarget { */ private @Nullable String status; /** - * @return The type of the notification target. Default value is `SNS`. + * @return The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * */ private @Nullable String type; private NotificationRuleTarget() {} /** - * @return The ARN of notification rule target. For example, a SNS Topic ARN. + * @return The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client. * */ public String address() { @@ -44,7 +44,7 @@ public Optional status() { return Optional.ofNullable(this.status); } /** - * @return The type of the notification target. Default value is `SNS`. + * @return The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`. * */ public Optional type() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/Table.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/Table.java index ef7d8b2aa42..a3813129517 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/Table.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/Table.java @@ -8,6 +8,7 @@ import com.pulumi.aws.dynamodb.inputs.TableState; import com.pulumi.aws.dynamodb.outputs.TableAttribute; import com.pulumi.aws.dynamodb.outputs.TableGlobalSecondaryIndex; +import com.pulumi.aws.dynamodb.outputs.TableGlobalTableWitness; import com.pulumi.aws.dynamodb.outputs.TableImportTable; import com.pulumi.aws.dynamodb.outputs.TableLocalSecondaryIndex; import com.pulumi.aws.dynamodb.outputs.TableOnDemandThroughput; @@ -177,9 +178,13 @@ * * A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read. * + * You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas. + * * **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html). * - * Consistency Mode (`consistencyMode`) is a new argument on the embedded `replica` that allows you to configure consistency mode for Global Tables. + * Consistency Mode (`consistencyMode`) on the embedded `replica` allows you to configure consistency mode for Global Tables. + * + * ##### Consistency mode with 3 Replicas * * 
  * {@code
@@ -231,6 +236,57 @@
  * }
  *
* + * ##### Consistency Mode with 2 Replicas and Witness Region + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.dynamodb.Table;
+ * import com.pulumi.aws.dynamodb.TableArgs;
+ * import com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;
+ * import com.pulumi.aws.dynamodb.inputs.TableReplicaArgs;
+ * import com.pulumi.aws.dynamodb.inputs.TableGlobalTableWitnessArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new Table("example", TableArgs.builder()
+ *             .name("example")
+ *             .hashKey("TestTableHashKey")
+ *             .billingMode("PAY_PER_REQUEST")
+ *             .streamEnabled(true)
+ *             .streamViewType("NEW_AND_OLD_IMAGES")
+ *             .attributes(TableAttributeArgs.builder()
+ *                 .name("TestTableHashKey")
+ *                 .type("S")
+ *                 .build())
+ *             .replicas(TableReplicaArgs.builder()
+ *                 .regionName("us-east-2")
+ *                 .consistencyMode("STRONG")
+ *                 .build())
+ *             .globalTableWitness(TableGlobalTableWitnessArgs.builder()
+ *                 .regionName("us-west-2")
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ### Replica Tagging * * You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `aws.dynamodb.Tag` resource for the other. @@ -394,6 +450,20 @@ public Output> deletionProtectionEnabled() { public Output>> globalSecondaryIndexes() { return Codegen.optional(this.globalSecondaryIndexes); } + /** + * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + @Export(name="globalTableWitness", refs={TableGlobalTableWitness.class}, tree="[0]") + private Output globalTableWitness; + + /** + * @return Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + public Output globalTableWitness() { + return this.globalTableWitness; + } /** * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/TableArgs.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/TableArgs.java index 78e833d43a7..21206e296ca 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/TableArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/TableArgs.java @@ -5,6 +5,7 @@ import com.pulumi.aws.dynamodb.inputs.TableAttributeArgs; import com.pulumi.aws.dynamodb.inputs.TableGlobalSecondaryIndexArgs; +import com.pulumi.aws.dynamodb.inputs.TableGlobalTableWitnessArgs; import com.pulumi.aws.dynamodb.inputs.TableImportTableArgs; import com.pulumi.aws.dynamodb.inputs.TableLocalSecondaryIndexArgs; import com.pulumi.aws.dynamodb.inputs.TableOnDemandThroughputArgs; @@ -89,6 +90,21 @@ public Optional>> globalSecondaryInde return Optional.ofNullable(this.globalSecondaryIndexes); } + /** + * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + @Import(name="globalTableWitness") + private @Nullable Output globalTableWitness; + + /** + * @return Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + public Optional> globalTableWitness() { + return Optional.ofNullable(this.globalTableWitness); + } + /** * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. * @@ -434,6 +450,7 @@ private TableArgs(TableArgs $) { this.billingMode = $.billingMode; this.deletionProtectionEnabled = $.deletionProtectionEnabled; this.globalSecondaryIndexes = $.globalSecondaryIndexes; + this.globalTableWitness = $.globalTableWitness; this.hashKey = $.hashKey; this.importTable = $.importTable; this.localSecondaryIndexes = $.localSecondaryIndexes; @@ -580,6 +597,27 @@ public Builder globalSecondaryIndexes(TableGlobalSecondaryIndexArgs... globalSec return globalSecondaryIndexes(List.of(globalSecondaryIndexes)); } + /** + * @param globalTableWitness Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + * @return builder + * + */ + public Builder globalTableWitness(@Nullable Output globalTableWitness) { + $.globalTableWitness = globalTableWitness; + return this; + } + + /** + * @param globalTableWitness Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + * @return builder + * + */ + public Builder globalTableWitness(TableGlobalTableWitnessArgs globalTableWitness) { + return globalTableWitness(Output.of(globalTableWitness)); + } + /** * @param hashKey Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableGlobalTableWitnessArgs.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableGlobalTableWitnessArgs.java new file mode 100644 index 00000000000..5ab7d706592 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableGlobalTableWitnessArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.dynamodb.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class TableGlobalTableWitnessArgs extends com.pulumi.resources.ResourceArgs { + + public static final TableGlobalTableWitnessArgs Empty = new TableGlobalTableWitnessArgs(); + + /** + * Name of the AWS Region that serves as a witness for the MRSC global table. + * + */ + @Import(name="regionName") + private @Nullable Output regionName; + + /** + * @return Name of the AWS Region that serves as a witness for the MRSC global table. + * + */ + public Optional> regionName() { + return Optional.ofNullable(this.regionName); + } + + private TableGlobalTableWitnessArgs() {} + + private TableGlobalTableWitnessArgs(TableGlobalTableWitnessArgs $) { + this.regionName = $.regionName; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TableGlobalTableWitnessArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TableGlobalTableWitnessArgs $; + + public Builder() { + $ = new TableGlobalTableWitnessArgs(); + } + + public Builder(TableGlobalTableWitnessArgs defaults) { + $ = new TableGlobalTableWitnessArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param regionName Name of the AWS Region that serves as a witness for the MRSC global table. + * + * @return builder + * + */ + public Builder regionName(@Nullable Output regionName) { + $.regionName = regionName; + return this; + } + + /** + * @param regionName Name of the AWS Region that serves as a witness for the MRSC global table. + * + * @return builder + * + */ + public Builder regionName(String regionName) { + return regionName(Output.of(regionName)); + } + + public TableGlobalTableWitnessArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableState.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableState.java index b9e9d7cd700..c3e7f8d8836 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/inputs/TableState.java @@ -5,6 +5,7 @@ import com.pulumi.aws.dynamodb.inputs.TableAttributeArgs; import com.pulumi.aws.dynamodb.inputs.TableGlobalSecondaryIndexArgs; +import com.pulumi.aws.dynamodb.inputs.TableGlobalTableWitnessArgs; import com.pulumi.aws.dynamodb.inputs.TableImportTableArgs; import com.pulumi.aws.dynamodb.inputs.TableLocalSecondaryIndexArgs; import com.pulumi.aws.dynamodb.inputs.TableOnDemandThroughputArgs; @@ -104,6 +105,21 @@ public Optional>> globalSecondaryInde return Optional.ofNullable(this.globalSecondaryIndexes); } + /** + * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + @Import(name="globalTableWitness") + private @Nullable Output globalTableWitness; + + /** + * @return Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + */ + public Optional> globalTableWitness() { + return Optional.ofNullable(this.globalTableWitness); + } + /** * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. * @@ -495,6 +511,7 @@ private TableState(TableState $) { this.billingMode = $.billingMode; this.deletionProtectionEnabled = $.deletionProtectionEnabled; this.globalSecondaryIndexes = $.globalSecondaryIndexes; + this.globalTableWitness = $.globalTableWitness; this.hashKey = $.hashKey; this.importTable = $.importTable; this.localSecondaryIndexes = $.localSecondaryIndexes; @@ -665,6 +682,27 @@ public Builder globalSecondaryIndexes(TableGlobalSecondaryIndexArgs... globalSec return globalSecondaryIndexes(List.of(globalSecondaryIndexes)); } + /** + * @param globalTableWitness Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + * @return builder + * + */ + public Builder globalTableWitness(@Nullable Output globalTableWitness) { + $.globalTableWitness = globalTableWitness; + return this; + } + + /** + * @param globalTableWitness Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below. + * + * @return builder + * + */ + public Builder globalTableWitness(TableGlobalTableWitnessArgs globalTableWitness) { + return globalTableWitness(Output.of(globalTableWitness)); + } + /** * @param hashKey Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/outputs/TableGlobalTableWitness.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/outputs/TableGlobalTableWitness.java new file mode 100644 index 00000000000..ca23fdafd4a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/outputs/TableGlobalTableWitness.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.dynamodb.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class TableGlobalTableWitness { + /** + * @return Name of the AWS Region that serves as a witness for the MRSC global table. + * + */ + private @Nullable String regionName; + + private TableGlobalTableWitness() {} + /** + * @return Name of the AWS Region that serves as a witness for the MRSC global table. + * + */ + public Optional regionName() { + return Optional.ofNullable(this.regionName); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TableGlobalTableWitness defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String regionName; + public Builder() {} + public Builder(TableGlobalTableWitness defaults) { + Objects.requireNonNull(defaults); + this.regionName = defaults.regionName; + } + + @CustomType.Setter + public Builder regionName(@Nullable String regionName) { + + this.regionName = regionName; + return this; + } + public TableGlobalTableWitness build() { + final var _resultValue = new TableGlobalTableWitness(); + _resultValue.regionName = regionName; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnection.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnection.java index 7985754bd04..68597c6a3d0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnection.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnection.java @@ -1215,6 +1215,20 @@ public Output> tunnel2StartupAction() { public Output tunnel2VgwInsideAddress() { return this.tunnel2VgwInsideAddress; } + /** + * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + @Export(name="tunnelBandwidth", refs={String.class}, tree="[0]") + private Output tunnelBandwidth; + + /** + * @return Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + public Output tunnelBandwidth() { + return this.tunnelBandwidth; + } /** * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnectionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnectionArgs.java index f7e3d27c6d7..d802172737a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnectionArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpnConnectionArgs.java @@ -817,6 +817,21 @@ public Optional> tunnel2StartupAction() { return Optional.ofNullable(this.tunnel2StartupAction); } + /** + * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + @Import(name="tunnelBandwidth") + private @Nullable Output tunnelBandwidth; + + /** + * @return Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + public Optional> tunnelBandwidth() { + return Optional.ofNullable(this.tunnelBandwidth); + } + /** * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. * @@ -918,6 +933,7 @@ private VpnConnectionArgs(VpnConnectionArgs $) { this.tunnel2RekeyMarginTimeSeconds = $.tunnel2RekeyMarginTimeSeconds; this.tunnel2ReplayWindowSize = $.tunnel2ReplayWindowSize; this.tunnel2StartupAction = $.tunnel2StartupAction; + this.tunnelBandwidth = $.tunnelBandwidth; this.tunnelInsideIpVersion = $.tunnelInsideIpVersion; this.type = $.type; this.vpnGatewayId = $.vpnGatewayId; @@ -2194,6 +2210,27 @@ public Builder tunnel2StartupAction(String tunnel2StartupAction) { return tunnel2StartupAction(Output.of(tunnel2StartupAction)); } + /** + * @param tunnelBandwidth Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + * @return builder + * + */ + public Builder tunnelBandwidth(@Nullable Output tunnelBandwidth) { + $.tunnelBandwidth = tunnelBandwidth; + return this; + } + + /** + * @param tunnelBandwidth Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + * @return builder + * + */ + public Builder tunnelBandwidth(String tunnelBandwidth) { + return tunnelBandwidth(Output.of(tunnelBandwidth)); + } + /** * @param tunnelInsideIpVersion Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/VpnConnectionState.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/VpnConnectionState.java index 7ea5ae54ae7..12433024957 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/VpnConnectionState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/VpnConnectionState.java @@ -1088,6 +1088,21 @@ public Optional> tunnel2VgwInsideAddress() { return Optional.ofNullable(this.tunnel2VgwInsideAddress); } + /** + * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + @Import(name="tunnelBandwidth") + private @Nullable Output tunnelBandwidth; + + /** + * @return Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + */ + public Optional> tunnelBandwidth() { + return Optional.ofNullable(this.tunnelBandwidth); + } + /** * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. * @@ -1222,6 +1237,7 @@ private VpnConnectionState(VpnConnectionState $) { this.tunnel2ReplayWindowSize = $.tunnel2ReplayWindowSize; this.tunnel2StartupAction = $.tunnel2StartupAction; this.tunnel2VgwInsideAddress = $.tunnel2VgwInsideAddress; + this.tunnelBandwidth = $.tunnelBandwidth; this.tunnelInsideIpVersion = $.tunnelInsideIpVersion; this.type = $.type; this.vgwTelemetries = $.vgwTelemetries; @@ -2887,6 +2903,27 @@ public Builder tunnel2VgwInsideAddress(String tunnel2VgwInsideAddress) { return tunnel2VgwInsideAddress(Output.of(tunnel2VgwInsideAddress)); } + /** + * @param tunnelBandwidth Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + * @return builder + * + */ + public Builder tunnelBandwidth(@Nullable Output tunnelBandwidth) { + $.tunnelBandwidth = tunnelBandwidth; + return this; + } + + /** + * @param tunnelBandwidth Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`. + * + * @return builder + * + */ + public Builder tunnelBandwidth(String tunnelBandwidth) { + return tunnelBandwidth(Output.of(tunnelBandwidth)); + } + /** * @param tunnelInsideIpVersion Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicy.java index 5903f129463..503f505e470 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicy.java @@ -11,8 +11,10 @@ import com.pulumi.core.annotations.Export; import com.pulumi.core.annotations.ResourceType; import com.pulumi.core.internal.Codegen; +import java.lang.Integer; import java.lang.String; import java.util.List; +import java.util.Optional; import javax.annotation.Nullable; /** @@ -127,6 +129,34 @@ public Output> computeLimits() { public Output region() { return this.region; } + /** + * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + @Export(name="scalingStrategy", refs={String.class}, tree="[0]") + private Output scalingStrategy; + + /** + * @return Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + public Output> scalingStrategy() { + return Codegen.optional(this.scalingStrategy); + } + /** + * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + @Export(name="utilizationPerformanceIndex", refs={Integer.class}, tree="[0]") + private Output utilizationPerformanceIndex; + + /** + * @return Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + public Output> utilizationPerformanceIndex() { + return Codegen.optional(this.utilizationPerformanceIndex); + } /** * diff --git a/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicyArgs.java index 1449b4d7b25..c796a31e0e6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/emr/ManagedScalingPolicyArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Integer; import java.lang.String; import java.util.List; import java.util.Objects; @@ -63,12 +64,44 @@ public Optional> region() { return Optional.ofNullable(this.region); } + /** + * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + @Import(name="scalingStrategy") + private @Nullable Output scalingStrategy; + + /** + * @return Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + public Optional> scalingStrategy() { + return Optional.ofNullable(this.scalingStrategy); + } + + /** + * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + @Import(name="utilizationPerformanceIndex") + private @Nullable Output utilizationPerformanceIndex; + + /** + * @return Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + public Optional> utilizationPerformanceIndex() { + return Optional.ofNullable(this.utilizationPerformanceIndex); + } + private ManagedScalingPolicyArgs() {} private ManagedScalingPolicyArgs(ManagedScalingPolicyArgs $) { this.clusterId = $.clusterId; this.computeLimits = $.computeLimits; this.region = $.region; + this.scalingStrategy = $.scalingStrategy; + this.utilizationPerformanceIndex = $.utilizationPerformanceIndex; } public static Builder builder() { @@ -162,6 +195,48 @@ public Builder region(String region) { return region(Output.of(region)); } + /** + * @param scalingStrategy Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + * @return builder + * + */ + public Builder scalingStrategy(@Nullable Output scalingStrategy) { + $.scalingStrategy = scalingStrategy; + return this; + } + + /** + * @param scalingStrategy Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + * @return builder + * + */ + public Builder scalingStrategy(String scalingStrategy) { + return scalingStrategy(Output.of(scalingStrategy)); + } + + /** + * @param utilizationPerformanceIndex Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + * @return builder + * + */ + public Builder utilizationPerformanceIndex(@Nullable Output utilizationPerformanceIndex) { + $.utilizationPerformanceIndex = utilizationPerformanceIndex; + return this; + } + + /** + * @param utilizationPerformanceIndex Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + * @return builder + * + */ + public Builder utilizationPerformanceIndex(Integer utilizationPerformanceIndex) { + return utilizationPerformanceIndex(Output.of(utilizationPerformanceIndex)); + } + public ManagedScalingPolicyArgs build() { if ($.clusterId == null) { throw new MissingRequiredPropertyException("ManagedScalingPolicyArgs", "clusterId"); diff --git a/sdk/java/src/main/java/com/pulumi/aws/emr/inputs/ManagedScalingPolicyState.java b/sdk/java/src/main/java/com/pulumi/aws/emr/inputs/ManagedScalingPolicyState.java index 5b535bb103b..82363977284 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/emr/inputs/ManagedScalingPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/emr/inputs/ManagedScalingPolicyState.java @@ -6,6 +6,7 @@ import com.pulumi.aws.emr.inputs.ManagedScalingPolicyComputeLimitArgs; import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import java.lang.Integer; import java.lang.String; import java.util.List; import java.util.Objects; @@ -62,12 +63,44 @@ public Optional> region() { return Optional.ofNullable(this.region); } + /** + * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + @Import(name="scalingStrategy") + private @Nullable Output scalingStrategy; + + /** + * @return Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + */ + public Optional> scalingStrategy() { + return Optional.ofNullable(this.scalingStrategy); + } + + /** + * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + @Import(name="utilizationPerformanceIndex") + private @Nullable Output utilizationPerformanceIndex; + + /** + * @return Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + */ + public Optional> utilizationPerformanceIndex() { + return Optional.ofNullable(this.utilizationPerformanceIndex); + } + private ManagedScalingPolicyState() {} private ManagedScalingPolicyState(ManagedScalingPolicyState $) { this.clusterId = $.clusterId; this.computeLimits = $.computeLimits; this.region = $.region; + this.scalingStrategy = $.scalingStrategy; + this.utilizationPerformanceIndex = $.utilizationPerformanceIndex; } public static Builder builder() { @@ -161,6 +194,48 @@ public Builder region(String region) { return region(Output.of(region)); } + /** + * @param scalingStrategy Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + * @return builder + * + */ + public Builder scalingStrategy(@Nullable Output scalingStrategy) { + $.scalingStrategy = scalingStrategy; + return this; + } + + /** + * @param scalingStrategy Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`. + * + * @return builder + * + */ + public Builder scalingStrategy(String scalingStrategy) { + return scalingStrategy(Output.of(scalingStrategy)); + } + + /** + * @param utilizationPerformanceIndex Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + * @return builder + * + */ + public Builder utilizationPerformanceIndex(@Nullable Output utilizationPerformanceIndex) { + $.utilizationPerformanceIndex = utilizationPerformanceIndex; + return this; + } + + /** + * @param utilizationPerformanceIndex Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`. + * + * @return builder + * + */ + public Builder utilizationPerformanceIndex(Integer utilizationPerformanceIndex) { + return utilizationPerformanceIndex(Output.of(utilizationPerformanceIndex)); + } + public ManagedScalingPolicyState build() { return $; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateActionTargetArgs.java b/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateActionTargetArgs.java index 439950fdf3c..542f1b15199 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateActionTargetArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateActionTargetArgs.java @@ -15,14 +15,14 @@ public final class ExperimentTemplateActionTargetArgs extends com.pulumi.resourc public static final ExperimentTemplateActionTargetArgs Empty = new ExperimentTemplateActionTargetArgs(); /** - * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * */ @Import(name="key", required=true) private Output key; /** - * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * */ public Output key() { @@ -70,7 +70,7 @@ public Builder(ExperimentTemplateActionTargetArgs defaults) { } /** - * @param key Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * @param key Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * * @return builder * @@ -81,7 +81,7 @@ public Builder key(Output key) { } /** - * @param key Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * @param key Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.java index 978f259d76f..379aa202a10 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/fis/inputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs.java @@ -15,14 +15,14 @@ public final class ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration public static final ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs Empty = new ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs(); /** - * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * */ @Import(name="logGroupArn", required=true) private Output logGroupArn; /** - * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * */ public Output logGroupArn() { @@ -54,7 +54,7 @@ public Builder(ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs } /** - * @param logGroupArn The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * @param logGroupArn The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * * @return builder * @@ -65,7 +65,7 @@ public Builder logGroupArn(Output logGroupArn) { } /** - * @param logGroupArn The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * @param logGroupArn The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateActionTarget.java b/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateActionTarget.java index 0cf28b47a50..739ab6bfee6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateActionTarget.java +++ b/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateActionTarget.java @@ -11,7 +11,7 @@ @CustomType public final class ExperimentTemplateActionTarget { /** - * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * */ private String key; @@ -23,7 +23,7 @@ public final class ExperimentTemplateActionTarget { private ExperimentTemplateActionTarget() {} /** - * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. + * @return Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details. * */ public String key() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.java index 427b93c9d36..b79521781c4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/fis/outputs/ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration.java @@ -11,14 +11,14 @@ @CustomType public final class ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration { /** - * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * */ private String logGroupArn; private ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration() {} /** - * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. + * @return The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*` * */ public String logGroupArn() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/lambda/Invocation.java b/sdk/java/src/main/java/com/pulumi/aws/lambda/Invocation.java index 28c2c6d0b7f..d29de6afe9b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lambda/Invocation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lambda/Invocation.java @@ -195,6 +195,16 @@ * * When the invocation resource is removed, the final invocation will have: * + * ## Import + * + * Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example: + * + * ```sh + * $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09 + * ``` + * Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function. + * To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function. + * */ @ResourceType(type="aws:lambda/invocation:Invocation") public class Invocation extends com.pulumi.resources.CustomResource { diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/Listener.java b/sdk/java/src/main/java/com/pulumi/aws/lb/Listener.java index 125a2097bc3..8669043b184 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lb/Listener.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lb/Listener.java @@ -400,6 +400,70 @@ * } * * + * ### JWT Validation Action + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.lb.Listener;
+ * import com.pulumi.aws.lb.ListenerArgs;
+ * import com.pulumi.aws.lb.inputs.ListenerDefaultActionArgs;
+ * import com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var test = new Listener("test", ListenerArgs.builder()
+ *             .loadBalancerArn(testAwsLb.id())
+ *             .protocol("HTTPS")
+ *             .port(443)
+ *             .sslPolicy("ELBSecurityPolicy-2016-08")
+ *             .certificateArn(testAwsIamServerCertificate.arn())
+ *             .defaultActions(            
+ *                 ListenerDefaultActionArgs.builder()
+ *                     .type("jwt-validation")
+ *                     .jwtValidation(ListenerDefaultActionJwtValidationArgs.builder()
+ *                         .issuer("https://example.com")
+ *                         .jwksEndpoint("https://example.com/.well-known/jwks.json")
+ *                         .additionalClaims(                        
+ *                             ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()
+ *                                 .format("string-array")
+ *                                 .name("claim_name1")
+ *                                 .values(                                
+ *                                     "value1",
+ *                                     "value2")
+ *                                 .build(),
+ *                             ListenerDefaultActionJwtValidationAdditionalClaimArgs.builder()
+ *                                 .format("single-string")
+ *                                 .name("claim_name2")
+ *                                 .values("value1")
+ *                                 .build())
+ *                         .build())
+ *                     .build(),
+ *                 ListenerDefaultActionArgs.builder()
+ *                     .targetGroupArn(testAwsLbTargetGroup.id())
+ *                     .type("forward")
+ *                     .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ### Gateway Load Balancer Listener * * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/ListenerRule.java b/sdk/java/src/main/java/com/pulumi/aws/lb/ListenerRule.java
index 45f5990919b..71e0d10dc01 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/ListenerRule.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/ListenerRule.java
@@ -26,258 +26,6 @@
  * 
  * > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.
  * 
- * ## Example Usage
- * 
- * 
- * {@code
- * package generated_program;
- * 
- * import com.pulumi.Context;
- * import com.pulumi.Pulumi;
- * import com.pulumi.core.Output;
- * import com.pulumi.aws.lb.LoadBalancer;
- * import com.pulumi.aws.lb.Listener;
- * import com.pulumi.aws.lb.ListenerRule;
- * import com.pulumi.aws.lb.ListenerRuleArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionPathPatternArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionHostHeaderArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardStickinessArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleConditionHttpHeaderArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
- * import com.pulumi.aws.cognito.UserPool;
- * import com.pulumi.aws.cognito.UserPoolClient;
- * import com.pulumi.aws.cognito.UserPoolDomain;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateCognitoArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigArgs;
- * import com.pulumi.aws.lb.inputs.ListenerRuleTransformUrlRewriteConfigRewriteArgs;
- * import java.util.List;
- * import java.util.ArrayList;
- * import java.util.Map;
- * import java.io.File;
- * import java.nio.file.Files;
- * import java.nio.file.Paths;
- * 
- * public class App {
- *     public static void main(String[] args) {
- *         Pulumi.run(App::stack);
- *     }
- * 
- *     public static void stack(Context ctx) {
- *         var frontEnd = new LoadBalancer("frontEnd");
- * 
- *         var frontEndListener = new Listener("frontEndListener");
- * 
- *         var static_ = new ListenerRule("static", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(100)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(            
- *                 ListenerRuleConditionArgs.builder()
- *                     .pathPattern(ListenerRuleConditionPathPatternArgs.builder()
- *                         .values("/static/*")
- *                         .build())
- *                     .build(),
- *                 ListenerRuleConditionArgs.builder()
- *                     .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                         .values("example.com")
- *                         .build())
- *                     .build())
- *             .build());
- * 
- *         // Forward action
- *         var hostBasedWeightedRouting = new ListenerRule("hostBasedWeightedRouting", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(99)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                     .values("my-service.*.mycompany.io")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Weighted Forward action
- *         var hostBasedRouting = new ListenerRule("hostBasedRouting", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .priority(99)
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .forward(ListenerRuleActionForwardArgs.builder()
- *                     .targetGroups(                    
- *                         ListenerRuleActionForwardTargetGroupArgs.builder()
- *                             .arn(main.arn())
- *                             .weight(80)
- *                             .build(),
- *                         ListenerRuleActionForwardTargetGroupArgs.builder()
- *                             .arn(canary.arn())
- *                             .weight(20)
- *                             .build())
- *                     .stickiness(ListenerRuleActionForwardStickinessArgs.builder()
- *                         .enabled(true)
- *                         .duration(600)
- *                         .build())
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .hostHeader(ListenerRuleConditionHostHeaderArgs.builder()
- *                     .values("my-service.*.mycompany.io")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Redirect action
- *         var redirectHttpToHttps = new ListenerRule("redirectHttpToHttps", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("redirect")
- *                 .redirect(ListenerRuleActionRedirectArgs.builder()
- *                     .port("443")
- *                     .protocol("HTTPS")
- *                     .statusCode("HTTP_301")
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .httpHeader(ListenerRuleConditionHttpHeaderArgs.builder()
- *                     .httpHeaderName("X-Forwarded-For")
- *                     .values("192.168.1.*")
- *                     .build())
- *                 .build())
- *             .build());
- * 
- *         // Fixed-response action
- *         var healthCheck = new ListenerRule("healthCheck", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("fixed-response")
- *                 .fixedResponse(ListenerRuleActionFixedResponseArgs.builder()
- *                     .contentType("text/plain")
- *                     .messageBody("HEALTHY")
- *                     .statusCode("200")
- *                     .build())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .queryStrings(                
- *                     ListenerRuleConditionQueryStringArgs.builder()
- *                         .key("health")
- *                         .value("check")
- *                         .build(),
- *                     ListenerRuleConditionQueryStringArgs.builder()
- *                         .value("bar")
- *                         .build())
- *                 .build())
- *             .build());
- * 
- *         // Authenticate-cognito Action
- *         var pool = new UserPool("pool");
- * 
- *         var client = new UserPoolClient("client");
- * 
- *         var domain = new UserPoolDomain("domain");
- * 
- *         var admin = new ListenerRule("admin", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(            
- *                 ListenerRuleActionArgs.builder()
- *                     .type("authenticate-cognito")
- *                     .authenticateCognito(ListenerRuleActionAuthenticateCognitoArgs.builder()
- *                         .userPoolArn(pool.arn())
- *                         .userPoolClientId(client.id())
- *                         .userPoolDomain(domain.domain())
- *                         .build())
- *                     .build(),
- *                 ListenerRuleActionArgs.builder()
- *                     .type("forward")
- *                     .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                     .build())
- *             .build());
- * 
- *         // Authenticate-oidc Action
- *         var oidc = new ListenerRule("oidc", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(            
- *                 ListenerRuleActionArgs.builder()
- *                     .type("authenticate-oidc")
- *                     .authenticateOidc(ListenerRuleActionAuthenticateOidcArgs.builder()
- *                         .authorizationEndpoint("https://example.com/authorization_endpoint")
- *                         .clientId("client_id")
- *                         .clientSecret("client_secret")
- *                         .issuer("https://example.com")
- *                         .tokenEndpoint("https://example.com/token_endpoint")
- *                         .userInfoEndpoint("https://example.com/user_info_endpoint")
- *                         .build())
- *                     .build(),
- *                 ListenerRuleActionArgs.builder()
- *                     .type("forward")
- *                     .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                     .build())
- *             .build());
- * 
- *         // With transform
- *         var transform = new ListenerRule("transform", ListenerRuleArgs.builder()
- *             .listenerArn(frontEndListener.arn())
- *             .actions(ListenerRuleActionArgs.builder()
- *                 .type("forward")
- *                 .targetGroupArn(staticAwsLbTargetGroup.arn())
- *                 .build())
- *             .conditions(ListenerRuleConditionArgs.builder()
- *                 .pathPattern(ListenerRuleConditionPathPatternArgs.builder()
- *                     .values("*")
- *                     .build())
- *                 .build())
- *             .transforms(            
- *                 ListenerRuleTransformArgs.builder()
- *                     .type("host-header-rewrite")
- *                     .hostHeaderRewriteConfig(ListenerRuleTransformHostHeaderRewriteConfigArgs.builder()
- *                         .rewrite(ListenerRuleTransformHostHeaderRewriteConfigRewriteArgs.builder()
- *                             .regex("^mywebsite-(.+).com$")
- *                             .replace("internal.dev.$1.myweb.com")
- *                             .build())
- *                         .build())
- *                     .build(),
- *                 ListenerRuleTransformArgs.builder()
- *                     .type("url-rewrite")
- *                     .urlRewriteConfig(ListenerRuleTransformUrlRewriteConfigArgs.builder()
- *                         .rewrite(ListenerRuleTransformUrlRewriteConfigRewriteArgs.builder()
- *                             .regex("^/dp/([A-Za-z0-9]+)/?$")
- *                             .replace("/product.php?id=$1")
- *                             .build())
- *                         .build())
- *                     .build())
- *             .build());
- * 
- *     }
- * }
- * }
- * 

- * 
- * ## Import
- * 
- * ### Identity Schema
- * 
- * #### Required
- * 
- * - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
- * 
- * Using `pulumi import`, import rules using their ARN. For example:
- * 
- * console
- * 
- * % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
- * 
  */
 @ResourceType(type="aws:lb/listenerRule:ListenerRule")
 public class ListenerRule extends com.pulumi.resources.CustomResource {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleAction.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleAction.java
index 6c9b91bb7bb..fea98ee61d7 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionAuthenticateOidc;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionFixedResponse;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionForward;
+import com.pulumi.aws.lb.inputs.GetListenerRuleActionJwtValidation;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionRedirect;
 import com.pulumi.core.annotations.Import;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -90,6 +91,23 @@ public Optional> forwards() {
         return Optional.ofNullable(this.forwards);
     }
 
+    /**
+     * An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    @Import(name="jwtValidations")
+    private @Nullable List jwtValidations;
+
+    /**
+     * @return An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    public Optional> jwtValidations() {
+        return Optional.ofNullable(this.jwtValidations);
+    }
+
     /**
      * The evaluation order of the action.
      * 
@@ -144,6 +162,7 @@ private GetListenerRuleAction(GetListenerRuleAction $) {
         this.authenticateOidcs = $.authenticateOidcs;
         this.fixedResponses = $.fixedResponses;
         this.forwards = $.forwards;
+        this.jwtValidations = $.jwtValidations;
         this.order = $.order;
         this.redirects = $.redirects;
         this.type = $.type;
@@ -259,6 +278,29 @@ public Builder forwards(GetListenerRuleActionForward... forwards) {
             return forwards(List.of(forwards));
         }
 
+        /**
+         * @param jwtValidations An action to validate using JWT.
+         * Detailed below.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidations(@Nullable List jwtValidations) {
+            $.jwtValidations = jwtValidations;
+            return this;
+        }
+
+        /**
+         * @param jwtValidations An action to validate using JWT.
+         * Detailed below.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidations(GetListenerRuleActionJwtValidation... jwtValidations) {
+            return jwtValidations(List.of(jwtValidations));
+        }
+
         /**
          * @param order The evaluation order of the action.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionArgs.java
index 6543fdccb74..a4429c3c9a0 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionArgs.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionAuthenticateOidcArgs;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionFixedResponseArgs;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionForwardArgs;
+import com.pulumi.aws.lb.inputs.GetListenerRuleActionJwtValidationArgs;
 import com.pulumi.aws.lb.inputs.GetListenerRuleActionRedirectArgs;
 import com.pulumi.core.Output;
 import com.pulumi.core.annotations.Import;
@@ -91,6 +92,23 @@ public Optional>> forwards() {
         return Optional.ofNullable(this.forwards);
     }
 
+    /**
+     * An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    @Import(name="jwtValidations")
+    private @Nullable Output> jwtValidations;
+
+    /**
+     * @return An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    public Optional>> jwtValidations() {
+        return Optional.ofNullable(this.jwtValidations);
+    }
+
     /**
      * The evaluation order of the action.
      * 
@@ -145,6 +163,7 @@ private GetListenerRuleActionArgs(GetListenerRuleActionArgs $) {
         this.authenticateOidcs = $.authenticateOidcs;
         this.fixedResponses = $.fixedResponses;
         this.forwards = $.forwards;
+        this.jwtValidations = $.jwtValidations;
         this.order = $.order;
         this.redirects = $.redirects;
         this.type = $.type;
@@ -304,6 +323,40 @@ public Builder forwards(GetListenerRuleActionForwardArgs... forwards) {
             return forwards(List.of(forwards));
         }
 
+        /**
+         * @param jwtValidations An action to validate using JWT.
+         * Detailed below.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidations(@Nullable Output> jwtValidations) {
+            $.jwtValidations = jwtValidations;
+            return this;
+        }
+
+        /**
+         * @param jwtValidations An action to validate using JWT.
+         * Detailed below.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidations(List jwtValidations) {
+            return jwtValidations(Output.of(jwtValidations));
+        }
+
+        /**
+         * @param jwtValidations An action to validate using JWT.
+         * Detailed below.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidations(GetListenerRuleActionJwtValidationArgs... jwtValidations) {
+            return jwtValidations(List.of(jwtValidations));
+        }
+
         /**
          * @param order The evaluation order of the action.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidc.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidc.java
index 25f399a4982..6925dc9cade 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidc.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidc.java
@@ -63,14 +63,14 @@ public String clientId() {
     }
 
     /**
-     * OIDC issuer identifier of the IdP.
+     * Issuer of the JWT.
      * 
      */
     @Import(name="issuer", required=true)
     private String issuer;
 
     /**
-     * @return OIDC issuer identifier of the IdP.
+     * @return Issuer of the JWT.
      * 
      */
     public String issuer() {
@@ -235,7 +235,7 @@ public Builder clientId(String clientId) {
         }
 
         /**
-         * @param issuer OIDC issuer identifier of the IdP.
+         * @param issuer Issuer of the JWT.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidcArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidcArgs.java
index c15ed89a4a3..90b01d6cbf7 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidcArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionAuthenticateOidcArgs.java
@@ -64,14 +64,14 @@ public Output clientId() {
     }
 
     /**
-     * OIDC issuer identifier of the IdP.
+     * Issuer of the JWT.
      * 
      */
     @Import(name="issuer", required=true)
     private Output issuer;
 
     /**
-     * @return OIDC issuer identifier of the IdP.
+     * @return Issuer of the JWT.
      * 
      */
     public Output issuer() {
@@ -267,7 +267,7 @@ public Builder clientId(String clientId) {
         }
 
         /**
-         * @param issuer OIDC issuer identifier of the IdP.
+         * @param issuer Issuer of the JWT.
          * 
          * @return builder
          * 
@@ -278,7 +278,7 @@ public Builder issuer(Output issuer) {
         }
 
         /**
-         * @param issuer OIDC issuer identifier of the IdP.
+         * @param issuer Issuer of the JWT.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidation.java
new file mode 100644
index 00000000000..82223af5c8e
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidation.java
@@ -0,0 +1,145 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.aws.lb.inputs.GetListenerRuleActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class GetListenerRuleActionJwtValidation extends com.pulumi.resources.InvokeArgs {
+
+    public static final GetListenerRuleActionJwtValidation Empty = new GetListenerRuleActionJwtValidation();
+
+    /**
+     * Additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable List additionalClaims;
+
+    /**
+     * @return Additional claims to validate.
+     * 
+     */
+    public Optional> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private String issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private String jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private GetListenerRuleActionJwtValidation() {}
+
+    private GetListenerRuleActionJwtValidation(GetListenerRuleActionJwtValidation $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(GetListenerRuleActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private GetListenerRuleActionJwtValidation $;
+
+        public Builder() {
+            $ = new GetListenerRuleActionJwtValidation();
+        }
+
+        public Builder(GetListenerRuleActionJwtValidation defaults) {
+            $ = new GetListenerRuleActionJwtValidation(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(GetListenerRuleActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        public GetListenerRuleActionJwtValidation build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidation", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidation", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..edf1d461106
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,145 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class GetListenerRuleActionJwtValidationAdditionalClaim extends com.pulumi.resources.InvokeArgs {
+
+    public static final GetListenerRuleActionJwtValidationAdditionalClaim Empty = new GetListenerRuleActionJwtValidationAdditionalClaim();
+
+    /**
+     * Format of the claim value.
+     * 
+     */
+    @Import(name="format", required=true)
+    private String format;
+
+    /**
+     * @return Format of the claim value.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate.
+     * 
+     */
+    @Import(name="name", required=true)
+    private String name;
+
+    /**
+     * @return Name of the claim to validate.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+
+    /**
+     * Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    @Import(name="values", required=true)
+    private List values;
+
+    /**
+     * @return Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    private GetListenerRuleActionJwtValidationAdditionalClaim() {}
+
+    private GetListenerRuleActionJwtValidationAdditionalClaim(GetListenerRuleActionJwtValidationAdditionalClaim $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(GetListenerRuleActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private GetListenerRuleActionJwtValidationAdditionalClaim $;
+
+        public Builder() {
+            $ = new GetListenerRuleActionJwtValidationAdditionalClaim();
+        }
+
+        public Builder(GetListenerRuleActionJwtValidationAdditionalClaim defaults) {
+            $ = new GetListenerRuleActionJwtValidationAdditionalClaim(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param values Set of `key`-`value` pairs indicating the query string parameters to match.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values Set of `key`-`value` pairs indicating the query string parameters to match.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public GetListenerRuleActionJwtValidationAdditionalClaim build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.java
new file mode 100644
index 00000000000..ab9df290ae3
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationAdditionalClaimArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class GetListenerRuleActionJwtValidationAdditionalClaimArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final GetListenerRuleActionJwtValidationAdditionalClaimArgs Empty = new GetListenerRuleActionJwtValidationAdditionalClaimArgs();
+
+    /**
+     * Format of the claim value.
+     * 
+     */
+    @Import(name="format", required=true)
+    private Output format;
+
+    /**
+     * @return Format of the claim value.
+     * 
+     */
+    public Output format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate.
+     * 
+     */
+    @Import(name="name", required=true)
+    private Output name;
+
+    /**
+     * @return Name of the claim to validate.
+     * 
+     */
+    public Output name() {
+        return this.name;
+    }
+
+    /**
+     * Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    @Import(name="values", required=true)
+    private Output> values;
+
+    /**
+     * @return Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    public Output> values() {
+        return this.values;
+    }
+
+    private GetListenerRuleActionJwtValidationAdditionalClaimArgs() {}
+
+    private GetListenerRuleActionJwtValidationAdditionalClaimArgs(GetListenerRuleActionJwtValidationAdditionalClaimArgs $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(GetListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private GetListenerRuleActionJwtValidationAdditionalClaimArgs $;
+
+        public Builder() {
+            $ = new GetListenerRuleActionJwtValidationAdditionalClaimArgs();
+        }
+
+        public Builder(GetListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+            $ = new GetListenerRuleActionJwtValidationAdditionalClaimArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(Output format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param format Format of the claim value.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            return format(Output.of(format));
+        }
+
+        /**
+         * @param name Name of the claim to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(Output name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            return name(Output.of(name));
+        }
+
+        /**
+         * @param values Set of `key`-`value` pairs indicating the query string parameters to match.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(Output> values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values Set of `key`-`value` pairs indicating the query string parameters to match.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            return values(Output.of(values));
+        }
+
+        /**
+         * @param values Set of `key`-`value` pairs indicating the query string parameters to match.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public GetListenerRuleActionJwtValidationAdditionalClaimArgs build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaimArgs", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaimArgs", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaimArgs", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationArgs.java
new file mode 100644
index 00000000000..7a5b0472b20
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/GetListenerRuleActionJwtValidationArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.aws.lb.inputs.GetListenerRuleActionJwtValidationAdditionalClaimArgs;
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class GetListenerRuleActionJwtValidationArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final GetListenerRuleActionJwtValidationArgs Empty = new GetListenerRuleActionJwtValidationArgs();
+
+    /**
+     * Additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable Output> additionalClaims;
+
+    /**
+     * @return Additional claims to validate.
+     * 
+     */
+    public Optional>> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private Output issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public Output issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private Output jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    public Output jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private GetListenerRuleActionJwtValidationArgs() {}
+
+    private GetListenerRuleActionJwtValidationArgs(GetListenerRuleActionJwtValidationArgs $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(GetListenerRuleActionJwtValidationArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private GetListenerRuleActionJwtValidationArgs $;
+
+        public Builder() {
+            $ = new GetListenerRuleActionJwtValidationArgs();
+        }
+
+        public Builder(GetListenerRuleActionJwtValidationArgs defaults) {
+            $ = new GetListenerRuleActionJwtValidationArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable Output> additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(List additionalClaims) {
+            return additionalClaims(Output.of(additionalClaims));
+        }
+
+        /**
+         * @param additionalClaims Additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(GetListenerRuleActionJwtValidationAdditionalClaimArgs... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(Output issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            return issuer(Output.of(issuer));
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(Output jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            return jwksEndpoint(Output.of(jwksEndpoint));
+        }
+
+        public GetListenerRuleActionJwtValidationArgs build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationArgs", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationArgs", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionArgs.java
index 6424ca6fb28..700a74a8cde 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionArgs.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.inputs.ListenerDefaultActionAuthenticateOidcArgs;
 import com.pulumi.aws.lb.inputs.ListenerDefaultActionFixedResponseArgs;
 import com.pulumi.aws.lb.inputs.ListenerDefaultActionForwardArgs;
+import com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationArgs;
 import com.pulumi.aws.lb.inputs.ListenerDefaultActionRedirectArgs;
 import com.pulumi.core.Output;
 import com.pulumi.core.annotations.Import;
@@ -82,6 +83,21 @@ public Optional> forward() {
         return Optional.ofNullable(this.forward);
     }
 
+    /**
+     * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    @Import(name="jwtValidation")
+    private @Nullable Output jwtValidation;
+
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional> jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
+
     /**
      * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -128,7 +144,7 @@ public Optional> targetGroupArn() {
     }
 
     /**
-     * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -137,7 +153,7 @@ public Optional> targetGroupArn() {
     private Output type;
 
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -153,6 +169,7 @@ private ListenerDefaultActionArgs(ListenerDefaultActionArgs $) {
         this.authenticateOidc = $.authenticateOidc;
         this.fixedResponse = $.fixedResponse;
         this.forward = $.forward;
+        this.jwtValidation = $.jwtValidation;
         this.order = $.order;
         this.redirect = $.redirect;
         this.targetGroupArn = $.targetGroupArn;
@@ -261,6 +278,27 @@ public Builder forward(ListenerDefaultActionForwardArgs forward) {
             return forward(Output.of(forward));
         }
 
+        /**
+         * @param jwtValidation Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(@Nullable Output jwtValidation) {
+            $.jwtValidation = jwtValidation;
+            return this;
+        }
+
+        /**
+         * @param jwtValidation Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(ListenerDefaultActionJwtValidationArgs jwtValidation) {
+            return jwtValidation(Output.of(jwtValidation));
+        }
+
         /**
          * @param order Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          * 
@@ -325,7 +363,7 @@ public Builder targetGroupArn(String targetGroupArn) {
         }
 
         /**
-         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * The following arguments are optional:
          * 
@@ -338,7 +376,7 @@ public Builder type(Output type) {
         }
 
         /**
-         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * The following arguments are optional:
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java
new file mode 100644
index 00000000000..091b0b159de
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationAdditionalClaimArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class ListenerDefaultActionJwtValidationAdditionalClaimArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerDefaultActionJwtValidationAdditionalClaimArgs Empty = new ListenerDefaultActionJwtValidationAdditionalClaimArgs();
+
+    /**
+     * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    @Import(name="format", required=true)
+    private Output format;
+
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public Output format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    @Import(name="name", required=true)
+    private Output name;
+
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public Output name() {
+        return this.name;
+    }
+
+    /**
+     * List of expected values of the claim.
+     * 
+     */
+    @Import(name="values", required=true)
+    private Output> values;
+
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public Output> values() {
+        return this.values;
+    }
+
+    private ListenerDefaultActionJwtValidationAdditionalClaimArgs() {}
+
+    private ListenerDefaultActionJwtValidationAdditionalClaimArgs(ListenerDefaultActionJwtValidationAdditionalClaimArgs $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerDefaultActionJwtValidationAdditionalClaimArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerDefaultActionJwtValidationAdditionalClaimArgs $;
+
+        public Builder() {
+            $ = new ListenerDefaultActionJwtValidationAdditionalClaimArgs();
+        }
+
+        public Builder(ListenerDefaultActionJwtValidationAdditionalClaimArgs defaults) {
+            $ = new ListenerDefaultActionJwtValidationAdditionalClaimArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(Output format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            return format(Output.of(format));
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(Output name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            return name(Output.of(name));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(Output> values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            return values(Output.of(values));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public ListenerDefaultActionJwtValidationAdditionalClaimArgs build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaimArgs", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationArgs.java
new file mode 100644
index 00000000000..4a4c8e1f70a
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerDefaultActionJwtValidationArgs.java
@@ -0,0 +1,184 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.aws.lb.inputs.ListenerDefaultActionJwtValidationAdditionalClaimArgs;
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class ListenerDefaultActionJwtValidationArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerDefaultActionJwtValidationArgs Empty = new ListenerDefaultActionJwtValidationArgs();
+
+    /**
+     * Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable Output> additionalClaims;
+
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public Optional>> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private Output issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public Output issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private Output jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    public Output jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private ListenerDefaultActionJwtValidationArgs() {}
+
+    private ListenerDefaultActionJwtValidationArgs(ListenerDefaultActionJwtValidationArgs $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerDefaultActionJwtValidationArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerDefaultActionJwtValidationArgs $;
+
+        public Builder() {
+            $ = new ListenerDefaultActionJwtValidationArgs();
+        }
+
+        public Builder(ListenerDefaultActionJwtValidationArgs defaults) {
+            $ = new ListenerDefaultActionJwtValidationArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable Output> additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(List additionalClaims) {
+            return additionalClaims(Output.of(additionalClaims));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(ListenerDefaultActionJwtValidationAdditionalClaimArgs... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(Output issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            return issuer(Output.of(issuer));
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(Output jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            return jwksEndpoint(Output.of(jwksEndpoint));
+        }
+
+        public ListenerDefaultActionJwtValidationArgs build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationArgs", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationArgs", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionArgs.java
index 318d9ee653c..ed50d0e032f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionArgs.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.inputs.ListenerRuleActionAuthenticateOidcArgs;
 import com.pulumi.aws.lb.inputs.ListenerRuleActionFixedResponseArgs;
 import com.pulumi.aws.lb.inputs.ListenerRuleActionForwardArgs;
+import com.pulumi.aws.lb.inputs.ListenerRuleActionJwtValidationArgs;
 import com.pulumi.aws.lb.inputs.ListenerRuleActionRedirectArgs;
 import com.pulumi.core.Output;
 import com.pulumi.core.annotations.Import;
@@ -86,6 +87,21 @@ public Optional> forward() {
         return Optional.ofNullable(this.forward);
     }
 
+    /**
+     * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    @Import(name="jwtValidation")
+    private @Nullable Output jwtValidation;
+
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional> jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
+
     /**
      * Order for the action.
      * The action with the lowest value for order is performed first.
@@ -144,14 +160,14 @@ public Optional> targetGroupArn() {
     }
 
     /**
-     * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     @Import(name="type", required=true)
     private Output type;
 
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     public Output type() {
@@ -165,6 +181,7 @@ private ListenerRuleActionArgs(ListenerRuleActionArgs $) {
         this.authenticateOidc = $.authenticateOidc;
         this.fixedResponse = $.fixedResponse;
         this.forward = $.forward;
+        this.jwtValidation = $.jwtValidation;
         this.order = $.order;
         this.redirect = $.redirect;
         this.targetGroupArn = $.targetGroupArn;
@@ -277,6 +294,27 @@ public Builder forward(ListenerRuleActionForwardArgs forward) {
             return forward(Output.of(forward));
         }
 
+        /**
+         * @param jwtValidation Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(@Nullable Output jwtValidation) {
+            $.jwtValidation = jwtValidation;
+            return this;
+        }
+
+        /**
+         * @param jwtValidation Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwtValidation(ListenerRuleActionJwtValidationArgs jwtValidation) {
+            return jwtValidation(Output.of(jwtValidation));
+        }
+
         /**
          * @param order Order for the action.
          * The action with the lowest value for order is performed first.
@@ -353,7 +391,7 @@ public Builder targetGroupArn(String targetGroupArn) {
         }
 
         /**
-         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * @return builder
          * 
@@ -364,7 +402,7 @@ public Builder type(Output type) {
         }
 
         /**
-         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * @param type The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java
new file mode 100644
index 00000000000..a74f28d6a2a
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationAdditionalClaimArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+
+public final class ListenerRuleActionJwtValidationAdditionalClaimArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerRuleActionJwtValidationAdditionalClaimArgs Empty = new ListenerRuleActionJwtValidationAdditionalClaimArgs();
+
+    /**
+     * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    @Import(name="format", required=true)
+    private Output format;
+
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public Output format() {
+        return this.format;
+    }
+
+    /**
+     * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    @Import(name="name", required=true)
+    private Output name;
+
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public Output name() {
+        return this.name;
+    }
+
+    /**
+     * List of expected values of the claim.
+     * 
+     */
+    @Import(name="values", required=true)
+    private Output> values;
+
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public Output> values() {
+        return this.values;
+    }
+
+    private ListenerRuleActionJwtValidationAdditionalClaimArgs() {}
+
+    private ListenerRuleActionJwtValidationAdditionalClaimArgs(ListenerRuleActionJwtValidationAdditionalClaimArgs $) {
+        this.format = $.format;
+        this.name = $.name;
+        this.values = $.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerRuleActionJwtValidationAdditionalClaimArgs $;
+
+        public Builder() {
+            $ = new ListenerRuleActionJwtValidationAdditionalClaimArgs();
+        }
+
+        public Builder(ListenerRuleActionJwtValidationAdditionalClaimArgs defaults) {
+            $ = new ListenerRuleActionJwtValidationAdditionalClaimArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(Output format) {
+            $.format = format;
+            return this;
+        }
+
+        /**
+         * @param format Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder format(String format) {
+            return format(Output.of(format));
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(Output name) {
+            $.name = name;
+            return this;
+        }
+
+        /**
+         * @param name Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder name(String name) {
+            return name(Output.of(name));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(Output> values) {
+            $.values = values;
+            return this;
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(List values) {
+            return values(Output.of(values));
+        }
+
+        /**
+         * @param values List of expected values of the claim.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+
+        public ListenerRuleActionJwtValidationAdditionalClaimArgs build() {
+            if ($.format == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "format");
+            }
+            if ($.name == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "name");
+            }
+            if ($.values == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaimArgs", "values");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationArgs.java
new file mode 100644
index 00000000000..1f1d70d7563
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/inputs/ListenerRuleActionJwtValidationArgs.java
@@ -0,0 +1,176 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.inputs;
+
+import com.pulumi.aws.lb.inputs.ListenerRuleActionJwtValidationAdditionalClaimArgs;
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class ListenerRuleActionJwtValidationArgs extends com.pulumi.resources.ResourceArgs {
+
+    public static final ListenerRuleActionJwtValidationArgs Empty = new ListenerRuleActionJwtValidationArgs();
+
+    /**
+     * Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    @Import(name="additionalClaims")
+    private @Nullable Output> additionalClaims;
+
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public Optional>> additionalClaims() {
+        return Optional.ofNullable(this.additionalClaims);
+    }
+
+    /**
+     * Issuer of the JWT.
+     * 
+     */
+    @Import(name="issuer", required=true)
+    private Output issuer;
+
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public Output issuer() {
+        return this.issuer;
+    }
+
+    /**
+     * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    @Import(name="jwksEndpoint", required=true)
+    private Output jwksEndpoint;
+
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    public Output jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    private ListenerRuleActionJwtValidationArgs() {}
+
+    private ListenerRuleActionJwtValidationArgs(ListenerRuleActionJwtValidationArgs $) {
+        this.additionalClaims = $.additionalClaims;
+        this.issuer = $.issuer;
+        this.jwksEndpoint = $.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(ListenerRuleActionJwtValidationArgs defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private ListenerRuleActionJwtValidationArgs $;
+
+        public Builder() {
+            $ = new ListenerRuleActionJwtValidationArgs();
+        }
+
+        public Builder(ListenerRuleActionJwtValidationArgs defaults) {
+            $ = new ListenerRuleActionJwtValidationArgs(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(@Nullable Output> additionalClaims) {
+            $.additionalClaims = additionalClaims;
+            return this;
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(List additionalClaims) {
+            return additionalClaims(Output.of(additionalClaims));
+        }
+
+        /**
+         * @param additionalClaims Repeatable configuration block for additional claims to validate.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder additionalClaims(ListenerRuleActionJwtValidationAdditionalClaimArgs... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(Output issuer) {
+            $.issuer = issuer;
+            return this;
+        }
+
+        /**
+         * @param issuer Issuer of the JWT.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder issuer(String issuer) {
+            return issuer(Output.of(issuer));
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(Output jwksEndpoint) {
+            $.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+
+        /**
+         * @param jwksEndpoint JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            return jwksEndpoint(Output.of(jwksEndpoint));
+        }
+
+        public ListenerRuleActionJwtValidationArgs build() {
+            if ($.issuer == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationArgs", "issuer");
+            }
+            if ($.jwksEndpoint == null) {
+                throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationArgs", "jwksEndpoint");
+            }
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultAction.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultAction.java
index d6781427961..9aab3d6382f 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.outputs.GetListenerDefaultActionAuthenticateOidc;
 import com.pulumi.aws.lb.outputs.GetListenerDefaultActionFixedResponse;
 import com.pulumi.aws.lb.outputs.GetListenerDefaultActionForward;
+import com.pulumi.aws.lb.outputs.GetListenerDefaultActionJwtValidation;
 import com.pulumi.aws.lb.outputs.GetListenerDefaultActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -21,6 +22,7 @@ public final class GetListenerDefaultAction {
     private List authenticateOidcs;
     private List fixedResponses;
     private List forwards;
+    private List jwtValidations;
     private Integer order;
     private List redirects;
     private String targetGroupArn;
@@ -39,6 +41,9 @@ public List fixedResponses() {
     public List forwards() {
         return this.forwards;
     }
+    public List jwtValidations() {
+        return this.jwtValidations;
+    }
     public Integer order() {
         return this.order;
     }
@@ -65,6 +70,7 @@ public static final class Builder {
         private List authenticateOidcs;
         private List fixedResponses;
         private List forwards;
+        private List jwtValidations;
         private Integer order;
         private List redirects;
         private String targetGroupArn;
@@ -76,6 +82,7 @@ public Builder(GetListenerDefaultAction defaults) {
     	      this.authenticateOidcs = defaults.authenticateOidcs;
     	      this.fixedResponses = defaults.fixedResponses;
     	      this.forwards = defaults.forwards;
+    	      this.jwtValidations = defaults.jwtValidations;
     	      this.order = defaults.order;
     	      this.redirects = defaults.redirects;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -127,6 +134,17 @@ public Builder forwards(GetListenerDefaultActionForward... forwards) {
             return forwards(List.of(forwards));
         }
         @CustomType.Setter
+        public Builder jwtValidations(List jwtValidations) {
+            if (jwtValidations == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultAction", "jwtValidations");
+            }
+            this.jwtValidations = jwtValidations;
+            return this;
+        }
+        public Builder jwtValidations(GetListenerDefaultActionJwtValidation... jwtValidations) {
+            return jwtValidations(List.of(jwtValidations));
+        }
+        @CustomType.Setter
         public Builder order(Integer order) {
             if (order == null) {
               throw new MissingRequiredPropertyException("GetListenerDefaultAction", "order");
@@ -167,6 +185,7 @@ public GetListenerDefaultAction build() {
             _resultValue.authenticateOidcs = authenticateOidcs;
             _resultValue.fixedResponses = fixedResponses;
             _resultValue.forwards = forwards;
+            _resultValue.jwtValidations = jwtValidations;
             _resultValue.order = order;
             _resultValue.redirects = redirects;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidation.java
new file mode 100644
index 00000000000..69711d7b5c5
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidation.java
@@ -0,0 +1,85 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.aws.lb.outputs.GetListenerDefaultActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class GetListenerDefaultActionJwtValidation {
+    private List additionalClaims;
+    private String issuer;
+    private String jwksEndpoint;
+
+    private GetListenerDefaultActionJwtValidation() {}
+    public List additionalClaims() {
+        return this.additionalClaims;
+    }
+    public String issuer() {
+        return this.issuer;
+    }
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerDefaultActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(GetListenerDefaultActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(List additionalClaims) {
+            if (additionalClaims == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "additionalClaims");
+            }
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(GetListenerDefaultActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public GetListenerDefaultActionJwtValidation build() {
+            final var _resultValue = new GetListenerDefaultActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..8af99b290c8
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerDefaultActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,84 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class GetListenerDefaultActionJwtValidationAdditionalClaim {
+    private String format;
+    private String name;
+    private List values;
+
+    private GetListenerDefaultActionJwtValidationAdditionalClaim() {}
+    public String format() {
+        return this.format;
+    }
+    public String name() {
+        return this.name;
+    }
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(GetListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("GetListenerDefaultActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public GetListenerDefaultActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new GetListenerDefaultActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleAction.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleAction.java
index 922d566d0c2..0ed33e5632b 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.outputs.GetListenerRuleActionAuthenticateOidc;
 import com.pulumi.aws.lb.outputs.GetListenerRuleActionFixedResponse;
 import com.pulumi.aws.lb.outputs.GetListenerRuleActionForward;
+import com.pulumi.aws.lb.outputs.GetListenerRuleActionJwtValidation;
 import com.pulumi.aws.lb.outputs.GetListenerRuleActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -42,6 +43,12 @@ public final class GetListenerRuleAction {
      * 
      */
     private @Nullable List forwards;
+    /**
+     * @return An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    private @Nullable List jwtValidations;
     /**
      * @return The evaluation order of the action.
      * 
@@ -92,6 +99,14 @@ public List fixedResponses() {
     public List forwards() {
         return this.forwards == null ? List.of() : this.forwards;
     }
+    /**
+     * @return An action to validate using JWT.
+     * Detailed below.
+     * 
+     */
+    public List jwtValidations() {
+        return this.jwtValidations == null ? List.of() : this.jwtValidations;
+    }
     /**
      * @return The evaluation order of the action.
      * 
@@ -128,6 +143,7 @@ public static final class Builder {
         private @Nullable List authenticateOidcs;
         private @Nullable List fixedResponses;
         private @Nullable List forwards;
+        private @Nullable List jwtValidations;
         private Integer order;
         private @Nullable List redirects;
         private String type;
@@ -138,6 +154,7 @@ public Builder(GetListenerRuleAction defaults) {
     	      this.authenticateOidcs = defaults.authenticateOidcs;
     	      this.fixedResponses = defaults.fixedResponses;
     	      this.forwards = defaults.forwards;
+    	      this.jwtValidations = defaults.jwtValidations;
     	      this.order = defaults.order;
     	      this.redirects = defaults.redirects;
     	      this.type = defaults.type;
@@ -180,6 +197,15 @@ public Builder forwards(GetListenerRuleActionForward... forwards) {
             return forwards(List.of(forwards));
         }
         @CustomType.Setter
+        public Builder jwtValidations(@Nullable List jwtValidations) {
+
+            this.jwtValidations = jwtValidations;
+            return this;
+        }
+        public Builder jwtValidations(GetListenerRuleActionJwtValidation... jwtValidations) {
+            return jwtValidations(List.of(jwtValidations));
+        }
+        @CustomType.Setter
         public Builder order(Integer order) {
             if (order == null) {
               throw new MissingRequiredPropertyException("GetListenerRuleAction", "order");
@@ -210,6 +236,7 @@ public GetListenerRuleAction build() {
             _resultValue.authenticateOidcs = authenticateOidcs;
             _resultValue.fixedResponses = fixedResponses;
             _resultValue.forwards = forwards;
+            _resultValue.jwtValidations = jwtValidations;
             _resultValue.order = order;
             _resultValue.redirects = redirects;
             _resultValue.type = type;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionAuthenticateOidc.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionAuthenticateOidc.java
index 1a5b27cd216..6dfc5efc70a 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionAuthenticateOidc.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionAuthenticateOidc.java
@@ -29,7 +29,7 @@ public final class GetListenerRuleActionAuthenticateOidc {
      */
     private String clientId;
     /**
-     * @return OIDC issuer identifier of the IdP.
+     * @return Issuer of the JWT.
      * 
      */
     private String issuer;
@@ -88,7 +88,7 @@ public String clientId() {
         return this.clientId;
     }
     /**
-     * @return OIDC issuer identifier of the IdP.
+     * @return Issuer of the JWT.
      * 
      */
     public String issuer() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidation.java
new file mode 100644
index 00000000000..b46c62421d3
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidation.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.aws.lb.outputs.GetListenerRuleActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.Nullable;
+
+@CustomType
+public final class GetListenerRuleActionJwtValidation {
+    /**
+     * @return Additional claims to validate.
+     * 
+     */
+    private @Nullable List additionalClaims;
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    private String issuer;
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    private String jwksEndpoint;
+
+    private GetListenerRuleActionJwtValidation() {}
+    /**
+     * @return Additional claims to validate.
+     * 
+     */
+    public List additionalClaims() {
+        return this.additionalClaims == null ? List.of() : this.additionalClaims;
+    }
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint.
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerRuleActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private @Nullable List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(GetListenerRuleActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(GetListenerRuleActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public GetListenerRuleActionJwtValidation build() {
+            final var _resultValue = new GetListenerRuleActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..bc75fa595ab
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/GetListenerRuleActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class GetListenerRuleActionJwtValidationAdditionalClaim {
+    /**
+     * @return Format of the claim value.
+     * 
+     */
+    private String format;
+    /**
+     * @return Name of the claim to validate.
+     * 
+     */
+    private String name;
+    /**
+     * @return Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    private List values;
+
+    private GetListenerRuleActionJwtValidationAdditionalClaim() {}
+    /**
+     * @return Format of the claim value.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+    /**
+     * @return Name of the claim to validate.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+    /**
+     * @return Set of `key`-`value` pairs indicating the query string parameters to match.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(GetListenerRuleActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(GetListenerRuleActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("GetListenerRuleActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public GetListenerRuleActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new GetListenerRuleActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultAction.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultAction.java
index 2a9336afea3..595dc7efc73 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.outputs.ListenerDefaultActionAuthenticateOidc;
 import com.pulumi.aws.lb.outputs.ListenerDefaultActionFixedResponse;
 import com.pulumi.aws.lb.outputs.ListenerDefaultActionForward;
+import com.pulumi.aws.lb.outputs.ListenerDefaultActionJwtValidation;
 import com.pulumi.aws.lb.outputs.ListenerDefaultActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -38,6 +39,11 @@ public final class ListenerDefaultAction {
      * 
      */
     private @Nullable ListenerDefaultActionForward forward;
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    private @Nullable ListenerDefaultActionJwtValidation jwtValidation;
     /**
      * @return Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -54,7 +60,7 @@ public final class ListenerDefaultAction {
      */
     private @Nullable String targetGroupArn;
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -90,6 +96,13 @@ public Optional fixedResponse() {
     public Optional forward() {
         return Optional.ofNullable(this.forward);
     }
+    /**
+     * @return Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
     /**
      * @return Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
      * 
@@ -112,7 +125,7 @@ public Optional targetGroupArn() {
         return Optional.ofNullable(this.targetGroupArn);
     }
     /**
-     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      * The following arguments are optional:
      * 
@@ -134,6 +147,7 @@ public static final class Builder {
         private @Nullable ListenerDefaultActionAuthenticateOidc authenticateOidc;
         private @Nullable ListenerDefaultActionFixedResponse fixedResponse;
         private @Nullable ListenerDefaultActionForward forward;
+        private @Nullable ListenerDefaultActionJwtValidation jwtValidation;
         private @Nullable Integer order;
         private @Nullable ListenerDefaultActionRedirect redirect;
         private @Nullable String targetGroupArn;
@@ -145,6 +159,7 @@ public Builder(ListenerDefaultAction defaults) {
     	      this.authenticateOidc = defaults.authenticateOidc;
     	      this.fixedResponse = defaults.fixedResponse;
     	      this.forward = defaults.forward;
+    	      this.jwtValidation = defaults.jwtValidation;
     	      this.order = defaults.order;
     	      this.redirect = defaults.redirect;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -176,6 +191,12 @@ public Builder forward(@Nullable ListenerDefaultActionForward forward) {
             return this;
         }
         @CustomType.Setter
+        public Builder jwtValidation(@Nullable ListenerDefaultActionJwtValidation jwtValidation) {
+
+            this.jwtValidation = jwtValidation;
+            return this;
+        }
+        @CustomType.Setter
         public Builder order(@Nullable Integer order) {
 
             this.order = order;
@@ -207,6 +228,7 @@ public ListenerDefaultAction build() {
             _resultValue.authenticateOidc = authenticateOidc;
             _resultValue.fixedResponse = fixedResponse;
             _resultValue.forward = forward;
+            _resultValue.jwtValidation = jwtValidation;
             _resultValue.order = order;
             _resultValue.redirect = redirect;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidation.java
new file mode 100644
index 00000000000..aa4718091d7
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidation.java
@@ -0,0 +1,112 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.aws.lb.outputs.ListenerDefaultActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.Nullable;
+
+@CustomType
+public final class ListenerDefaultActionJwtValidation {
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    private @Nullable List additionalClaims;
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    private String issuer;
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    private String jwksEndpoint;
+
+    private ListenerDefaultActionJwtValidation() {}
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public List additionalClaims() {
+        return this.additionalClaims == null ? List.of() : this.additionalClaims;
+    }
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerDefaultActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private @Nullable List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(ListenerDefaultActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(ListenerDefaultActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public ListenerDefaultActionJwtValidation build() {
+            final var _resultValue = new ListenerDefaultActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..cbf1cf0136f
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerDefaultActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class ListenerDefaultActionJwtValidationAdditionalClaim {
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    private String format;
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    private String name;
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    private List values;
+
+    private ListenerDefaultActionJwtValidationAdditionalClaim() {}
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(ListenerDefaultActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("ListenerDefaultActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public ListenerDefaultActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new ListenerDefaultActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleAction.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleAction.java
index 6d812e08eba..87b0a0530de 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleAction.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleAction.java
@@ -7,6 +7,7 @@
 import com.pulumi.aws.lb.outputs.ListenerRuleActionAuthenticateOidc;
 import com.pulumi.aws.lb.outputs.ListenerRuleActionFixedResponse;
 import com.pulumi.aws.lb.outputs.ListenerRuleActionForward;
+import com.pulumi.aws.lb.outputs.ListenerRuleActionJwtValidation;
 import com.pulumi.aws.lb.outputs.ListenerRuleActionRedirect;
 import com.pulumi.core.annotations.CustomType;
 import com.pulumi.exceptions.MissingRequiredPropertyException;
@@ -40,6 +41,11 @@ public final class ListenerRuleAction {
      * 
      */
     private @Nullable ListenerRuleActionForward forward;
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    private @Nullable ListenerRuleActionJwtValidation jwtValidation;
     /**
      * @return Order for the action.
      * The action with the lowest value for order is performed first.
@@ -62,7 +68,7 @@ public final class ListenerRuleAction {
      */
     private @Nullable String targetGroupArn;
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     private String type;
@@ -98,6 +104,13 @@ public Optional fixedResponse() {
     public Optional forward() {
         return Optional.ofNullable(this.forward);
     }
+    /**
+     * @return Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+     * 
+     */
+    public Optional jwtValidation() {
+        return Optional.ofNullable(this.jwtValidation);
+    }
     /**
      * @return Order for the action.
      * The action with the lowest value for order is performed first.
@@ -126,7 +139,7 @@ public Optional targetGroupArn() {
         return Optional.ofNullable(this.targetGroupArn);
     }
     /**
-     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+     * @return The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
      * 
      */
     public String type() {
@@ -146,6 +159,7 @@ public static final class Builder {
         private @Nullable ListenerRuleActionAuthenticateOidc authenticateOidc;
         private @Nullable ListenerRuleActionFixedResponse fixedResponse;
         private @Nullable ListenerRuleActionForward forward;
+        private @Nullable ListenerRuleActionJwtValidation jwtValidation;
         private @Nullable Integer order;
         private @Nullable ListenerRuleActionRedirect redirect;
         private @Nullable String targetGroupArn;
@@ -157,6 +171,7 @@ public Builder(ListenerRuleAction defaults) {
     	      this.authenticateOidc = defaults.authenticateOidc;
     	      this.fixedResponse = defaults.fixedResponse;
     	      this.forward = defaults.forward;
+    	      this.jwtValidation = defaults.jwtValidation;
     	      this.order = defaults.order;
     	      this.redirect = defaults.redirect;
     	      this.targetGroupArn = defaults.targetGroupArn;
@@ -188,6 +203,12 @@ public Builder forward(@Nullable ListenerRuleActionForward forward) {
             return this;
         }
         @CustomType.Setter
+        public Builder jwtValidation(@Nullable ListenerRuleActionJwtValidation jwtValidation) {
+
+            this.jwtValidation = jwtValidation;
+            return this;
+        }
+        @CustomType.Setter
         public Builder order(@Nullable Integer order) {
 
             this.order = order;
@@ -219,6 +240,7 @@ public ListenerRuleAction build() {
             _resultValue.authenticateOidc = authenticateOidc;
             _resultValue.fixedResponse = fixedResponse;
             _resultValue.forward = forward;
+            _resultValue.jwtValidation = jwtValidation;
             _resultValue.order = order;
             _resultValue.redirect = redirect;
             _resultValue.targetGroupArn = targetGroupArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidation.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidation.java
new file mode 100644
index 00000000000..ac7e1a3a4b6
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidation.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.aws.lb.outputs.ListenerRuleActionJwtValidationAdditionalClaim;
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.Nullable;
+
+@CustomType
+public final class ListenerRuleActionJwtValidation {
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    private @Nullable List additionalClaims;
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    private String issuer;
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    private String jwksEndpoint;
+
+    private ListenerRuleActionJwtValidation() {}
+    /**
+     * @return Repeatable configuration block for additional claims to validate.
+     * 
+     */
+    public List additionalClaims() {
+        return this.additionalClaims == null ? List.of() : this.additionalClaims;
+    }
+    /**
+     * @return Issuer of the JWT.
+     * 
+     */
+    public String issuer() {
+        return this.issuer;
+    }
+    /**
+     * @return JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+     * 
+     */
+    public String jwksEndpoint() {
+        return this.jwksEndpoint;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerRuleActionJwtValidation defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private @Nullable List additionalClaims;
+        private String issuer;
+        private String jwksEndpoint;
+        public Builder() {}
+        public Builder(ListenerRuleActionJwtValidation defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.additionalClaims = defaults.additionalClaims;
+    	      this.issuer = defaults.issuer;
+    	      this.jwksEndpoint = defaults.jwksEndpoint;
+        }
+
+        @CustomType.Setter
+        public Builder additionalClaims(@Nullable List additionalClaims) {
+
+            this.additionalClaims = additionalClaims;
+            return this;
+        }
+        public Builder additionalClaims(ListenerRuleActionJwtValidationAdditionalClaim... additionalClaims) {
+            return additionalClaims(List.of(additionalClaims));
+        }
+        @CustomType.Setter
+        public Builder issuer(String issuer) {
+            if (issuer == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidation", "issuer");
+            }
+            this.issuer = issuer;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder jwksEndpoint(String jwksEndpoint) {
+            if (jwksEndpoint == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidation", "jwksEndpoint");
+            }
+            this.jwksEndpoint = jwksEndpoint;
+            return this;
+        }
+        public ListenerRuleActionJwtValidation build() {
+            final var _resultValue = new ListenerRuleActionJwtValidation();
+            _resultValue.additionalClaims = additionalClaims;
+            _resultValue.issuer = issuer;
+            _resultValue.jwksEndpoint = jwksEndpoint;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java
new file mode 100644
index 00000000000..020af482787
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/lb/outputs/ListenerRuleActionJwtValidationAdditionalClaim.java
@@ -0,0 +1,108 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.lb.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.String;
+import java.util.List;
+import java.util.Objects;
+
+@CustomType
+public final class ListenerRuleActionJwtValidationAdditionalClaim {
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    private String format;
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    private String name;
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    private List values;
+
+    private ListenerRuleActionJwtValidationAdditionalClaim() {}
+    /**
+     * @return Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+     * 
+     */
+    public String format() {
+        return this.format;
+    }
+    /**
+     * @return Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+     * 
+     */
+    public String name() {
+        return this.name;
+    }
+    /**
+     * @return List of expected values of the claim.
+     * 
+     */
+    public List values() {
+        return this.values;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+
+    public static Builder builder(ListenerRuleActionJwtValidationAdditionalClaim defaults) {
+        return new Builder(defaults);
+    }
+    @CustomType.Builder
+    public static final class Builder {
+        private String format;
+        private String name;
+        private List values;
+        public Builder() {}
+        public Builder(ListenerRuleActionJwtValidationAdditionalClaim defaults) {
+    	      Objects.requireNonNull(defaults);
+    	      this.format = defaults.format;
+    	      this.name = defaults.name;
+    	      this.values = defaults.values;
+        }
+
+        @CustomType.Setter
+        public Builder format(String format) {
+            if (format == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "format");
+            }
+            this.format = format;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder name(String name) {
+            if (name == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "name");
+            }
+            this.name = name;
+            return this;
+        }
+        @CustomType.Setter
+        public Builder values(List values) {
+            if (values == null) {
+              throw new MissingRequiredPropertyException("ListenerRuleActionJwtValidationAdditionalClaim", "values");
+            }
+            this.values = values;
+            return this;
+        }
+        public Builder values(String... values) {
+            return values(List.of(values));
+        }
+        public ListenerRuleActionJwtValidationAdditionalClaim build() {
+            final var _resultValue = new ListenerRuleActionJwtValidationAdditionalClaim();
+            _resultValue.format = format;
+            _resultValue.name = name;
+            _resultValue.values = values;
+            return _resultValue;
+        }
+    }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociation.java
index 81867553d27..5418c7689f8 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociation.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociation.java
@@ -78,14 +78,14 @@
 @ResourceType(type="aws:notifications/channelAssociation:ChannelAssociation")
 public class ChannelAssociation extends com.pulumi.resources.CustomResource {
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     @Export(name="arn", refs={String.class}, tree="[0]")
     private Output arn;
 
     /**
-     * @return ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * @return ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     public Output arn() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociationArgs.java
index e032db42eca..1eb50bd8a31 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociationArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/notifications/ChannelAssociationArgs.java
@@ -15,14 +15,14 @@ public final class ChannelAssociationArgs extends com.pulumi.resources.ResourceA
     public static final ChannelAssociationArgs Empty = new ChannelAssociationArgs();
 
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     @Import(name="arn", required=true)
     private Output arn;
 
     /**
-     * @return ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * @return ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     public Output arn() {
@@ -70,7 +70,7 @@ public Builder(ChannelAssociationArgs defaults) {
         }
 
         /**
-         * @param arn ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+         * @param arn ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
          * 
          * @return builder
          * 
@@ -81,7 +81,7 @@ public Builder arn(Output arn) {
         }
 
         /**
-         * @param arn ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+         * @param arn ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/notifications/inputs/ChannelAssociationState.java b/sdk/java/src/main/java/com/pulumi/aws/notifications/inputs/ChannelAssociationState.java
index 2faaeebacbb..7d4a8b81233 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/notifications/inputs/ChannelAssociationState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/notifications/inputs/ChannelAssociationState.java
@@ -16,14 +16,14 @@ public final class ChannelAssociationState extends com.pulumi.resources.Resource
     public static final ChannelAssociationState Empty = new ChannelAssociationState();
 
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     @Import(name="arn")
     private @Nullable Output arn;
 
     /**
-     * @return ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * @return ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
      * 
      */
     public Optional> arn() {
@@ -71,7 +71,7 @@ public Builder(ChannelAssociationState defaults) {
         }
 
         /**
-         * @param arn ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+         * @param arn ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
          * 
          * @return builder
          * 
@@ -82,7 +82,7 @@ public Builder arn(@Nullable Output arn) {
         }
 
         /**
-         * @param arn ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+         * @param arn ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.{@literal @}]+/[a-zA-Z0-9/_.{@literal @}:-]+$`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmCluster.java b/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmCluster.java
index 75f6240deb8..99eda318b73 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmCluster.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmCluster.java
@@ -133,14 +133,28 @@ public Output arn() {
         return this.arn;
     }
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Export(name="cloudExadataInfrastructureArn", refs={String.class}, tree="[0]")
+    private Output cloudExadataInfrastructureArn;
+
+    /**
+     * @return The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Output cloudExadataInfrastructureArn() {
+        return this.cloudExadataInfrastructureArn;
+    }
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     @Export(name="cloudExadataInfrastructureId", refs={String.class}, tree="[0]")
     private Output cloudExadataInfrastructureId;
 
     /**
-     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     public Output cloudExadataInfrastructureId() {
@@ -517,14 +531,28 @@ public Output ocid() {
         return this.ocid;
     }
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Export(name="odbNetworkArn", refs={String.class}, tree="[0]")
+    private Output odbNetworkArn;
+
+    /**
+     * @return The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Output odbNetworkArn() {
+        return this.odbNetworkArn;
+    }
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     @Export(name="odbNetworkId", refs={String.class}, tree="[0]")
     private Output odbNetworkId;
 
     /**
-     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     public Output odbNetworkId() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmClusterArgs.java b/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmClusterArgs.java
index b639312c0f0..ae56cb539c1 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmClusterArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/odb/CloudVmClusterArgs.java
@@ -24,18 +24,33 @@ public final class CloudVmClusterArgs extends com.pulumi.resources.ResourceArgs
     public static final CloudVmClusterArgs Empty = new CloudVmClusterArgs();
 
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
-    @Import(name="cloudExadataInfrastructureId", required=true)
-    private Output cloudExadataInfrastructureId;
+    @Import(name="cloudExadataInfrastructureArn")
+    private @Nullable Output cloudExadataInfrastructureArn;
 
     /**
-     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * @return The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
-    public Output cloudExadataInfrastructureId() {
-        return this.cloudExadataInfrastructureId;
+    public Optional> cloudExadataInfrastructureArn() {
+        return Optional.ofNullable(this.cloudExadataInfrastructureArn);
+    }
+
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Import(name="cloudExadataInfrastructureId")
+    private @Nullable Output cloudExadataInfrastructureId;
+
+    /**
+     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Optional> cloudExadataInfrastructureId() {
+        return Optional.ofNullable(this.cloudExadataInfrastructureId);
     }
 
     /**
@@ -238,18 +253,33 @@ public Optional> memorySizeInGbs() {
     }
 
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
-    @Import(name="odbNetworkId", required=true)
-    private Output odbNetworkId;
+    @Import(name="odbNetworkArn")
+    private @Nullable Output odbNetworkArn;
 
     /**
-     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * @return The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
-    public Output odbNetworkId() {
-        return this.odbNetworkId;
+    public Optional> odbNetworkArn() {
+        return Optional.ofNullable(this.odbNetworkArn);
+    }
+
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Import(name="odbNetworkId")
+    private @Nullable Output odbNetworkId;
+
+    /**
+     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Optional> odbNetworkId() {
+        return Optional.ofNullable(this.odbNetworkId);
     }
 
     /**
@@ -337,6 +367,7 @@ public Optional> timezone() {
     private CloudVmClusterArgs() {}
 
     private CloudVmClusterArgs(CloudVmClusterArgs $) {
+        this.cloudExadataInfrastructureArn = $.cloudExadataInfrastructureArn;
         this.cloudExadataInfrastructureId = $.cloudExadataInfrastructureId;
         this.clusterName = $.clusterName;
         this.cpuCoreCount = $.cpuCoreCount;
@@ -351,6 +382,7 @@ private CloudVmClusterArgs(CloudVmClusterArgs $) {
         this.isSparseDiskgroupEnabled = $.isSparseDiskgroupEnabled;
         this.licenseModel = $.licenseModel;
         this.memorySizeInGbs = $.memorySizeInGbs;
+        this.odbNetworkArn = $.odbNetworkArn;
         this.odbNetworkId = $.odbNetworkId;
         this.region = $.region;
         this.scanListenerPortTcp = $.scanListenerPortTcp;
@@ -379,18 +411,39 @@ public Builder(CloudVmClusterArgs defaults) {
         }
 
         /**
-         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+         * @param cloudExadataInfrastructureArn The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder cloudExadataInfrastructureArn(@Nullable Output cloudExadataInfrastructureArn) {
+            $.cloudExadataInfrastructureArn = cloudExadataInfrastructureArn;
+            return this;
+        }
+
+        /**
+         * @param cloudExadataInfrastructureArn The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
          */
-        public Builder cloudExadataInfrastructureId(Output cloudExadataInfrastructureId) {
+        public Builder cloudExadataInfrastructureArn(String cloudExadataInfrastructureArn) {
+            return cloudExadataInfrastructureArn(Output.of(cloudExadataInfrastructureArn));
+        }
+
+        /**
+         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder cloudExadataInfrastructureId(@Nullable Output cloudExadataInfrastructureId) {
             $.cloudExadataInfrastructureId = cloudExadataInfrastructureId;
             return this;
         }
 
         /**
-         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
@@ -687,18 +740,39 @@ public Builder memorySizeInGbs(Integer memorySizeInGbs) {
         }
 
         /**
-         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+         * @param odbNetworkArn The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
          */
-        public Builder odbNetworkId(Output odbNetworkId) {
+        public Builder odbNetworkArn(@Nullable Output odbNetworkArn) {
+            $.odbNetworkArn = odbNetworkArn;
+            return this;
+        }
+
+        /**
+         * @param odbNetworkArn The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder odbNetworkArn(String odbNetworkArn) {
+            return odbNetworkArn(Output.of(odbNetworkArn));
+        }
+
+        /**
+         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder odbNetworkId(@Nullable Output odbNetworkId) {
             $.odbNetworkId = odbNetworkId;
             return this;
         }
 
         /**
-         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
@@ -832,9 +906,6 @@ public Builder timezone(String timezone) {
         }
 
         public CloudVmClusterArgs build() {
-            if ($.cloudExadataInfrastructureId == null) {
-                throw new MissingRequiredPropertyException("CloudVmClusterArgs", "cloudExadataInfrastructureId");
-            }
             if ($.cpuCoreCount == null) {
                 throw new MissingRequiredPropertyException("CloudVmClusterArgs", "cpuCoreCount");
             }
@@ -853,9 +924,6 @@ public CloudVmClusterArgs build() {
             if ($.hostnamePrefix == null) {
                 throw new MissingRequiredPropertyException("CloudVmClusterArgs", "hostnamePrefix");
             }
-            if ($.odbNetworkId == null) {
-                throw new MissingRequiredPropertyException("CloudVmClusterArgs", "odbNetworkId");
-            }
             if ($.sshPublicKeys == null) {
                 throw new MissingRequiredPropertyException("CloudVmClusterArgs", "sshPublicKeys");
             }
diff --git a/sdk/java/src/main/java/com/pulumi/aws/odb/inputs/CloudVmClusterState.java b/sdk/java/src/main/java/com/pulumi/aws/odb/inputs/CloudVmClusterState.java
index 44c8915a597..23ef3298811 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/odb/inputs/CloudVmClusterState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/odb/inputs/CloudVmClusterState.java
@@ -39,14 +39,29 @@ public Optional> arn() {
     }
 
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Import(name="cloudExadataInfrastructureArn")
+    private @Nullable Output cloudExadataInfrastructureArn;
+
+    /**
+     * @return The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Optional> cloudExadataInfrastructureArn() {
+        return Optional.ofNullable(this.cloudExadataInfrastructureArn);
+    }
+
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     @Import(name="cloudExadataInfrastructureId")
     private @Nullable Output cloudExadataInfrastructureId;
 
     /**
-     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * @return The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     public Optional> cloudExadataInfrastructureId() {
@@ -450,14 +465,29 @@ public Optional> ocid() {
     }
 
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    @Import(name="odbNetworkArn")
+    private @Nullable Output odbNetworkArn;
+
+    /**
+     * @return The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     * 
+     */
+    public Optional> odbNetworkArn() {
+        return Optional.ofNullable(this.odbNetworkArn);
+    }
+
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     @Import(name="odbNetworkId")
     private @Nullable Output odbNetworkId;
 
     /**
-     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * @return The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      * 
      */
     public Optional> odbNetworkId() {
@@ -715,6 +745,7 @@ private CloudVmClusterState() {}
 
     private CloudVmClusterState(CloudVmClusterState $) {
         this.arn = $.arn;
+        this.cloudExadataInfrastructureArn = $.cloudExadataInfrastructureArn;
         this.cloudExadataInfrastructureId = $.cloudExadataInfrastructureId;
         this.clusterName = $.clusterName;
         this.computeModel = $.computeModel;
@@ -742,6 +773,7 @@ private CloudVmClusterState(CloudVmClusterState $) {
         this.ociResourceAnchorName = $.ociResourceAnchorName;
         this.ociUrl = $.ociUrl;
         this.ocid = $.ocid;
+        this.odbNetworkArn = $.odbNetworkArn;
         this.odbNetworkId = $.odbNetworkId;
         this.percentProgress = $.percentProgress;
         this.region = $.region;
@@ -802,7 +834,28 @@ public Builder arn(String arn) {
         }
 
         /**
-         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+         * @param cloudExadataInfrastructureArn The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder cloudExadataInfrastructureArn(@Nullable Output cloudExadataInfrastructureArn) {
+            $.cloudExadataInfrastructureArn = cloudExadataInfrastructureArn;
+            return this;
+        }
+
+        /**
+         * @param cloudExadataInfrastructureArn The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder cloudExadataInfrastructureArn(String cloudExadataInfrastructureArn) {
+            return cloudExadataInfrastructureArn(Output.of(cloudExadataInfrastructureArn));
+        }
+
+        /**
+         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
@@ -813,7 +866,7 @@ public Builder cloudExadataInfrastructureId(@Nullable Output cloudExadat
         }
 
         /**
-         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+         * @param cloudExadataInfrastructureId The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
@@ -1395,7 +1448,28 @@ public Builder ocid(String ocid) {
         }
 
         /**
-         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+         * @param odbNetworkArn The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder odbNetworkArn(@Nullable Output odbNetworkArn) {
+            $.odbNetworkArn = odbNetworkArn;
+            return this;
+        }
+
+        /**
+         * @param odbNetworkArn The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder odbNetworkArn(String odbNetworkArn) {
+            return odbNetworkArn(Output.of(odbNetworkArn));
+        }
+
+        /**
+         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
@@ -1406,7 +1480,7 @@ public Builder odbNetworkId(@Nullable Output odbNetworkId) {
         }
 
         /**
-         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+         * @param odbNetworkId The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/odb/outputs/GetDbServersDbServer.java b/sdk/java/src/main/java/com/pulumi/aws/odb/outputs/GetDbServersDbServer.java
index 247e24fe43e..f7ac3e67858 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/odb/outputs/GetDbServersDbServer.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/odb/outputs/GetDbServersDbServer.java
@@ -58,6 +58,10 @@ public final class GetDbServersDbServer {
      * 
      */
     private String exadataInfrastructureId;
+    /**
+     * @return The unique identifier of the database server.
+     * 
+     */
     private String id;
     /**
      * @return The total number of CPU cores available on the database server.
@@ -174,6 +178,10 @@ public String displayName() {
     public String exadataInfrastructureId() {
         return this.exadataInfrastructureId;
     }
+    /**
+     * @return The unique identifier of the database server.
+     * 
+     */
     public String id() {
         return this.id;
     }
diff --git a/sdk/java/src/main/java/com/pulumi/aws/organizations/Organization.java b/sdk/java/src/main/java/com/pulumi/aws/organizations/Organization.java
index 68d302f7367..5e6d785e63b 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/organizations/Organization.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/organizations/Organization.java
@@ -125,14 +125,14 @@ public Output>> awsServiceAccessPrincipals() {
         return Codegen.optional(this.awsServiceAccessPrincipals);
     }
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     @Export(name="enabledPolicyTypes", refs={List.class,String.class}, tree="[0,1]")
     private Output> enabledPolicyTypes;
 
     /**
-     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     public Output>> enabledPolicyTypes() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/organizations/OrganizationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/organizations/OrganizationArgs.java
index 0453554e09f..eba4e524f76 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/organizations/OrganizationArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/organizations/OrganizationArgs.java
@@ -32,14 +32,14 @@ public Optional>> awsServiceAccessPrincipals() {
     }
 
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     @Import(name="enabledPolicyTypes")
     private @Nullable Output> enabledPolicyTypes;
 
     /**
-     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     public Optional>> enabledPolicyTypes() {
@@ -119,7 +119,7 @@ public Builder awsServiceAccessPrincipals(String... awsServiceAccessPrincipals)
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
@@ -130,7 +130,7 @@ public Builder enabledPolicyTypes(@Nullable Output> enabledPolicyTy
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
@@ -140,7 +140,7 @@ public Builder enabledPolicyTypes(List enabledPolicyTypes) {
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/organizations/inputs/OrganizationState.java b/sdk/java/src/main/java/com/pulumi/aws/organizations/inputs/OrganizationState.java
index dcc9bd09ab8..e7ffa7e1695 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/organizations/inputs/OrganizationState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/organizations/inputs/OrganizationState.java
@@ -65,14 +65,14 @@ public Optional>> awsServiceAccessPrincipals() {
     }
 
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     @Import(name="enabledPolicyTypes")
     private @Nullable Output> enabledPolicyTypes;
 
     /**
-     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * @return List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      * 
      */
     public Optional>> enabledPolicyTypes() {
@@ -302,7 +302,7 @@ public Builder awsServiceAccessPrincipals(String... awsServiceAccessPrincipals)
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
@@ -313,7 +313,7 @@ public Builder enabledPolicyTypes(@Nullable Output> enabledPolicyTy
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
@@ -323,7 +323,7 @@ public Builder enabledPolicyTypes(List enabledPolicyTypes) {
         }
 
         /**
-         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+         * @param enabledPolicyTypes List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
          * 
          * @return builder
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettings.java b/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettings.java
index 8c8ea25643f..9baf1ae7948 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettings.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettings.java
@@ -97,6 +97,20 @@ public Output awsAccountId() {
     public Output defaultNamespace() {
         return this.defaultNamespace;
     }
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    @Export(name="region", refs={String.class}, tree="[0]")
+    private Output region;
+
+    /**
+     * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    public Output region() {
+        return this.region;
+    }
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettingsArgs.java b/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettingsArgs.java
index f9208a55a57..4d28eedbab1 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettingsArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/quicksight/AccountSettingsArgs.java
@@ -39,6 +39,21 @@ public Optional> defaultNamespace() {
         return Optional.ofNullable(this.defaultNamespace);
     }
 
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    @Import(name="region")
+    private @Nullable Output region;
+
+    /**
+     * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    public Optional> region() {
+        return Optional.ofNullable(this.region);
+    }
+
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      * 
@@ -66,6 +81,7 @@ private AccountSettingsArgs() {}
     private AccountSettingsArgs(AccountSettingsArgs $) {
         this.awsAccountId = $.awsAccountId;
         this.defaultNamespace = $.defaultNamespace;
+        this.region = $.region;
         this.terminationProtectionEnabled = $.terminationProtectionEnabled;
         this.timeouts = $.timeouts;
     }
@@ -118,6 +134,27 @@ public Builder defaultNamespace(String defaultNamespace) {
             return defaultNamespace(Output.of(defaultNamespace));
         }
 
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(@Nullable Output region) {
+            $.region = region;
+            return this;
+        }
+
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(String region) {
+            return region(Output.of(region));
+        }
+
         /**
          * @param terminationProtectionEnabled A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/quicksight/inputs/AccountSettingsState.java b/sdk/java/src/main/java/com/pulumi/aws/quicksight/inputs/AccountSettingsState.java
index 6e9dceb39e6..b381a048591 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/quicksight/inputs/AccountSettingsState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/quicksight/inputs/AccountSettingsState.java
@@ -39,6 +39,21 @@ public Optional> defaultNamespace() {
         return Optional.ofNullable(this.defaultNamespace);
     }
 
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    @Import(name="region")
+    private @Nullable Output region;
+
+    /**
+     * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    public Optional> region() {
+        return Optional.ofNullable(this.region);
+    }
+
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      * 
@@ -66,6 +81,7 @@ private AccountSettingsState() {}
     private AccountSettingsState(AccountSettingsState $) {
         this.awsAccountId = $.awsAccountId;
         this.defaultNamespace = $.defaultNamespace;
+        this.region = $.region;
         this.terminationProtectionEnabled = $.terminationProtectionEnabled;
         this.timeouts = $.timeouts;
     }
@@ -118,6 +134,27 @@ public Builder defaultNamespace(String defaultNamespace) {
             return defaultNamespace(Output.of(defaultNamespace));
         }
 
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(@Nullable Output region) {
+            $.region = region;
+            return this;
+        }
+
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(String region) {
+            return region(Output.of(region));
+        }
+
         /**
          * @param terminationProtectionEnabled A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/Route53Functions.java b/sdk/java/src/main/java/com/pulumi/aws/route53/Route53Functions.java
index 78f1e37d8bf..eb02c5029e5 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/route53/Route53Functions.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/route53/Route53Functions.java
@@ -5580,6 +5580,8 @@ public static CompletableFuture getTrafficPolicy
      * }
      *
* + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static Output getZone() { return getZone(GetZoneArgs.Empty, InvokeOptions.Empty); @@ -5635,6 +5637,8 @@ public static Output getZone() { * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static CompletableFuture getZonePlain() { return getZonePlain(GetZonePlainArgs.Empty, InvokeOptions.Empty); @@ -5690,6 +5694,8 @@ public static CompletableFuture getZonePlain() { * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static Output getZone(GetZoneArgs args) { return getZone(args, InvokeOptions.Empty); @@ -5745,6 +5751,8 @@ public static Output getZone(GetZoneArgs args) { * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static CompletableFuture getZonePlain(GetZonePlainArgs args) { return getZonePlain(args, InvokeOptions.Empty); @@ -5800,6 +5808,8 @@ public static CompletableFuture getZonePlain(GetZonePlainArgs arg * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static Output getZone(GetZoneArgs args, InvokeOptions options) { return Deployment.getInstance().invoke("aws:route53/getZone:getZone", TypeShape.of(GetZoneResult.class), args, Utilities.withVersion(options)); @@ -5855,6 +5865,8 @@ public static Output getZone(GetZoneArgs args, InvokeOptions opti * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static Output getZone(GetZoneArgs args, InvokeOutputOptions options) { return Deployment.getInstance().invoke("aws:route53/getZone:getZone", TypeShape.of(GetZoneResult.class), args, Utilities.withVersion(options)); @@ -5910,6 +5922,8 @@ public static Output getZone(GetZoneArgs args, InvokeOutputOption * } * * + * The following example shows how to get a Hosted Zone from a unique combination of its tags: + * */ public static CompletableFuture getZonePlain(GetZonePlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("aws:route53/getZone:getZone", TypeShape.of(GetZoneResult.class), args, Utilities.withVersion(options)); diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZoneArgs.java b/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZoneArgs.java index a4abe463632..b8b9ce6da2f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZoneArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZoneArgs.java @@ -18,14 +18,14 @@ public final class GetZoneArgs extends com.pulumi.resources.InvokeArgs { public static final GetZoneArgs Empty = new GetZoneArgs(); /** - * Hosted Zone name of the desired Hosted Zone. + * Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * */ @Import(name="name") private @Nullable Output name; /** - * @return Hosted Zone name of the desired Hosted Zone. + * @return Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * */ public Optional> name() { @@ -33,14 +33,14 @@ public Optional> name() { } /** - * Used with `name` field to get a private Hosted Zone. + * Filter to only private Hosted Zones. * */ @Import(name="privateZone") private @Nullable Output privateZone; /** - * @return Used with `name` field to get a private Hosted Zone. + * @return Filter to only private Hosted Zones. * */ public Optional> privateZone() { @@ -48,22 +48,22 @@ public Optional> privateZone() { } /** - * Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * The arguments of this data source act as filters for querying the available Hosted Zone. + * + * - The given filter must match exactly one Hosted Zone. * */ @Import(name="tags") private @Nullable Output> tags; /** - * @return Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * @return A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * + * The arguments of this data source act as filters for querying the available Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * - The given filter must match exactly one Hosted Zone. * */ public Optional>> tags() { @@ -71,14 +71,14 @@ public Optional>> tags() { } /** - * Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * Filter to private Hosted Zones associated with the specified `vpcId`. * */ @Import(name="vpcId") private @Nullable Output vpcId; /** - * @return Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * @return Filter to private Hosted Zones associated with the specified `vpcId`. * */ public Optional> vpcId() { @@ -86,14 +86,16 @@ public Optional> vpcId() { } /** - * Hosted Zone id of the desired Hosted Zone. + * and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * */ @Import(name="zoneId") private @Nullable Output zoneId; /** - * @return Hosted Zone id of the desired Hosted Zone. + * @return and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * */ public Optional> zoneId() { @@ -129,7 +131,7 @@ public Builder(GetZoneArgs defaults) { } /** - * @param name Hosted Zone name of the desired Hosted Zone. + * @param name Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * * @return builder * @@ -140,7 +142,7 @@ public Builder name(@Nullable Output name) { } /** - * @param name Hosted Zone name of the desired Hosted Zone. + * @param name Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * * @return builder * @@ -150,7 +152,7 @@ public Builder name(String name) { } /** - * @param privateZone Used with `name` field to get a private Hosted Zone. + * @param privateZone Filter to only private Hosted Zones. * * @return builder * @@ -161,7 +163,7 @@ public Builder privateZone(@Nullable Output privateZone) { } /** - * @param privateZone Used with `name` field to get a private Hosted Zone. + * @param privateZone Filter to only private Hosted Zones. * * @return builder * @@ -171,11 +173,11 @@ public Builder privateZone(Boolean privateZone) { } /** - * @param tags Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * @param tags A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * The arguments of this data source act as filters for querying the available Hosted Zone. + * + * - The given filter must match exactly one Hosted Zone. * * @return builder * @@ -186,11 +188,11 @@ public Builder tags(@Nullable Output> tags) { } /** - * @param tags Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * @param tags A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * + * The arguments of this data source act as filters for querying the available Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * - The given filter must match exactly one Hosted Zone. * * @return builder * @@ -200,7 +202,7 @@ public Builder tags(Map tags) { } /** - * @param vpcId Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * @param vpcId Filter to private Hosted Zones associated with the specified `vpcId`. * * @return builder * @@ -211,7 +213,7 @@ public Builder vpcId(@Nullable Output vpcId) { } /** - * @param vpcId Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * @param vpcId Filter to private Hosted Zones associated with the specified `vpcId`. * * @return builder * @@ -221,7 +223,8 @@ public Builder vpcId(String vpcId) { } /** - * @param zoneId Hosted Zone id of the desired Hosted Zone. + * @param zoneId and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * * @return builder * @@ -232,7 +235,8 @@ public Builder zoneId(@Nullable Output zoneId) { } /** - * @param zoneId Hosted Zone id of the desired Hosted Zone. + * @param zoneId and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZonePlainArgs.java b/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZonePlainArgs.java index f7a45914b1f..8769a2f8e49 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZonePlainArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/inputs/GetZonePlainArgs.java @@ -17,14 +17,14 @@ public final class GetZonePlainArgs extends com.pulumi.resources.InvokeArgs { public static final GetZonePlainArgs Empty = new GetZonePlainArgs(); /** - * Hosted Zone name of the desired Hosted Zone. + * Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * */ @Import(name="name") private @Nullable String name; /** - * @return Hosted Zone name of the desired Hosted Zone. + * @return Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * */ public Optional name() { @@ -32,14 +32,14 @@ public Optional name() { } /** - * Used with `name` field to get a private Hosted Zone. + * Filter to only private Hosted Zones. * */ @Import(name="privateZone") private @Nullable Boolean privateZone; /** - * @return Used with `name` field to get a private Hosted Zone. + * @return Filter to only private Hosted Zones. * */ public Optional privateZone() { @@ -47,22 +47,22 @@ public Optional privateZone() { } /** - * Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * The arguments of this data source act as filters for querying the available Hosted Zone. + * + * - The given filter must match exactly one Hosted Zone. * */ @Import(name="tags") private @Nullable Map tags; /** - * @return Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * @return A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * + * The arguments of this data source act as filters for querying the available Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * - The given filter must match exactly one Hosted Zone. * */ public Optional> tags() { @@ -70,14 +70,14 @@ public Optional> tags() { } /** - * Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * Filter to private Hosted Zones associated with the specified `vpcId`. * */ @Import(name="vpcId") private @Nullable String vpcId; /** - * @return Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * @return Filter to private Hosted Zones associated with the specified `vpcId`. * */ public Optional vpcId() { @@ -85,14 +85,16 @@ public Optional vpcId() { } /** - * Hosted Zone id of the desired Hosted Zone. + * and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * */ @Import(name="zoneId") private @Nullable String zoneId; /** - * @return Hosted Zone id of the desired Hosted Zone. + * @return and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * */ public Optional zoneId() { @@ -128,7 +130,7 @@ public Builder(GetZonePlainArgs defaults) { } /** - * @param name Hosted Zone name of the desired Hosted Zone. + * @param name Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`. * * @return builder * @@ -139,7 +141,7 @@ public Builder name(@Nullable String name) { } /** - * @param privateZone Used with `name` field to get a private Hosted Zone. + * @param privateZone Filter to only private Hosted Zones. * * @return builder * @@ -150,11 +152,11 @@ public Builder privateZone(@Nullable Boolean privateZone) { } /** - * @param tags Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * @param tags A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone. + * + * The arguments of this data source act as filters for querying the available Hosted Zone. * - * The arguments of this data source act as filters for querying the available - * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one - * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`. + * - The given filter must match exactly one Hosted Zone. * * @return builder * @@ -165,7 +167,7 @@ public Builder tags(@Nullable Map tags) { } /** - * @param vpcId Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory). + * @param vpcId Filter to private Hosted Zones associated with the specified `vpcId`. * * @return builder * @@ -176,7 +178,8 @@ public Builder vpcId(@Nullable String vpcId) { } /** - * @param zoneId Hosted Zone id of the desired Hosted Zone. + * @param zoneId and `name` are mutually exclusive. + * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/outputs/GetZoneResult.java b/sdk/java/src/main/java/com/pulumi/aws/route53/outputs/GetZoneResult.java index 2df2493126c..277fa322edc 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/outputs/GetZoneResult.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/outputs/GetZoneResult.java @@ -76,7 +76,7 @@ public final class GetZoneResult { * */ private Map tags; - private String vpcId; + private @Nullable String vpcId; /** * @return The Hosted Zone identifier. * @@ -168,8 +168,8 @@ public Integer resourceRecordSetCount() { public Map tags() { return this.tags; } - public String vpcId() { - return this.vpcId; + public Optional vpcId() { + return Optional.ofNullable(this.vpcId); } /** * @return The Hosted Zone identifier. @@ -200,7 +200,7 @@ public static final class Builder { private @Nullable Boolean privateZone; private Integer resourceRecordSetCount; private Map tags; - private String vpcId; + private @Nullable String vpcId; private String zoneId; public Builder() {} public Builder(GetZoneResult defaults) { @@ -319,10 +319,8 @@ public Builder tags(Map tags) { return this; } @CustomType.Setter - public Builder vpcId(String vpcId) { - if (vpcId == null) { - throw new MissingRequiredPropertyException("GetZoneResult", "vpcId"); - } + public Builder vpcId(@Nullable String vpcId) { + this.vpcId = vpcId; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfiguration.java index 7efdaa3d372..abddd9c9417 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfiguration.java @@ -22,6 +22,8 @@ * * > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). * + * > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). + * * ## Example Usage * * 
@@ -76,6 +78,62 @@
  * }
  *
* + * ### Blocking SSE-C Uploads + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.kms.Key;
+ * import com.pulumi.aws.kms.KeyArgs;
+ * import com.pulumi.aws.s3.Bucket;
+ * import com.pulumi.aws.s3.BucketArgs;
+ * import com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;
+ * import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;
+ * import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;
+ * import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var mykey = new Key("mykey", KeyArgs.builder()
+ *             .description("This key is used to encrypt bucket objects")
+ *             .deletionWindowInDays(10)
+ *             .build());
+ * 
+ *         var mybucket = new Bucket("mybucket", BucketArgs.builder()
+ *             .bucket("mybucket")
+ *             .build());
+ * 
+ *         var example = new BucketServerSideEncryptionConfiguration("example", BucketServerSideEncryptionConfigurationArgs.builder()
+ *             .bucket(mybucket.id())
+ *             .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()
+ *                 .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()
+ *                     .kmsMasterKeyId(mykey.arn())
+ *                     .sseAlgorithm("aws:kms")
+ *                     .build())
+ *                 .bucketKeyEnabled(true)
+ *                 .blockedEncryptionTypes("SSE-C")
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ## Import * * ### Identity Schema diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfigurationV2.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfigurationV2.java index 6c836b810b7..1de1791bbb4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfigurationV2.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketServerSideEncryptionConfigurationV2.java @@ -22,6 +22,8 @@ * * > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). * + * > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html). + * * ## Example Usage * * 
@@ -76,6 +78,62 @@
  * }
  *
* + * ### Blocking SSE-C Uploads + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.kms.Key;
+ * import com.pulumi.aws.kms.KeyArgs;
+ * import com.pulumi.aws.s3.Bucket;
+ * import com.pulumi.aws.s3.BucketArgs;
+ * import com.pulumi.aws.s3.BucketServerSideEncryptionConfiguration;
+ * import com.pulumi.aws.s3.BucketServerSideEncryptionConfigurationArgs;
+ * import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleArgs;
+ * import com.pulumi.aws.s3.inputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var mykey = new Key("mykey", KeyArgs.builder()
+ *             .description("This key is used to encrypt bucket objects")
+ *             .deletionWindowInDays(10)
+ *             .build());
+ * 
+ *         var mybucket = new Bucket("mybucket", BucketArgs.builder()
+ *             .bucket("mybucket")
+ *             .build());
+ * 
+ *         var example = new BucketServerSideEncryptionConfiguration("example", BucketServerSideEncryptionConfigurationArgs.builder()
+ *             .bucket(mybucket.id())
+ *             .rules(BucketServerSideEncryptionConfigurationRuleArgs.builder()
+ *                 .applyServerSideEncryptionByDefault(BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs.builder()
+ *                     .kmsMasterKeyId(mykey.arn())
+ *                     .sseAlgorithm("aws:kms")
+ *                     .build())
+ *                 .bucketKeyEnabled(true)
+ *                 .blockedEncryptionTypes("SSE-C")
+ *                 .build())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ## Import * * ### Identity Schema diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationRuleArgs.java b/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationRuleArgs.java index 8f1d692cc64..1698513e637 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationRuleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationRuleArgs.java @@ -7,6 +7,8 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import java.lang.Boolean; +import java.lang.String; +import java.util.List; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -31,6 +33,21 @@ public Optional> blockedEncryptionTypes; + + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + public Optional>> blockedEncryptionTypes() { + return Optional.ofNullable(this.blockedEncryptionTypes); + } + /** * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -50,6 +67,7 @@ private BucketServerSideEncryptionConfigurationRuleArgs() {} private BucketServerSideEncryptionConfigurationRuleArgs(BucketServerSideEncryptionConfigurationRuleArgs $) { this.applyServerSideEncryptionByDefault = $.applyServerSideEncryptionByDefault; + this.blockedEncryptionTypes = $.blockedEncryptionTypes; this.bucketKeyEnabled = $.bucketKeyEnabled; } @@ -92,6 +110,37 @@ public Builder applyServerSideEncryptionByDefault(BucketServerSideEncryptionConf return applyServerSideEncryptionByDefault(Output.of(applyServerSideEncryptionByDefault)); } + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(@Nullable Output> blockedEncryptionTypes) { + $.blockedEncryptionTypes = blockedEncryptionTypes; + return this; + } + + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(List blockedEncryptionTypes) { + return blockedEncryptionTypes(Output.of(blockedEncryptionTypes)); + } + + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(String... blockedEncryptionTypes) { + return blockedEncryptionTypes(List.of(blockedEncryptionTypes)); + } + /** * @param bucketKeyEnabled Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.java b/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.java index d8938aa6d88..f8f6c90a661 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/inputs/BucketServerSideEncryptionConfigurationV2RuleArgs.java @@ -7,6 +7,8 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import java.lang.Boolean; +import java.lang.String; +import java.util.List; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -31,6 +33,21 @@ public Optional> blockedEncryptionTypes; + + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + public Optional>> blockedEncryptionTypes() { + return Optional.ofNullable(this.blockedEncryptionTypes); + } + /** * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -50,6 +67,7 @@ private BucketServerSideEncryptionConfigurationV2RuleArgs() {} private BucketServerSideEncryptionConfigurationV2RuleArgs(BucketServerSideEncryptionConfigurationV2RuleArgs $) { this.applyServerSideEncryptionByDefault = $.applyServerSideEncryptionByDefault; + this.blockedEncryptionTypes = $.blockedEncryptionTypes; this.bucketKeyEnabled = $.bucketKeyEnabled; } @@ -92,6 +110,37 @@ public Builder applyServerSideEncryptionByDefault(BucketServerSideEncryptionConf return applyServerSideEncryptionByDefault(Output.of(applyServerSideEncryptionByDefault)); } + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(@Nullable Output> blockedEncryptionTypes) { + $.blockedEncryptionTypes = blockedEncryptionTypes; + return this; + } + + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(List blockedEncryptionTypes) { + return blockedEncryptionTypes(Output.of(blockedEncryptionTypes)); + } + + /** + * @param blockedEncryptionTypes List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + * @return builder + * + */ + public Builder blockedEncryptionTypes(String... blockedEncryptionTypes) { + return blockedEncryptionTypes(List.of(blockedEncryptionTypes)); + } + /** * @param bucketKeyEnabled Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationRule.java b/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationRule.java index 865c58f3659..f5731f5bed3 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationRule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationRule.java @@ -6,6 +6,8 @@ import com.pulumi.aws.s3.outputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault; import com.pulumi.core.annotations.CustomType; import java.lang.Boolean; +import java.lang.String; +import java.util.List; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -17,6 +19,11 @@ public final class BucketServerSideEncryptionConfigurationRule { * */ private @Nullable BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault applyServerSideEncryptionByDefault; + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + private @Nullable List blockedEncryptionTypes; /** * @return Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -31,6 +38,13 @@ private BucketServerSideEncryptionConfigurationRule() {} public Optional applyServerSideEncryptionByDefault() { return Optional.ofNullable(this.applyServerSideEncryptionByDefault); } + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + public List blockedEncryptionTypes() { + return this.blockedEncryptionTypes == null ? List.of() : this.blockedEncryptionTypes; + } /** * @return Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -49,11 +63,13 @@ public static Builder builder(BucketServerSideEncryptionConfigurationRule defaul @CustomType.Builder public static final class Builder { private @Nullable BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault applyServerSideEncryptionByDefault; + private @Nullable List blockedEncryptionTypes; private @Nullable Boolean bucketKeyEnabled; public Builder() {} public Builder(BucketServerSideEncryptionConfigurationRule defaults) { Objects.requireNonNull(defaults); this.applyServerSideEncryptionByDefault = defaults.applyServerSideEncryptionByDefault; + this.blockedEncryptionTypes = defaults.blockedEncryptionTypes; this.bucketKeyEnabled = defaults.bucketKeyEnabled; } @@ -64,6 +80,15 @@ public Builder applyServerSideEncryptionByDefault(@Nullable BucketServerSideEncr return this; } @CustomType.Setter + public Builder blockedEncryptionTypes(@Nullable List blockedEncryptionTypes) { + + this.blockedEncryptionTypes = blockedEncryptionTypes; + return this; + } + public Builder blockedEncryptionTypes(String... blockedEncryptionTypes) { + return blockedEncryptionTypes(List.of(blockedEncryptionTypes)); + } + @CustomType.Setter public Builder bucketKeyEnabled(@Nullable Boolean bucketKeyEnabled) { this.bucketKeyEnabled = bucketKeyEnabled; @@ -72,6 +97,7 @@ public Builder bucketKeyEnabled(@Nullable Boolean bucketKeyEnabled) { public BucketServerSideEncryptionConfigurationRule build() { final var _resultValue = new BucketServerSideEncryptionConfigurationRule(); _resultValue.applyServerSideEncryptionByDefault = applyServerSideEncryptionByDefault; + _resultValue.blockedEncryptionTypes = blockedEncryptionTypes; _resultValue.bucketKeyEnabled = bucketKeyEnabled; return _resultValue; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationV2Rule.java b/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationV2Rule.java index 5f8821bd54d..329eb2e6f46 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationV2Rule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/outputs/BucketServerSideEncryptionConfigurationV2Rule.java @@ -6,6 +6,8 @@ import com.pulumi.aws.s3.outputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault; import com.pulumi.core.annotations.CustomType; import java.lang.Boolean; +import java.lang.String; +import java.util.List; import java.util.Objects; import java.util.Optional; import javax.annotation.Nullable; @@ -17,6 +19,11 @@ public final class BucketServerSideEncryptionConfigurationV2Rule { * */ private @Nullable BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault applyServerSideEncryptionByDefault; + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + private @Nullable List blockedEncryptionTypes; /** * @return Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -31,6 +38,13 @@ private BucketServerSideEncryptionConfigurationV2Rule() {} public Optional applyServerSideEncryptionByDefault() { return Optional.ofNullable(this.applyServerSideEncryptionByDefault); } + /** + * @return List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets. + * + */ + public List blockedEncryptionTypes() { + return this.blockedEncryptionTypes == null ? List.of() : this.blockedEncryptionTypes; + } /** * @return Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS. * @@ -49,11 +63,13 @@ public static Builder builder(BucketServerSideEncryptionConfigurationV2Rule defa @CustomType.Builder public static final class Builder { private @Nullable BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault applyServerSideEncryptionByDefault; + private @Nullable List blockedEncryptionTypes; private @Nullable Boolean bucketKeyEnabled; public Builder() {} public Builder(BucketServerSideEncryptionConfigurationV2Rule defaults) { Objects.requireNonNull(defaults); this.applyServerSideEncryptionByDefault = defaults.applyServerSideEncryptionByDefault; + this.blockedEncryptionTypes = defaults.blockedEncryptionTypes; this.bucketKeyEnabled = defaults.bucketKeyEnabled; } @@ -64,6 +80,15 @@ public Builder applyServerSideEncryptionByDefault(@Nullable BucketServerSideEncr return this; } @CustomType.Setter + public Builder blockedEncryptionTypes(@Nullable List blockedEncryptionTypes) { + + this.blockedEncryptionTypes = blockedEncryptionTypes; + return this; + } + public Builder blockedEncryptionTypes(String... blockedEncryptionTypes) { + return blockedEncryptionTypes(List.of(blockedEncryptionTypes)); + } + @CustomType.Setter public Builder bucketKeyEnabled(@Nullable Boolean bucketKeyEnabled) { this.bucketKeyEnabled = bucketKeyEnabled; @@ -72,6 +97,7 @@ public Builder bucketKeyEnabled(@Nullable Boolean bucketKeyEnabled) { public BucketServerSideEncryptionConfigurationV2Rule build() { final var _resultValue = new BucketServerSideEncryptionConfigurationV2Rule(); _resultValue.applyServerSideEncryptionByDefault = applyServerSideEncryptionByDefault; + _resultValue.blockedEncryptionTypes = blockedEncryptionTypes; _resultValue.bucketKeyEnabled = bucketKeyEnabled; return _resultValue; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Model.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Model.java index d4056c90ad2..765a09140eb 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Model.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Model.java @@ -22,11 +22,11 @@ import javax.annotation.Nullable; /** - * Provides a SageMaker AI model resource. + * Manages an Amazon SageMaker AI Model. * * ## Example Usage * - * Basic usage: + * ### Basic Usage * * 
  * {@code
@@ -88,35 +88,26 @@
  * }
  *
* - * ## Inference Execution Config - * - * * `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`. - * - * ### VPC Config - * - * * `securityGroupIds` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. - * * `subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model. - * * ## Import * * Using `pulumi import`, import models using the `name`. For example: * * ```sh - * $ pulumi import aws:sagemaker/model:Model test_model model-foo + * $ pulumi import aws:sagemaker/model:Model example model-foo * ``` * */ @ResourceType(type="aws:sagemaker/model:Model") public class Model extends com.pulumi.resources.CustomResource { /** - * The Amazon Resource Name (ARN) assigned by AWS to this model. + * Amazon Resource Name (ARN) assigned by AWS to this model. * */ @Export(name="arn", refs={String.class}, tree="[0]") private Output arn; /** - * @return The Amazon Resource Name (ARN) assigned by AWS to this model. + * @return Amazon Resource Name (ARN) assigned by AWS to this model. * */ public Output arn() { @@ -179,28 +170,28 @@ public Output inferenceExecutionConfig() { return this.inferenceExecutionConfig; } /** - * The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ @Export(name="name", refs={String.class}, tree="[0]") private Output name; /** - * @return The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @return Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ public Output name() { return this.name; } /** - * The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ @Export(name="primaryContainer", refs={ModelPrimaryContainer.class}, tree="[0]") private Output primaryContainer; /** - * @return The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @return Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ public Output> primaryContainer() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/ModelArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/ModelArgs.java index 67a409fdaae..3c96e84e6c0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/ModelArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/ModelArgs.java @@ -84,14 +84,14 @@ public Optional> inferenceExecutionCon } /** - * The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ @Import(name="name") private @Nullable Output name; /** - * @return The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @return Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ public Optional> name() { @@ -99,14 +99,14 @@ public Optional> name() { } /** - * The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ @Import(name="primaryContainer") private @Nullable Output primaryContainer; /** - * @return The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @return Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ public Optional> primaryContainer() { @@ -285,7 +285,7 @@ public Builder inferenceExecutionConfig(ModelInferenceExecutionConfigArgs infere } /** - * @param name The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @param name Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * * @return builder * @@ -296,7 +296,7 @@ public Builder name(@Nullable Output name) { } /** - * @param name The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @param name Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * * @return builder * @@ -306,7 +306,7 @@ public Builder name(String name) { } /** - * @param primaryContainer The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @param primaryContainer Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * * @return builder * @@ -317,7 +317,7 @@ public Builder primaryContainer(@Nullable Output prim } /** - * @param primaryContainer The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @param primaryContainer Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceArgs.java new file mode 100644 index 00000000000..6fa68c34d6e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.aws.sagemaker.inputs.ModelContainerAdditionalModelDataSourceS3DataSourceArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ModelContainerAdditionalModelDataSourceArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelContainerAdditionalModelDataSourceArgs Empty = new ModelContainerAdditionalModelDataSourceArgs(); + + /** + * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + @Import(name="channelName", required=true) + private Output channelName; + + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + public Output channelName() { + return this.channelName; + } + + /** + * S3 location of model data to deploy. See S3 Data Source. + * + */ + @Import(name="s3DataSources", required=true) + private Output> s3DataSources; + + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + public Output> s3DataSources() { + return this.s3DataSources; + } + + private ModelContainerAdditionalModelDataSourceArgs() {} + + private ModelContainerAdditionalModelDataSourceArgs(ModelContainerAdditionalModelDataSourceArgs $) { + this.channelName = $.channelName; + this.s3DataSources = $.s3DataSources; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelContainerAdditionalModelDataSourceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelContainerAdditionalModelDataSourceArgs $; + + public Builder() { + $ = new ModelContainerAdditionalModelDataSourceArgs(); + } + + public Builder(ModelContainerAdditionalModelDataSourceArgs defaults) { + $ = new ModelContainerAdditionalModelDataSourceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param channelName Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + * @return builder + * + */ + public Builder channelName(Output channelName) { + $.channelName = channelName; + return this; + } + + /** + * @param channelName Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + * @return builder + * + */ + public Builder channelName(String channelName) { + return channelName(Output.of(channelName)); + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(Output> s3DataSources) { + $.s3DataSources = s3DataSources; + return this; + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(List s3DataSources) { + return s3DataSources(Output.of(s3DataSources)); + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(ModelContainerAdditionalModelDataSourceS3DataSourceArgs... s3DataSources) { + return s3DataSources(List.of(s3DataSources)); + } + + public ModelContainerAdditionalModelDataSourceArgs build() { + if ($.channelName == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceArgs", "channelName"); + } + if ($.s3DataSources == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceArgs", "s3DataSources"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.java new file mode 100644 index 00000000000..dc98957f65d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceArgs.java @@ -0,0 +1,205 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.aws.sagemaker.inputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ModelContainerAdditionalModelDataSourceS3DataSourceArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelContainerAdditionalModelDataSourceS3DataSourceArgs Empty = new ModelContainerAdditionalModelDataSourceS3DataSourceArgs(); + + /** + * How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + @Import(name="compressionType", required=true) + private Output compressionType; + + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + public Output compressionType() { + return this.compressionType; + } + + /** + * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + @Import(name="modelAccessConfig") + private @Nullable Output modelAccessConfig; + + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + public Optional> modelAccessConfig() { + return Optional.ofNullable(this.modelAccessConfig); + } + + /** + * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + @Import(name="s3DataType", required=true) + private Output s3DataType; + + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + public Output s3DataType() { + return this.s3DataType; + } + + /** + * The S3 path of model data to deploy. + * + */ + @Import(name="s3Uri", required=true) + private Output s3Uri; + + /** + * @return The S3 path of model data to deploy. + * + */ + public Output s3Uri() { + return this.s3Uri; + } + + private ModelContainerAdditionalModelDataSourceS3DataSourceArgs() {} + + private ModelContainerAdditionalModelDataSourceS3DataSourceArgs(ModelContainerAdditionalModelDataSourceS3DataSourceArgs $) { + this.compressionType = $.compressionType; + this.modelAccessConfig = $.modelAccessConfig; + this.s3DataType = $.s3DataType; + this.s3Uri = $.s3Uri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelContainerAdditionalModelDataSourceS3DataSourceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelContainerAdditionalModelDataSourceS3DataSourceArgs $; + + public Builder() { + $ = new ModelContainerAdditionalModelDataSourceS3DataSourceArgs(); + } + + public Builder(ModelContainerAdditionalModelDataSourceS3DataSourceArgs defaults) { + $ = new ModelContainerAdditionalModelDataSourceS3DataSourceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param compressionType How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + * @return builder + * + */ + public Builder compressionType(Output compressionType) { + $.compressionType = compressionType; + return this; + } + + /** + * @param compressionType How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + * @return builder + * + */ + public Builder compressionType(String compressionType) { + return compressionType(Output.of(compressionType)); + } + + /** + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + * @return builder + * + */ + public Builder modelAccessConfig(@Nullable Output modelAccessConfig) { + $.modelAccessConfig = modelAccessConfig; + return this; + } + + /** + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + * @return builder + * + */ + public Builder modelAccessConfig(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs modelAccessConfig) { + return modelAccessConfig(Output.of(modelAccessConfig)); + } + + /** + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + * @return builder + * + */ + public Builder s3DataType(Output s3DataType) { + $.s3DataType = s3DataType; + return this; + } + + /** + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + * @return builder + * + */ + public Builder s3DataType(String s3DataType) { + return s3DataType(Output.of(s3DataType)); + } + + /** + * @param s3Uri The S3 path of model data to deploy. + * + * @return builder + * + */ + public Builder s3Uri(Output s3Uri) { + $.s3Uri = s3Uri; + return this; + } + + /** + * @param s3Uri The S3 path of model data to deploy. + * + * @return builder + * + */ + public Builder s3Uri(String s3Uri) { + return s3Uri(Output.of(s3Uri)); + } + + public ModelContainerAdditionalModelDataSourceS3DataSourceArgs build() { + if ($.compressionType == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSourceArgs", "compressionType"); + } + if ($.s3DataType == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSourceArgs", "s3DataType"); + } + if ($.s3Uri == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSourceArgs", "s3Uri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java new file mode 100644 index 00000000000..6c43775bcee --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + + +public final class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs Empty = new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + + /** + * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + @Import(name="acceptEula", required=true) + private Output acceptEula; + + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + public Output acceptEula() { + return this.acceptEula; + } + + private ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs() {} + + private ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs $) { + this.acceptEula = $.acceptEula; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs $; + + public Builder() { + $ = new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + } + + public Builder(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs defaults) { + $ = new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + * @return builder + * + */ + public Builder acceptEula(Output acceptEula) { + $.acceptEula = acceptEula; + return this; + } + + /** + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + * @return builder + * + */ + public Builder acceptEula(Boolean acceptEula) { + return acceptEula(Output.of(acceptEula)); + } + + public ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs build() { + if ($.acceptEula == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs", "acceptEula"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerArgs.java index 722b87d77b5..b353c7a84b6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerArgs.java @@ -3,12 +3,14 @@ package com.pulumi.aws.sagemaker.inputs; +import com.pulumi.aws.sagemaker.inputs.ModelContainerAdditionalModelDataSourceArgs; import com.pulumi.aws.sagemaker.inputs.ModelContainerImageConfigArgs; import com.pulumi.aws.sagemaker.inputs.ModelContainerModelDataSourceArgs; import com.pulumi.aws.sagemaker.inputs.ModelContainerMultiModelConfigArgs; import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import java.lang.String; +import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Optional; @@ -20,14 +22,29 @@ public final class ModelContainerArgs extends com.pulumi.resources.ResourceArgs public static final ModelContainerArgs Empty = new ModelContainerArgs(); /** - * The DNS host name for the container. + * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + @Import(name="additionalModelDataSources") + private @Nullable Output> additionalModelDataSources; + + /** + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + public Optional>> additionalModelDataSources() { + return Optional.ofNullable(this.additionalModelDataSources); + } + + /** + * DNS host name for the container. * */ @Import(name="containerHostname") private @Nullable Output containerHostname; /** - * @return The DNS host name for the container. + * @return DNS host name for the container. * */ public Optional> containerHostname() { @@ -36,7 +53,6 @@ public Optional> containerHostname() { /** * Environment variables for the Docker container. - * A list of key value pairs. * */ @Import(name="environment") @@ -44,7 +60,6 @@ public Optional> containerHostname() { /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ public Optional>> environment() { @@ -52,14 +67,14 @@ public Optional>> environment() { } /** - * The registry path where the inference code image is stored in Amazon ECR. + * Registry path where the inference code image is stored in Amazon ECR. * */ @Import(name="image") private @Nullable Output image; /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ public Optional> image() { @@ -82,14 +97,14 @@ public Optional> imageConfig() { } /** - * The inference specification name in the model package version. + * Inference specification name in the model package version. * */ @Import(name="inferenceSpecificationName") private @Nullable Output inferenceSpecificationName; /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ public Optional> inferenceSpecificationName() { @@ -97,14 +112,14 @@ public Optional> inferenceSpecificationName() { } /** - * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * */ @Import(name="mode") private @Nullable Output mode; /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * */ public Optional> mode() { @@ -112,14 +127,14 @@ public Optional> mode() { } /** - * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ @Import(name="modelDataSource") private @Nullable Output modelDataSource; /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ public Optional> modelDataSource() { @@ -127,14 +142,14 @@ public Optional> modelDataSource() { } /** - * The URL for the S3 location where model artifacts are stored. + * URL for the S3 location where model artifacts are stored. * */ @Import(name="modelDataUrl") private @Nullable Output modelDataUrl; /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ public Optional> modelDataUrl() { @@ -142,14 +157,16 @@ public Optional> modelDataUrl() { } /** - * The Amazon Resource Name (ARN) of the model package to use to create the model. + * Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ @Import(name="modelPackageName") private @Nullable Output modelPackageName; /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ public Optional> modelPackageName() { @@ -174,6 +191,7 @@ public Optional> multiModelConfig() { private ModelContainerArgs() {} private ModelContainerArgs(ModelContainerArgs $) { + this.additionalModelDataSources = $.additionalModelDataSources; this.containerHostname = $.containerHostname; this.environment = $.environment; this.image = $.image; @@ -205,7 +223,38 @@ public Builder(ModelContainerArgs defaults) { } /** - * @param containerHostname The DNS host name for the container. + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(@Nullable Output> additionalModelDataSources) { + $.additionalModelDataSources = additionalModelDataSources; + return this; + } + + /** + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(List additionalModelDataSources) { + return additionalModelDataSources(Output.of(additionalModelDataSources)); + } + + /** + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(ModelContainerAdditionalModelDataSourceArgs... additionalModelDataSources) { + return additionalModelDataSources(List.of(additionalModelDataSources)); + } + + /** + * @param containerHostname DNS host name for the container. * * @return builder * @@ -216,7 +265,7 @@ public Builder containerHostname(@Nullable Output containerHostname) { } /** - * @param containerHostname The DNS host name for the container. + * @param containerHostname DNS host name for the container. * * @return builder * @@ -227,7 +276,6 @@ public Builder containerHostname(String containerHostname) { /** * @param environment Environment variables for the Docker container. - * A list of key value pairs. * * @return builder * @@ -239,7 +287,6 @@ public Builder environment(@Nullable Output> environment) { /** * @param environment Environment variables for the Docker container. - * A list of key value pairs. * * @return builder * @@ -249,7 +296,7 @@ public Builder environment(Map environment) { } /** - * @param image The registry path where the inference code image is stored in Amazon ECR. + * @param image Registry path where the inference code image is stored in Amazon ECR. * * @return builder * @@ -260,7 +307,7 @@ public Builder image(@Nullable Output image) { } /** - * @param image The registry path where the inference code image is stored in Amazon ECR. + * @param image Registry path where the inference code image is stored in Amazon ECR. * * @return builder * @@ -291,7 +338,7 @@ public Builder imageConfig(ModelContainerImageConfigArgs imageConfig) { } /** - * @param inferenceSpecificationName The inference specification name in the model package version. + * @param inferenceSpecificationName Inference specification name in the model package version. * * @return builder * @@ -302,7 +349,7 @@ public Builder inferenceSpecificationName(@Nullable Output inferenceSpec } /** - * @param inferenceSpecificationName The inference specification name in the model package version. + * @param inferenceSpecificationName Inference specification name in the model package version. * * @return builder * @@ -312,7 +359,7 @@ public Builder inferenceSpecificationName(String inferenceSpecificationName) { } /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @param mode Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * * @return builder * @@ -323,7 +370,7 @@ public Builder mode(@Nullable Output mode) { } /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @param mode Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * * @return builder * @@ -333,7 +380,7 @@ public Builder mode(String mode) { } /** - * @param modelDataSource The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @param modelDataSource Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * * @return builder * @@ -344,7 +391,7 @@ public Builder modelDataSource(@Nullable Output modelDataUrl) { } /** - * @param modelDataUrl The URL for the S3 location where model artifacts are stored. + * @param modelDataUrl URL for the S3 location where model artifacts are stored. * * @return builder * @@ -375,7 +422,8 @@ public Builder modelDataUrl(String modelDataUrl) { } /** - * @param modelPackageName The Amazon Resource Name (ARN) of the model package to use to create the model. + * @param modelPackageName Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * * @return builder * @@ -386,7 +434,8 @@ public Builder modelPackageName(@Nullable Output modelPackageName) { } /** - * @param modelPackageName The Amazon Resource Name (ARN) of the model package to use to create the model. + * @param modelPackageName Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.java index 61c6a69133d..1f76ea72a4b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerImageConfigRepositoryAuthConfigArgs.java @@ -15,14 +15,14 @@ public final class ModelContainerImageConfigRepositoryAuthConfigArgs extends com public static final ModelContainerImageConfigRepositoryAuthConfigArgs Empty = new ModelContainerImageConfigRepositoryAuthConfigArgs(); /** - * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ @Import(name="repositoryCredentialsProviderArn", required=true) private Output repositoryCredentialsProviderArn; /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ public Output repositoryCredentialsProviderArn() { @@ -54,7 +54,7 @@ public Builder(ModelContainerImageConfigRepositoryAuthConfigArgs defaults) { } /** - * @param repositoryCredentialsProviderArn The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @param repositoryCredentialsProviderArn Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * * @return builder * @@ -65,7 +65,7 @@ public Builder repositoryCredentialsProviderArn(Output repositoryCredent } /** - * @param repositoryCredentialsProviderArn The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @param repositoryCredentialsProviderArn Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceArgs.java index f7f854885f8..ec10ca5b22e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceArgs.java @@ -16,14 +16,14 @@ public final class ModelContainerModelDataSourceArgs extends com.pulumi.resource public static final ModelContainerModelDataSourceArgs Empty = new ModelContainerModelDataSourceArgs(); /** - * The S3 location of model data to deploy. + * S3 location of model data to deploy. See S3 Data Source. * */ @Import(name="s3DataSources", required=true) private Output> s3DataSources; /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ public Output> s3DataSources() { @@ -55,7 +55,7 @@ public Builder(ModelContainerModelDataSourceArgs defaults) { } /** - * @param s3DataSources The S3 location of model data to deploy. + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. * * @return builder * @@ -66,7 +66,7 @@ public Builder s3DataSources(Output } /** - * @param s3DataSources The S3 location of model data to deploy. + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceArgs.java index 647131ad5cd..0cd56ba5439 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceArgs.java @@ -33,14 +33,14 @@ public Output compressionType() { } /** - * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ @Import(name="modelAccessConfig") private @Nullable Output modelAccessConfig; /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ public Optional> modelAccessConfig() { @@ -48,14 +48,14 @@ public Optional s3DataType; /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ public Output s3DataType() { @@ -126,7 +126,7 @@ public Builder compressionType(String compressionType) { } /** - * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * * @return builder * @@ -137,7 +137,7 @@ public Builder modelAccessConfig(@Nullable Output s3DataType) { } /** - * @param s3DataType The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java index 2b9dc6d6ed8..1a7ccc7d84c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java @@ -15,14 +15,14 @@ public final class ModelContainerModelDataSourceS3DataSourceModelAccessConfigArg public static final ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs Empty = new ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs(); /** - * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ @Import(name="acceptEula", required=true) private Output acceptEula; /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ public Output acceptEula() { @@ -54,7 +54,7 @@ public Builder(ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs de } /** - * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * * @return builder * @@ -65,7 +65,7 @@ public Builder acceptEula(Output acceptEula) { } /** - * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelInferenceExecutionConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelInferenceExecutionConfigArgs.java index b5fd8755f1f..d4bfa9d1175 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelInferenceExecutionConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelInferenceExecutionConfigArgs.java @@ -15,14 +15,14 @@ public final class ModelInferenceExecutionConfigArgs extends com.pulumi.resource public static final ModelInferenceExecutionConfigArgs Empty = new ModelInferenceExecutionConfigArgs(); /** - * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * */ @Import(name="mode", required=true) private Output mode; /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * */ public Output mode() { @@ -54,7 +54,7 @@ public Builder(ModelInferenceExecutionConfigArgs defaults) { } /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @param mode How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * * @return builder * @@ -65,7 +65,7 @@ public Builder mode(Output mode) { } /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @param mode How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.java new file mode 100644 index 00000000000..43ec852f4ae --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ModelPrimaryContainerAdditionalModelDataSourceArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelPrimaryContainerAdditionalModelDataSourceArgs Empty = new ModelPrimaryContainerAdditionalModelDataSourceArgs(); + + /** + * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + @Import(name="channelName", required=true) + private Output channelName; + + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + public Output channelName() { + return this.channelName; + } + + /** + * S3 location of model data to deploy. See S3 Data Source. + * + */ + @Import(name="s3DataSources", required=true) + private Output> s3DataSources; + + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + public Output> s3DataSources() { + return this.s3DataSources; + } + + private ModelPrimaryContainerAdditionalModelDataSourceArgs() {} + + private ModelPrimaryContainerAdditionalModelDataSourceArgs(ModelPrimaryContainerAdditionalModelDataSourceArgs $) { + this.channelName = $.channelName; + this.s3DataSources = $.s3DataSources; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSourceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelPrimaryContainerAdditionalModelDataSourceArgs $; + + public Builder() { + $ = new ModelPrimaryContainerAdditionalModelDataSourceArgs(); + } + + public Builder(ModelPrimaryContainerAdditionalModelDataSourceArgs defaults) { + $ = new ModelPrimaryContainerAdditionalModelDataSourceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param channelName Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + * @return builder + * + */ + public Builder channelName(Output channelName) { + $.channelName = channelName; + return this; + } + + /** + * @param channelName Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + * @return builder + * + */ + public Builder channelName(String channelName) { + return channelName(Output.of(channelName)); + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(Output> s3DataSources) { + $.s3DataSources = s3DataSources; + return this; + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(List s3DataSources) { + return s3DataSources(Output.of(s3DataSources)); + } + + /** + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. + * + * @return builder + * + */ + public Builder s3DataSources(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs... s3DataSources) { + return s3DataSources(List.of(s3DataSources)); + } + + public ModelPrimaryContainerAdditionalModelDataSourceArgs build() { + if ($.channelName == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceArgs", "channelName"); + } + if ($.s3DataSources == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceArgs", "s3DataSources"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.java new file mode 100644 index 00000000000..cac1aac0662 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs.java @@ -0,0 +1,205 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs Empty = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs(); + + /** + * How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + @Import(name="compressionType", required=true) + private Output compressionType; + + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + public Output compressionType() { + return this.compressionType; + } + + /** + * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + @Import(name="modelAccessConfig") + private @Nullable Output modelAccessConfig; + + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + public Optional> modelAccessConfig() { + return Optional.ofNullable(this.modelAccessConfig); + } + + /** + * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + @Import(name="s3DataType", required=true) + private Output s3DataType; + + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + public Output s3DataType() { + return this.s3DataType; + } + + /** + * The S3 path of model data to deploy. + * + */ + @Import(name="s3Uri", required=true) + private Output s3Uri; + + /** + * @return The S3 path of model data to deploy. + * + */ + public Output s3Uri() { + return this.s3Uri; + } + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs() {} + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs $) { + this.compressionType = $.compressionType; + this.modelAccessConfig = $.modelAccessConfig; + this.s3DataType = $.s3DataType; + this.s3Uri = $.s3Uri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs $; + + public Builder() { + $ = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs(); + } + + public Builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs defaults) { + $ = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param compressionType How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + * @return builder + * + */ + public Builder compressionType(Output compressionType) { + $.compressionType = compressionType; + return this; + } + + /** + * @param compressionType How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + * @return builder + * + */ + public Builder compressionType(String compressionType) { + return compressionType(Output.of(compressionType)); + } + + /** + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + * @return builder + * + */ + public Builder modelAccessConfig(@Nullable Output modelAccessConfig) { + $.modelAccessConfig = modelAccessConfig; + return this; + } + + /** + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + * @return builder + * + */ + public Builder modelAccessConfig(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs modelAccessConfig) { + return modelAccessConfig(Output.of(modelAccessConfig)); + } + + /** + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + * @return builder + * + */ + public Builder s3DataType(Output s3DataType) { + $.s3DataType = s3DataType; + return this; + } + + /** + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + * @return builder + * + */ + public Builder s3DataType(String s3DataType) { + return s3DataType(Output.of(s3DataType)); + } + + /** + * @param s3Uri The S3 path of model data to deploy. + * + * @return builder + * + */ + public Builder s3Uri(Output s3Uri) { + $.s3Uri = s3Uri; + return this; + } + + /** + * @param s3Uri The S3 path of model data to deploy. + * + * @return builder + * + */ + public Builder s3Uri(String s3Uri) { + return s3Uri(Output.of(s3Uri)); + } + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs build() { + if ($.compressionType == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs", "compressionType"); + } + if ($.s3DataType == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs", "s3DataType"); + } + if ($.s3Uri == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs", "s3Uri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java new file mode 100644 index 00000000000..9620a8f5803 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + + +public final class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs Empty = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + + /** + * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + @Import(name="acceptEula", required=true) + private Output acceptEula; + + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + public Output acceptEula() { + return this.acceptEula; + } + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs() {} + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs $) { + this.acceptEula = $.acceptEula; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs $; + + public Builder() { + $ = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(); + } + + public Builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs defaults) { + $ = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + * @return builder + * + */ + public Builder acceptEula(Output acceptEula) { + $.acceptEula = acceptEula; + return this; + } + + /** + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + * @return builder + * + */ + public Builder acceptEula(Boolean acceptEula) { + return acceptEula(Output.of(acceptEula)); + } + + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs build() { + if ($.acceptEula == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs", "acceptEula"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerArgs.java index 9b83a534efc..84b719ade25 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerArgs.java @@ -3,12 +3,14 @@ package com.pulumi.aws.sagemaker.inputs; +import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerAdditionalModelDataSourceArgs; import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerImageConfigArgs; import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerModelDataSourceArgs; import com.pulumi.aws.sagemaker.inputs.ModelPrimaryContainerMultiModelConfigArgs; import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; import java.lang.String; +import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Optional; @@ -20,14 +22,29 @@ public final class ModelPrimaryContainerArgs extends com.pulumi.resources.Resour public static final ModelPrimaryContainerArgs Empty = new ModelPrimaryContainerArgs(); /** - * The DNS host name for the container. + * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + @Import(name="additionalModelDataSources") + private @Nullable Output> additionalModelDataSources; + + /** + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + public Optional>> additionalModelDataSources() { + return Optional.ofNullable(this.additionalModelDataSources); + } + + /** + * DNS host name for the container. * */ @Import(name="containerHostname") private @Nullable Output containerHostname; /** - * @return The DNS host name for the container. + * @return DNS host name for the container. * */ public Optional> containerHostname() { @@ -36,7 +53,6 @@ public Optional> containerHostname() { /** * Environment variables for the Docker container. - * A list of key value pairs. * */ @Import(name="environment") @@ -44,7 +60,6 @@ public Optional> containerHostname() { /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ public Optional>> environment() { @@ -52,14 +67,14 @@ public Optional>> environment() { } /** - * The registry path where the inference code image is stored in Amazon ECR. + * Registry path where the inference code image is stored in Amazon ECR. * */ @Import(name="image") private @Nullable Output image; /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ public Optional> image() { @@ -82,44 +97,36 @@ public Optional> imageConfig() { } /** - * The inference specification name in the model package version. + * Inference specification name in the model package version. * */ @Import(name="inferenceSpecificationName") private @Nullable Output inferenceSpecificationName; /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ public Optional> inferenceSpecificationName() { return Optional.ofNullable(this.inferenceSpecificationName); } - /** - * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - */ @Import(name="mode") private @Nullable Output mode; - /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - */ public Optional> mode() { return Optional.ofNullable(this.mode); } /** - * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ @Import(name="modelDataSource") private @Nullable Output modelDataSource; /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ public Optional> modelDataSource() { @@ -127,14 +134,14 @@ public Optional> modelDataSourc } /** - * The URL for the S3 location where model artifacts are stored. + * URL for the S3 location where model artifacts are stored. * */ @Import(name="modelDataUrl") private @Nullable Output modelDataUrl; /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ public Optional> modelDataUrl() { @@ -142,14 +149,16 @@ public Optional> modelDataUrl() { } /** - * The Amazon Resource Name (ARN) of the model package to use to create the model. + * Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ @Import(name="modelPackageName") private @Nullable Output modelPackageName; /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ public Optional> modelPackageName() { @@ -174,6 +183,7 @@ public Optional> multiModelCon private ModelPrimaryContainerArgs() {} private ModelPrimaryContainerArgs(ModelPrimaryContainerArgs $) { + this.additionalModelDataSources = $.additionalModelDataSources; this.containerHostname = $.containerHostname; this.environment = $.environment; this.image = $.image; @@ -205,7 +215,38 @@ public Builder(ModelPrimaryContainerArgs defaults) { } /** - * @param containerHostname The DNS host name for the container. + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(@Nullable Output> additionalModelDataSources) { + $.additionalModelDataSources = additionalModelDataSources; + return this; + } + + /** + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(List additionalModelDataSources) { + return additionalModelDataSources(Output.of(additionalModelDataSources)); + } + + /** + * @param additionalModelDataSources Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + * @return builder + * + */ + public Builder additionalModelDataSources(ModelPrimaryContainerAdditionalModelDataSourceArgs... additionalModelDataSources) { + return additionalModelDataSources(List.of(additionalModelDataSources)); + } + + /** + * @param containerHostname DNS host name for the container. * * @return builder * @@ -216,7 +257,7 @@ public Builder containerHostname(@Nullable Output containerHostname) { } /** - * @param containerHostname The DNS host name for the container. + * @param containerHostname DNS host name for the container. * * @return builder * @@ -227,7 +268,6 @@ public Builder containerHostname(String containerHostname) { /** * @param environment Environment variables for the Docker container. - * A list of key value pairs. * * @return builder * @@ -239,7 +279,6 @@ public Builder environment(@Nullable Output> environment) { /** * @param environment Environment variables for the Docker container. - * A list of key value pairs. * * @return builder * @@ -249,7 +288,7 @@ public Builder environment(Map environment) { } /** - * @param image The registry path where the inference code image is stored in Amazon ECR. + * @param image Registry path where the inference code image is stored in Amazon ECR. * * @return builder * @@ -260,7 +299,7 @@ public Builder image(@Nullable Output image) { } /** - * @param image The registry path where the inference code image is stored in Amazon ECR. + * @param image Registry path where the inference code image is stored in Amazon ECR. * * @return builder * @@ -291,7 +330,7 @@ public Builder imageConfig(ModelPrimaryContainerImageConfigArgs imageConfig) { } /** - * @param inferenceSpecificationName The inference specification name in the model package version. + * @param inferenceSpecificationName Inference specification name in the model package version. * * @return builder * @@ -302,7 +341,7 @@ public Builder inferenceSpecificationName(@Nullable Output inferenceSpec } /** - * @param inferenceSpecificationName The inference specification name in the model package version. + * @param inferenceSpecificationName Inference specification name in the model package version. * * @return builder * @@ -311,29 +350,17 @@ public Builder inferenceSpecificationName(String inferenceSpecificationName) { return inferenceSpecificationName(Output.of(inferenceSpecificationName)); } - /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - * @return builder - * - */ public Builder mode(@Nullable Output mode) { $.mode = mode; return this; } - /** - * @param mode The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - * @return builder - * - */ public Builder mode(String mode) { return mode(Output.of(mode)); } /** - * @param modelDataSource The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @param modelDataSource Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * * @return builder * @@ -344,7 +371,7 @@ public Builder modelDataSource(@Nullable Output modelDataUrl) { } /** - * @param modelDataUrl The URL for the S3 location where model artifacts are stored. + * @param modelDataUrl URL for the S3 location where model artifacts are stored. * * @return builder * @@ -375,7 +402,8 @@ public Builder modelDataUrl(String modelDataUrl) { } /** - * @param modelPackageName The Amazon Resource Name (ARN) of the model package to use to create the model. + * @param modelPackageName Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * * @return builder * @@ -386,7 +414,8 @@ public Builder modelPackageName(@Nullable Output modelPackageName) { } /** - * @param modelPackageName The Amazon Resource Name (ARN) of the model package to use to create the model. + * @param modelPackageName Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.java index 2b5540ba837..d4ff3ad45b0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs.java @@ -15,14 +15,14 @@ public final class ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs exte public static final ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs Empty = new ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs(); /** - * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ @Import(name="repositoryCredentialsProviderArn", required=true) private Output repositoryCredentialsProviderArn; /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ public Output repositoryCredentialsProviderArn() { @@ -54,7 +54,7 @@ public Builder(ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs defaults } /** - * @param repositoryCredentialsProviderArn The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @param repositoryCredentialsProviderArn Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * * @return builder * @@ -65,7 +65,7 @@ public Builder repositoryCredentialsProviderArn(Output repositoryCredent } /** - * @param repositoryCredentialsProviderArn The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @param repositoryCredentialsProviderArn Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceArgs.java index 32916f4232c..b96d09ec84f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceArgs.java @@ -16,14 +16,14 @@ public final class ModelPrimaryContainerModelDataSourceArgs extends com.pulumi.r public static final ModelPrimaryContainerModelDataSourceArgs Empty = new ModelPrimaryContainerModelDataSourceArgs(); /** - * The S3 location of model data to deploy. + * S3 location of model data to deploy. See S3 Data Source. * */ @Import(name="s3DataSources", required=true) private Output> s3DataSources; /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ public Output> s3DataSources() { @@ -55,7 +55,7 @@ public Builder(ModelPrimaryContainerModelDataSourceArgs defaults) { } /** - * @param s3DataSources The S3 location of model data to deploy. + * @param s3DataSources S3 location of model data to deploy. See S3 Data Source. * * @return builder * @@ -66,7 +66,7 @@ public Builder s3DataSources(Output compressionType() { } /** - * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ @Import(name="modelAccessConfig") private @Nullable Output modelAccessConfig; /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ public Optional> modelAccessConfig() { @@ -48,14 +48,14 @@ public Optional s3DataType; /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ public Output s3DataType() { @@ -126,7 +126,7 @@ public Builder compressionType(String compressionType) { } /** - * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @param modelAccessConfig Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * * @return builder * @@ -137,7 +137,7 @@ public Builder modelAccessConfig(@Nullable Output s3DataType) { } /** - * @param s3DataType The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @param s3DataType Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java index b7773df6859..ee8564f021e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs.java @@ -15,14 +15,14 @@ public final class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessCo public static final ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs Empty = new ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs(); /** - * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ @Import(name="acceptEula", required=true) private Output acceptEula; /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ public Output acceptEula() { @@ -54,7 +54,7 @@ public Builder(ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig } /** - * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * * @return builder * @@ -65,7 +65,7 @@ public Builder acceptEula(Output acceptEula) { } /** - * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @param acceptEula Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelState.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelState.java index a570de920d3..878d00ed9e9 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelState.java @@ -23,14 +23,14 @@ public final class ModelState extends com.pulumi.resources.ResourceArgs { public static final ModelState Empty = new ModelState(); /** - * The Amazon Resource Name (ARN) assigned by AWS to this model. + * Amazon Resource Name (ARN) assigned by AWS to this model. * */ @Import(name="arn") private @Nullable Output arn; /** - * @return The Amazon Resource Name (ARN) assigned by AWS to this model. + * @return Amazon Resource Name (ARN) assigned by AWS to this model. * */ public Optional> arn() { @@ -98,14 +98,14 @@ public Optional> inferenceExecutionCon } /** - * The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ @Import(name="name") private @Nullable Output name; /** - * @return The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @return Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * */ public Optional> name() { @@ -113,14 +113,14 @@ public Optional> name() { } /** - * The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ @Import(name="primaryContainer") private @Nullable Output primaryContainer; /** - * @return The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @return Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * */ public Optional> primaryContainer() { @@ -222,7 +222,7 @@ public Builder(ModelState defaults) { } /** - * @param arn The Amazon Resource Name (ARN) assigned by AWS to this model. + * @param arn Amazon Resource Name (ARN) assigned by AWS to this model. * * @return builder * @@ -233,7 +233,7 @@ public Builder arn(@Nullable Output arn) { } /** - * @param arn The Amazon Resource Name (ARN) assigned by AWS to this model. + * @param arn Amazon Resource Name (ARN) assigned by AWS to this model. * * @return builder * @@ -337,7 +337,7 @@ public Builder inferenceExecutionConfig(ModelInferenceExecutionConfigArgs infere } /** - * @param name The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @param name Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * * @return builder * @@ -348,7 +348,7 @@ public Builder name(@Nullable Output name) { } /** - * @param name The name of the model (must be unique). If omitted, this provider will assign a random, unique name. + * @param name Name of the model (must be unique). If omitted, the provider will assign a random, unique name. * * @return builder * @@ -358,7 +358,7 @@ public Builder name(String name) { } /** - * @param primaryContainer The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @param primaryContainer Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * * @return builder * @@ -369,7 +369,7 @@ public Builder primaryContainer(@Nullable Output prim } /** - * @param primaryContainer The primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. + * @param primaryContainer Primary docker image containing inference code that is used when the model is deployed for predictions. If not specified, the `container` argument is required. Fields are documented below. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelVpcConfigArgs.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelVpcConfigArgs.java index ccc8fac9d3a..caba1fcc86b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelVpcConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/inputs/ModelVpcConfigArgs.java @@ -15,16 +15,32 @@ public final class ModelVpcConfigArgs extends com.pulumi.resources.ResourceArgs public static final ModelVpcConfigArgs Empty = new ModelVpcConfigArgs(); + /** + * List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + */ @Import(name="securityGroupIds", required=true) private Output> securityGroupIds; + /** + * @return List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + */ public Output> securityGroupIds() { return this.securityGroupIds; } + /** + * List of subnet IDs in the VPC to which you want to connect your training job or model. + * + */ @Import(name="subnets", required=true) private Output> subnets; + /** + * @return List of subnet IDs in the VPC to which you want to connect your training job or model. + * + */ public Output> subnets() { return this.subnets; } @@ -54,28 +70,64 @@ public Builder(ModelVpcConfigArgs defaults) { $ = new ModelVpcConfigArgs(Objects.requireNonNull(defaults)); } + /** + * @param securityGroupIds List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + * @return builder + * + */ public Builder securityGroupIds(Output> securityGroupIds) { $.securityGroupIds = securityGroupIds; return this; } + /** + * @param securityGroupIds List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + * @return builder + * + */ public Builder securityGroupIds(List securityGroupIds) { return securityGroupIds(Output.of(securityGroupIds)); } + /** + * @param securityGroupIds List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + * @return builder + * + */ public Builder securityGroupIds(String... securityGroupIds) { return securityGroupIds(List.of(securityGroupIds)); } + /** + * @param subnets List of subnet IDs in the VPC to which you want to connect your training job or model. + * + * @return builder + * + */ public Builder subnets(Output> subnets) { $.subnets = subnets; return this; } + /** + * @param subnets List of subnet IDs in the VPC to which you want to connect your training job or model. + * + * @return builder + * + */ public Builder subnets(List subnets) { return subnets(Output.of(subnets)); } + /** + * @param subnets List of subnet IDs in the VPC to which you want to connect your training job or model. + * + * @return builder + * + */ public Builder subnets(String... subnets) { return subnets(List.of(subnets)); } diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainer.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainer.java index 2f95f05227a..a4fe762991a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainer.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainer.java @@ -3,11 +3,13 @@ package com.pulumi.aws.sagemaker.outputs; +import com.pulumi.aws.sagemaker.outputs.ModelContainerAdditionalModelDataSource; import com.pulumi.aws.sagemaker.outputs.ModelContainerImageConfig; import com.pulumi.aws.sagemaker.outputs.ModelContainerModelDataSource; import com.pulumi.aws.sagemaker.outputs.ModelContainerMultiModelConfig; import com.pulumi.core.annotations.CustomType; import java.lang.String; +import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Optional; @@ -16,18 +18,22 @@ @CustomType public final class ModelContainer { /** - * @return The DNS host name for the container. + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + private @Nullable List additionalModelDataSources; + /** + * @return DNS host name for the container. * */ private @Nullable String containerHostname; /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ private @Nullable Map environment; /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ private @Nullable String image; @@ -37,27 +43,28 @@ public final class ModelContainer { */ private @Nullable ModelContainerImageConfig imageConfig; /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ private @Nullable String inferenceSpecificationName; /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * */ private @Nullable String mode; /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ private @Nullable ModelContainerModelDataSource modelDataSource; /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ private @Nullable String modelDataUrl; /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ private @Nullable String modelPackageName; @@ -69,7 +76,14 @@ public final class ModelContainer { private ModelContainer() {} /** - * @return The DNS host name for the container. + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + public List additionalModelDataSources() { + return this.additionalModelDataSources == null ? List.of() : this.additionalModelDataSources; + } + /** + * @return DNS host name for the container. * */ public Optional containerHostname() { @@ -77,14 +91,13 @@ public Optional containerHostname() { } /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ public Map environment() { return this.environment == null ? Map.of() : this.environment; } /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ public Optional image() { @@ -98,35 +111,36 @@ public Optional imageConfig() { return Optional.ofNullable(this.imageConfig); } /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ public Optional inferenceSpecificationName() { return Optional.ofNullable(this.inferenceSpecificationName); } /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`. * */ public Optional mode() { return Optional.ofNullable(this.mode); } /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ public Optional modelDataSource() { return Optional.ofNullable(this.modelDataSource); } /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ public Optional modelDataUrl() { return Optional.ofNullable(this.modelDataUrl); } /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ public Optional modelPackageName() { @@ -149,6 +163,7 @@ public static Builder builder(ModelContainer defaults) { } @CustomType.Builder public static final class Builder { + private @Nullable List additionalModelDataSources; private @Nullable String containerHostname; private @Nullable Map environment; private @Nullable String image; @@ -162,6 +177,7 @@ public static final class Builder { public Builder() {} public Builder(ModelContainer defaults) { Objects.requireNonNull(defaults); + this.additionalModelDataSources = defaults.additionalModelDataSources; this.containerHostname = defaults.containerHostname; this.environment = defaults.environment; this.image = defaults.image; @@ -174,6 +190,15 @@ public Builder(ModelContainer defaults) { this.multiModelConfig = defaults.multiModelConfig; } + @CustomType.Setter + public Builder additionalModelDataSources(@Nullable List additionalModelDataSources) { + + this.additionalModelDataSources = additionalModelDataSources; + return this; + } + public Builder additionalModelDataSources(ModelContainerAdditionalModelDataSource... additionalModelDataSources) { + return additionalModelDataSources(List.of(additionalModelDataSources)); + } @CustomType.Setter public Builder containerHostname(@Nullable String containerHostname) { @@ -236,6 +261,7 @@ public Builder multiModelConfig(@Nullable ModelContainerMultiModelConfig multiMo } public ModelContainer build() { final var _resultValue = new ModelContainer(); + _resultValue.additionalModelDataSources = additionalModelDataSources; _resultValue.containerHostname = containerHostname; _resultValue.environment = environment; _resultValue.image = image; diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSource.java new file mode 100644 index 00000000000..2d50c2802c8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSource.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.aws.sagemaker.outputs.ModelContainerAdditionalModelDataSourceS3DataSource; +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ModelContainerAdditionalModelDataSource { + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + private String channelName; + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + private List s3DataSources; + + private ModelContainerAdditionalModelDataSource() {} + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + public String channelName() { + return this.channelName; + } + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + public List s3DataSources() { + return this.s3DataSources; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelContainerAdditionalModelDataSource defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String channelName; + private List s3DataSources; + public Builder() {} + public Builder(ModelContainerAdditionalModelDataSource defaults) { + Objects.requireNonNull(defaults); + this.channelName = defaults.channelName; + this.s3DataSources = defaults.s3DataSources; + } + + @CustomType.Setter + public Builder channelName(String channelName) { + if (channelName == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSource", "channelName"); + } + this.channelName = channelName; + return this; + } + @CustomType.Setter + public Builder s3DataSources(List s3DataSources) { + if (s3DataSources == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSource", "s3DataSources"); + } + this.s3DataSources = s3DataSources; + return this; + } + public Builder s3DataSources(ModelContainerAdditionalModelDataSourceS3DataSource... s3DataSources) { + return s3DataSources(List.of(s3DataSources)); + } + public ModelContainerAdditionalModelDataSource build() { + final var _resultValue = new ModelContainerAdditionalModelDataSource(); + _resultValue.channelName = channelName; + _resultValue.s3DataSources = s3DataSources; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSource.java new file mode 100644 index 00000000000..4180e841e76 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSource.java @@ -0,0 +1,128 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.aws.sagemaker.outputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig; +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ModelContainerAdditionalModelDataSourceS3DataSource { + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + private String compressionType; + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + private @Nullable ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + private String s3DataType; + /** + * @return The S3 path of model data to deploy. + * + */ + private String s3Uri; + + private ModelContainerAdditionalModelDataSourceS3DataSource() {} + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + public String compressionType() { + return this.compressionType; + } + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + public Optional modelAccessConfig() { + return Optional.ofNullable(this.modelAccessConfig); + } + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + public String s3DataType() { + return this.s3DataType; + } + /** + * @return The S3 path of model data to deploy. + * + */ + public String s3Uri() { + return this.s3Uri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelContainerAdditionalModelDataSourceS3DataSource defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String compressionType; + private @Nullable ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; + private String s3DataType; + private String s3Uri; + public Builder() {} + public Builder(ModelContainerAdditionalModelDataSourceS3DataSource defaults) { + Objects.requireNonNull(defaults); + this.compressionType = defaults.compressionType; + this.modelAccessConfig = defaults.modelAccessConfig; + this.s3DataType = defaults.s3DataType; + this.s3Uri = defaults.s3Uri; + } + + @CustomType.Setter + public Builder compressionType(String compressionType) { + if (compressionType == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSource", "compressionType"); + } + this.compressionType = compressionType; + return this; + } + @CustomType.Setter + public Builder modelAccessConfig(@Nullable ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig) { + + this.modelAccessConfig = modelAccessConfig; + return this; + } + @CustomType.Setter + public Builder s3DataType(String s3DataType) { + if (s3DataType == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSource", "s3DataType"); + } + this.s3DataType = s3DataType; + return this; + } + @CustomType.Setter + public Builder s3Uri(String s3Uri) { + if (s3Uri == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSource", "s3Uri"); + } + this.s3Uri = s3Uri; + return this; + } + public ModelContainerAdditionalModelDataSourceS3DataSource build() { + final var _resultValue = new ModelContainerAdditionalModelDataSourceS3DataSource(); + _resultValue.compressionType = compressionType; + _resultValue.modelAccessConfig = modelAccessConfig; + _resultValue.s3DataType = s3DataType; + _resultValue.s3Uri = s3Uri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java new file mode 100644 index 00000000000..bde3d89810f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + +@CustomType +public final class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + private Boolean acceptEula; + + private ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig() {} + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + public Boolean acceptEula() { + return this.acceptEula; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean acceptEula; + public Builder() {} + public Builder(ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.acceptEula = defaults.acceptEula; + } + + @CustomType.Setter + public Builder acceptEula(Boolean acceptEula) { + if (acceptEula == null) { + throw new MissingRequiredPropertyException("ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig", "acceptEula"); + } + this.acceptEula = acceptEula; + return this; + } + public ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig build() { + final var _resultValue = new ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(); + _resultValue.acceptEula = acceptEula; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerImageConfigRepositoryAuthConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerImageConfigRepositoryAuthConfig.java index 02691c39219..a968bedc087 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerImageConfigRepositoryAuthConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerImageConfigRepositoryAuthConfig.java @@ -11,14 +11,14 @@ @CustomType public final class ModelContainerImageConfigRepositoryAuthConfig { /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ private String repositoryCredentialsProviderArn; private ModelContainerImageConfigRepositoryAuthConfig() {} /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ public String repositoryCredentialsProviderArn() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSource.java index fdfbe6b8a14..4ddbf246cb1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSource.java @@ -12,14 +12,14 @@ @CustomType public final class ModelContainerModelDataSource { /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ private List s3DataSources; private ModelContainerModelDataSource() {} /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ public List s3DataSources() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSource.java index ca71783e09a..70cc79c554e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSource.java @@ -19,12 +19,12 @@ public final class ModelContainerModelDataSourceS3DataSource { */ private String compressionType; /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ private @Nullable ModelContainerModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ private String s3DataType; @@ -43,14 +43,14 @@ public String compressionType() { return this.compressionType; } /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ public Optional modelAccessConfig() { return Optional.ofNullable(this.modelAccessConfig); } /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ public String s3DataType() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.java index 9114c33980c..156d7b6ed49 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelContainerModelDataSourceS3DataSourceModelAccessConfig.java @@ -11,14 +11,14 @@ @CustomType public final class ModelContainerModelDataSourceS3DataSourceModelAccessConfig { /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ private Boolean acceptEula; private ModelContainerModelDataSourceS3DataSourceModelAccessConfig() {} /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ public Boolean acceptEula() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelInferenceExecutionConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelInferenceExecutionConfig.java index 94740733fad..2927eb69c4f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelInferenceExecutionConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelInferenceExecutionConfig.java @@ -11,14 +11,14 @@ @CustomType public final class ModelInferenceExecutionConfig { /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * */ private String mode; private ModelInferenceExecutionConfig() {} /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. + * @return How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`. * */ public String mode() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainer.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainer.java index 64e6e6426a5..433a3eadb1d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainer.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainer.java @@ -3,11 +3,13 @@ package com.pulumi.aws.sagemaker.outputs; +import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerAdditionalModelDataSource; import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerImageConfig; import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerModelDataSource; import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerMultiModelConfig; import com.pulumi.core.annotations.CustomType; import java.lang.String; +import java.util.List; import java.util.Map; import java.util.Objects; import java.util.Optional; @@ -16,18 +18,22 @@ @CustomType public final class ModelPrimaryContainer { /** - * @return The DNS host name for the container. + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + private @Nullable List additionalModelDataSources; + /** + * @return DNS host name for the container. * */ private @Nullable String containerHostname; /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ private @Nullable Map environment; /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ private @Nullable String image; @@ -37,27 +43,24 @@ public final class ModelPrimaryContainer { */ private @Nullable ModelPrimaryContainerImageConfig imageConfig; /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ private @Nullable String inferenceSpecificationName; - /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - */ private @Nullable String mode; /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ private @Nullable ModelPrimaryContainerModelDataSource modelDataSource; /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ private @Nullable String modelDataUrl; /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ private @Nullable String modelPackageName; @@ -69,7 +72,14 @@ public final class ModelPrimaryContainer { private ModelPrimaryContainer() {} /** - * @return The DNS host name for the container. + * @return Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source. + * + */ + public List additionalModelDataSources() { + return this.additionalModelDataSources == null ? List.of() : this.additionalModelDataSources; + } + /** + * @return DNS host name for the container. * */ public Optional containerHostname() { @@ -77,14 +87,13 @@ public Optional containerHostname() { } /** * @return Environment variables for the Docker container. - * A list of key value pairs. * */ public Map environment() { return this.environment == null ? Map.of() : this.environment; } /** - * @return The registry path where the inference code image is stored in Amazon ECR. + * @return Registry path where the inference code image is stored in Amazon ECR. * */ public Optional image() { @@ -98,35 +107,32 @@ public Optional imageConfig() { return Optional.ofNullable(this.imageConfig); } /** - * @return The inference specification name in the model package version. + * @return Inference specification name in the model package version. * */ public Optional inferenceSpecificationName() { return Optional.ofNullable(this.inferenceSpecificationName); } - /** - * @return The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`. - * - */ public Optional mode() { return Optional.ofNullable(this.mode); } /** - * @return The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. + * @return Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_. * */ public Optional modelDataSource() { return Optional.ofNullable(this.modelDataSource); } /** - * @return The URL for the S3 location where model artifacts are stored. + * @return URL for the S3 location where model artifacts are stored. * */ public Optional modelDataUrl() { return Optional.ofNullable(this.modelDataUrl); } /** - * @return The Amazon Resource Name (ARN) of the model package to use to create the model. + * @return Amazon Resource Name (ARN) of the model package to use to create the model. + * A list of key value pairs. * */ public Optional modelPackageName() { @@ -149,6 +155,7 @@ public static Builder builder(ModelPrimaryContainer defaults) { } @CustomType.Builder public static final class Builder { + private @Nullable List additionalModelDataSources; private @Nullable String containerHostname; private @Nullable Map environment; private @Nullable String image; @@ -162,6 +169,7 @@ public static final class Builder { public Builder() {} public Builder(ModelPrimaryContainer defaults) { Objects.requireNonNull(defaults); + this.additionalModelDataSources = defaults.additionalModelDataSources; this.containerHostname = defaults.containerHostname; this.environment = defaults.environment; this.image = defaults.image; @@ -174,6 +182,15 @@ public Builder(ModelPrimaryContainer defaults) { this.multiModelConfig = defaults.multiModelConfig; } + @CustomType.Setter + public Builder additionalModelDataSources(@Nullable List additionalModelDataSources) { + + this.additionalModelDataSources = additionalModelDataSources; + return this; + } + public Builder additionalModelDataSources(ModelPrimaryContainerAdditionalModelDataSource... additionalModelDataSources) { + return additionalModelDataSources(List.of(additionalModelDataSources)); + } @CustomType.Setter public Builder containerHostname(@Nullable String containerHostname) { @@ -236,6 +253,7 @@ public Builder multiModelConfig(@Nullable ModelPrimaryContainerMultiModelConfig } public ModelPrimaryContainer build() { final var _resultValue = new ModelPrimaryContainer(); + _resultValue.additionalModelDataSources = additionalModelDataSources; _resultValue.containerHostname = containerHostname; _resultValue.environment = environment; _resultValue.image = image; diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSource.java new file mode 100644 index 00000000000..6cc9c5353a8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSource.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSource; +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ModelPrimaryContainerAdditionalModelDataSource { + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + private String channelName; + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + private List s3DataSources; + + private ModelPrimaryContainerAdditionalModelDataSource() {} + /** + * @return Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources/<channel_name>/`. + * + */ + public String channelName() { + return this.channelName; + } + /** + * @return S3 location of model data to deploy. See S3 Data Source. + * + */ + public List s3DataSources() { + return this.s3DataSources; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSource defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String channelName; + private List s3DataSources; + public Builder() {} + public Builder(ModelPrimaryContainerAdditionalModelDataSource defaults) { + Objects.requireNonNull(defaults); + this.channelName = defaults.channelName; + this.s3DataSources = defaults.s3DataSources; + } + + @CustomType.Setter + public Builder channelName(String channelName) { + if (channelName == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSource", "channelName"); + } + this.channelName = channelName; + return this; + } + @CustomType.Setter + public Builder s3DataSources(List s3DataSources) { + if (s3DataSources == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSource", "s3DataSources"); + } + this.s3DataSources = s3DataSources; + return this; + } + public Builder s3DataSources(ModelPrimaryContainerAdditionalModelDataSourceS3DataSource... s3DataSources) { + return s3DataSources(List.of(s3DataSources)); + } + public ModelPrimaryContainerAdditionalModelDataSource build() { + final var _resultValue = new ModelPrimaryContainerAdditionalModelDataSource(); + _resultValue.channelName = channelName; + _resultValue.s3DataSources = s3DataSources; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.java new file mode 100644 index 00000000000..14e2316e77d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.java @@ -0,0 +1,128 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.aws.sagemaker.outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig; +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ModelPrimaryContainerAdditionalModelDataSourceS3DataSource { + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + private String compressionType; + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + private @Nullable ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + private String s3DataType; + /** + * @return The S3 path of model data to deploy. + * + */ + private String s3Uri; + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSource() {} + /** + * @return How the model data is prepared. Allowed values are: `None` and `Gzip`. + * + */ + public String compressionType() { + return this.compressionType; + } + /** + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. + * + */ + public Optional modelAccessConfig() { + return Optional.ofNullable(this.modelAccessConfig); + } + /** + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * + */ + public String s3DataType() { + return this.s3DataType; + } + /** + * @return The S3 path of model data to deploy. + * + */ + public String s3Uri() { + return this.s3Uri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSource defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String compressionType; + private @Nullable ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; + private String s3DataType; + private String s3Uri; + public Builder() {} + public Builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSource defaults) { + Objects.requireNonNull(defaults); + this.compressionType = defaults.compressionType; + this.modelAccessConfig = defaults.modelAccessConfig; + this.s3DataType = defaults.s3DataType; + this.s3Uri = defaults.s3Uri; + } + + @CustomType.Setter + public Builder compressionType(String compressionType) { + if (compressionType == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSource", "compressionType"); + } + this.compressionType = compressionType; + return this; + } + @CustomType.Setter + public Builder modelAccessConfig(@Nullable ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig) { + + this.modelAccessConfig = modelAccessConfig; + return this; + } + @CustomType.Setter + public Builder s3DataType(String s3DataType) { + if (s3DataType == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSource", "s3DataType"); + } + this.s3DataType = s3DataType; + return this; + } + @CustomType.Setter + public Builder s3Uri(String s3Uri) { + if (s3Uri == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSource", "s3Uri"); + } + this.s3Uri = s3Uri; + return this; + } + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSource build() { + final var _resultValue = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSource(); + _resultValue.compressionType = compressionType; + _resultValue.modelAccessConfig = modelAccessConfig; + _resultValue.s3DataType = s3DataType; + _resultValue.s3Uri = s3Uri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java new file mode 100644 index 00000000000..a439b68bcc4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.sagemaker.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + +@CustomType +public final class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig { + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + private Boolean acceptEula; + + private ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig() {} + /** + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * + */ + public Boolean acceptEula() { + return this.acceptEula; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean acceptEula; + public Builder() {} + public Builder(ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.acceptEula = defaults.acceptEula; + } + + @CustomType.Setter + public Builder acceptEula(Boolean acceptEula) { + if (acceptEula == null) { + throw new MissingRequiredPropertyException("ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig", "acceptEula"); + } + this.acceptEula = acceptEula; + return this; + } + public ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig build() { + final var _resultValue = new ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(); + _resultValue.acceptEula = acceptEula; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.java index 487e27373b1..43bb487643e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerImageConfigRepositoryAuthConfig.java @@ -11,14 +11,14 @@ @CustomType public final class ModelPrimaryContainerImageConfigRepositoryAuthConfig { /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ private String repositoryCredentialsProviderArn; private ModelPrimaryContainerImageConfigRepositoryAuthConfig() {} /** - * @return The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. + * @return Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_. * */ public String repositoryCredentialsProviderArn() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSource.java index 7983fb7a253..2aaf6b1a52c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSource.java @@ -12,14 +12,14 @@ @CustomType public final class ModelPrimaryContainerModelDataSource { /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ private List s3DataSources; private ModelPrimaryContainerModelDataSource() {} /** - * @return The S3 location of model data to deploy. + * @return S3 location of model data to deploy. See S3 Data Source. * */ public List s3DataSources() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSource.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSource.java index 5b2fdb329f9..54bb583d1dd 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSource.java @@ -19,12 +19,12 @@ public final class ModelPrimaryContainerModelDataSourceS3DataSource { */ private String compressionType; /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ private @Nullable ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig modelAccessConfig; /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ private String s3DataType; @@ -43,14 +43,14 @@ public String compressionType() { return this.compressionType; } /** - * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config. + * @return Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config. * */ public Optional modelAccessConfig() { return Optional.ofNullable(this.modelAccessConfig); } /** - * @return The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. + * @return Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`. * */ public String s3DataType() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.java index 549c8fe0bf6..abfa5473312 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig.java @@ -11,14 +11,14 @@ @CustomType public final class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig { /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ private Boolean acceptEula; private ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig() {} /** - * @return Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. + * @return Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. * */ public Boolean acceptEula() { diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelVpcConfig.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelVpcConfig.java index a022c06b496..ae8fd51bba2 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelVpcConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/outputs/ModelVpcConfig.java @@ -11,13 +11,29 @@ @CustomType public final class ModelVpcConfig { + /** + * @return List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + */ private List securityGroupIds; + /** + * @return List of subnet IDs in the VPC to which you want to connect your training job or model. + * + */ private List subnets; private ModelVpcConfig() {} + /** + * @return List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field. + * + */ public List securityGroupIds() { return this.securityGroupIds; } + /** + * @return List of subnet IDs in the VPC to which you want to connect your training job or model. + * + */ public List subnets() { return this.subnets; } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignment.java b/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignment.java index 01e69a0b8bd..347214c2fc7 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignment.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignment.java @@ -11,7 +11,6 @@ import com.pulumi.core.annotations.ResourceType; import com.pulumi.core.internal.Codegen; import java.lang.String; -import java.util.Optional; import javax.annotation.Nullable; /** @@ -253,14 +252,14 @@ public Output targetId() { * */ @Export(name="targetType", refs={String.class}, tree="[0]") - private Output targetType; + private Output targetType; /** * @return The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. * */ - public Output> targetType() { - return Codegen.optional(this.targetType); + public Output targetType() { + return this.targetType; } /** diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignmentArgs.java b/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignmentArgs.java index e9e3b4e92fa..415e71066c4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignmentArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssoadmin/AccountAssignmentArgs.java @@ -110,15 +110,15 @@ public Output targetId() { * The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. * */ - @Import(name="targetType") - private @Nullable Output targetType; + @Import(name="targetType", required=true) + private Output targetType; /** * @return The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`. * */ - public Optional> targetType() { - return Optional.ofNullable(this.targetType); + public Output targetType() { + return this.targetType; } private AccountAssignmentArgs() {} @@ -283,7 +283,7 @@ public Builder targetId(String targetId) { * @return builder * */ - public Builder targetType(@Nullable Output targetType) { + public Builder targetType(Output targetType) { $.targetType = targetType; return this; } @@ -314,6 +314,9 @@ public AccountAssignmentArgs build() { if ($.targetId == null) { throw new MissingRequiredPropertyException("AccountAssignmentArgs", "targetId"); } + if ($.targetType == null) { + throw new MissingRequiredPropertyException("AccountAssignmentArgs", "targetType"); + } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbCluster.java b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbCluster.java index ef6cb076b05..f90c6ae83fe 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbCluster.java +++ b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbCluster.java @@ -222,6 +222,73 @@ * } * * + * ### Usage with InfluxDB V3 + * + * For InfluxDB V3 clusters, you can create a cluster without providing `allocatedStorage`, `bucket`, `organization`, `username`, `password`, or `deploymentType` by specifying a `dbParameterGroupIdentifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster: + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.timestreaminfluxdb.DbCluster;
+ * import com.pulumi.aws.timestreaminfluxdb.DbClusterArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new DbCluster("example", DbClusterArgs.builder()
+ *             .name("example-v3-cluster")
+ *             .dbInstanceType("db.influx.large")
+ *             .dbParameterGroupIdentifier("InfluxDBV3Core")
+ *             .vpcSubnetIds(            
+ *                 example1.id(),
+ *                 example2.id())
+ *             .vpcSecurityGroupIds(exampleAwsSecurityGroup.id())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * + * ## Cluster Type Requirements + * + * ### InfluxDB V2 Clusters (default) + * + * The following arguments are **required** for InfluxDB V2 clusters: + * + * * `allocatedStorage` + * * `bucket` + * * `deploymentType` + * * `organization` + * * `password` + * * `username` + * + * The `deploymentType` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified. + * + * ### InfluxDB V3 Clusters (when using V3 parameter groups) + * + * The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group): + * + * * `allocatedStorage` + * * `bucket` + * * `deploymentType` + * * `organization` + * * `password` + * * `username` + * * ## Import * * Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example: @@ -234,18 +301,18 @@ @ResourceType(type="aws:timestreaminfluxdb/dbCluster:DbCluster") public class DbCluster extends com.pulumi.resources.CustomResource { /** - * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Export(name="allocatedStorage", refs={Integer.class}, tree="[0]") - private Output allocatedStorage; + private Output allocatedStorage; /** - * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output allocatedStorage() { - return this.allocatedStorage; + public Output> allocatedStorage() { + return Codegen.optional(this.allocatedStorage); } /** * ARN of the Timestream for InfluxDB cluster. @@ -262,18 +329,18 @@ public Output arn() { return this.arn; } /** - * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Export(name="bucket", refs={String.class}, tree="[0]") - private Output bucket; + private Output bucket; /** - * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output bucket() { - return this.bucket; + public Output> bucket() { + return Codegen.optional(this.bucket); } /** * Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable. @@ -318,14 +385,14 @@ public Output dbStorageType() { return this.dbStorageType; } /** - * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Export(name="deploymentType", refs={String.class}, tree="[0]") private Output deploymentType; /** - * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Output deploymentType() { @@ -345,6 +412,20 @@ public Output deploymentType() { public Output endpoint() { return this.endpoint; } + /** + * Database engine type of the DB cluster. + * + */ + @Export(name="engineType", refs={String.class}, tree="[0]") + private Output engineType; + + /** + * @return Database engine type of the DB cluster. + * + */ + public Output engineType() { + return this.engineType; + } /** * Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. * @@ -360,14 +441,14 @@ public Output failoverMode() { return this.failoverMode; } /** - * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * */ @Export(name="influxAuthParametersSecretArn", refs={String.class}, tree="[0]") private Output influxAuthParametersSecretArn; /** - * @return ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * @return ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * */ public Output influxAuthParametersSecretArn() { @@ -416,32 +497,32 @@ public Output networkType() { return this.networkType; } /** - * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Export(name="organization", refs={String.class}, tree="[0]") - private Output organization; + private Output organization; /** - * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output organization() { - return this.organization; + public Output> organization() { + return Codegen.optional(this.organization); } /** - * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ @Export(name="password", refs={String.class}, tree="[0]") - private Output password; + private Output password; /** - * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ - public Output password() { - return this.password; + public Output> password() { + return Codegen.optional(this.password); } /** * The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable. @@ -534,18 +615,18 @@ public Output> timeouts() { return Codegen.optional(this.timeouts); } /** - * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Export(name="username", refs={String.class}, tree="[0]") - private Output username; + private Output username; /** - * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output username() { - return this.username; + public Output> username() { + return Codegen.optional(this.username); } /** * List of VPC security group IDs to associate with the cluster. diff --git a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbClusterArgs.java b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbClusterArgs.java index 9330ba534f3..2f66c9f4e36 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbClusterArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/DbClusterArgs.java @@ -23,33 +23,33 @@ public final class DbClusterArgs extends com.pulumi.resources.ResourceArgs { public static final DbClusterArgs Empty = new DbClusterArgs(); /** - * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - @Import(name="allocatedStorage", required=true) - private Output allocatedStorage; + @Import(name="allocatedStorage") + private @Nullable Output allocatedStorage; /** - * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output allocatedStorage() { - return this.allocatedStorage; + public Optional> allocatedStorage() { + return Optional.ofNullable(this.allocatedStorage); } /** - * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - @Import(name="bucket", required=true) - private Output bucket; + @Import(name="bucket") + private @Nullable Output bucket; /** - * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output bucket() { - return this.bucket; + public Optional> bucket() { + return Optional.ofNullable(this.bucket); } /** @@ -98,14 +98,14 @@ public Optional> dbStorageType() { } /** - * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="deploymentType") private @Nullable Output deploymentType; /** - * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> deploymentType() { @@ -173,33 +173,33 @@ public Optional> networkType() { } /** - * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - @Import(name="organization", required=true) - private Output organization; + @Import(name="organization") + private @Nullable Output organization; /** - * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output organization() { - return this.organization; + public Optional> organization() { + return Optional.ofNullable(this.organization); } /** - * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ - @Import(name="password", required=true) - private Output password; + @Import(name="password") + private @Nullable Output password; /** - * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ - public Output password() { - return this.password; + public Optional> password() { + return Optional.ofNullable(this.password); } /** @@ -270,18 +270,18 @@ public Optional> timeouts() { } /** - * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - @Import(name="username", required=true) - private Output username; + @Import(name="username") + private @Nullable Output username; /** - * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ - public Output username() { - return this.username; + public Optional> username() { + return Optional.ofNullable(this.username); } /** @@ -362,18 +362,18 @@ public Builder(DbClusterArgs defaults) { } /** - * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * */ - public Builder allocatedStorage(Output allocatedStorage) { + public Builder allocatedStorage(@Nullable Output allocatedStorage) { $.allocatedStorage = allocatedStorage; return this; } /** - * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -383,18 +383,18 @@ public Builder allocatedStorage(Integer allocatedStorage) { } /** - * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * */ - public Builder bucket(Output bucket) { + public Builder bucket(@Nullable Output bucket) { $.bucket = bucket; return this; } /** - * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -467,7 +467,7 @@ public Builder dbStorageType(String dbStorageType) { } /** - * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -478,7 +478,7 @@ public Builder deploymentType(@Nullable Output deploymentType) { } /** - * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -572,18 +572,18 @@ public Builder networkType(String networkType) { } /** - * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * */ - public Builder organization(Output organization) { + public Builder organization(@Nullable Output organization) { $.organization = organization; return this; } /** - * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -593,18 +593,18 @@ public Builder organization(String organization) { } /** - * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * * @return builder * */ - public Builder password(Output password) { + public Builder password(@Nullable Output password) { $.password = password; return this; } /** - * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * * @return builder * @@ -707,18 +707,18 @@ public Builder timeouts(DbClusterTimeoutsArgs timeouts) { } /** - * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * */ - public Builder username(Output username) { + public Builder username(@Nullable Output username) { $.username = username; return this; } /** - * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -796,24 +796,9 @@ public Builder vpcSubnetIds(String... vpcSubnetIds) { } public DbClusterArgs build() { - if ($.allocatedStorage == null) { - throw new MissingRequiredPropertyException("DbClusterArgs", "allocatedStorage"); - } - if ($.bucket == null) { - throw new MissingRequiredPropertyException("DbClusterArgs", "bucket"); - } if ($.dbInstanceType == null) { throw new MissingRequiredPropertyException("DbClusterArgs", "dbInstanceType"); } - if ($.organization == null) { - throw new MissingRequiredPropertyException("DbClusterArgs", "organization"); - } - if ($.password == null) { - throw new MissingRequiredPropertyException("DbClusterArgs", "password"); - } - if ($.username == null) { - throw new MissingRequiredPropertyException("DbClusterArgs", "username"); - } if ($.vpcSecurityGroupIds == null) { throw new MissingRequiredPropertyException("DbClusterArgs", "vpcSecurityGroupIds"); } diff --git a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/inputs/DbClusterState.java b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/inputs/DbClusterState.java index 8894c153c1d..98be507f689 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/inputs/DbClusterState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/timestreaminfluxdb/inputs/DbClusterState.java @@ -22,14 +22,14 @@ public final class DbClusterState extends com.pulumi.resources.ResourceArgs { public static final DbClusterState Empty = new DbClusterState(); /** - * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="allocatedStorage") private @Nullable Output allocatedStorage; /** - * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @return Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> allocatedStorage() { @@ -52,14 +52,14 @@ public Optional> arn() { } /** - * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="bucket") private @Nullable Output bucket; /** - * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> bucket() { @@ -112,14 +112,14 @@ public Optional> dbStorageType() { } /** - * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="deploymentType") private @Nullable Output deploymentType; /** - * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @return Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> deploymentType() { @@ -141,6 +141,21 @@ public Optional> endpoint() { return Optional.ofNullable(this.endpoint); } + /** + * Database engine type of the DB cluster. + * + */ + @Import(name="engineType") + private @Nullable Output engineType; + + /** + * @return Database engine type of the DB cluster. + * + */ + public Optional> engineType() { + return Optional.ofNullable(this.engineType); + } + /** * Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. * @@ -157,14 +172,14 @@ public Optional> failoverMode() { } /** - * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * */ @Import(name="influxAuthParametersSecretArn") private @Nullable Output influxAuthParametersSecretArn; /** - * @return ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * @return ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * */ public Optional> influxAuthParametersSecretArn() { @@ -217,14 +232,14 @@ public Optional> networkType() { } /** - * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="organization") private @Nullable Output organization; /** - * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> organization() { @@ -232,14 +247,14 @@ public Optional> organization() { } /** - * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ @Import(name="password") private @Nullable Output password; /** - * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * */ public Optional> password() { @@ -344,14 +359,14 @@ public Optional> timeouts() { } /** - * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ @Import(name="username") private @Nullable Output username; /** - * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @return Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * */ public Optional> username() { @@ -403,6 +418,7 @@ private DbClusterState(DbClusterState $) { this.dbStorageType = $.dbStorageType; this.deploymentType = $.deploymentType; this.endpoint = $.endpoint; + this.engineType = $.engineType; this.failoverMode = $.failoverMode; this.influxAuthParametersSecretArn = $.influxAuthParametersSecretArn; this.logDeliveryConfiguration = $.logDeliveryConfiguration; @@ -441,7 +457,7 @@ public Builder(DbClusterState defaults) { } /** - * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -452,7 +468,7 @@ public Builder allocatedStorage(@Nullable Output allocatedStorage) { } /** - * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. + * @param allocatedStorage Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: ` "InfluxIOIncludedT1": `20` , `"InfluxIOIncludedT2" and ` "InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -483,7 +499,7 @@ public Builder arn(String arn) { } /** - * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -494,7 +510,7 @@ public Builder bucket(@Nullable Output bucket) { } /** - * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param bucket Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -567,7 +583,7 @@ public Builder dbStorageType(String dbStorageType) { } /** - * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -578,7 +594,7 @@ public Builder deploymentType(@Nullable Output deploymentType) { } /** - * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. + * @param deploymentType Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -608,6 +624,27 @@ public Builder endpoint(String endpoint) { return endpoint(Output.of(endpoint)); } + /** + * @param engineType Database engine type of the DB cluster. + * + * @return builder + * + */ + public Builder engineType(@Nullable Output engineType) { + $.engineType = engineType; + return this; + } + + /** + * @param engineType Database engine type of the DB cluster. + * + * @return builder + * + */ + public Builder engineType(String engineType) { + return engineType(Output.of(engineType)); + } + /** * @param failoverMode Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`. * @@ -630,7 +667,7 @@ public Builder failoverMode(String failoverMode) { } /** - * @param influxAuthParametersSecretArn ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * @param influxAuthParametersSecretArn ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * * @return builder * @@ -641,7 +678,7 @@ public Builder influxAuthParametersSecretArn(@Nullable Output influxAuth } /** - * @param influxAuthParametersSecretArn ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. + * @param influxAuthParametersSecretArn ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token. * * @return builder * @@ -714,7 +751,7 @@ public Builder networkType(String networkType) { } /** - * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -725,7 +762,7 @@ public Builder organization(@Nullable Output organization) { } /** - * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param organization Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -735,7 +772,7 @@ public Builder organization(String organization) { } /** - * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * * @return builder * @@ -746,7 +783,7 @@ public Builder password(@Nullable Output password) { } /** - * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param password Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it. * * @return builder * @@ -891,7 +928,7 @@ public Builder timeouts(DbClusterTimeoutsArgs timeouts) { } /** - * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * @@ -902,7 +939,7 @@ public Builder username(@Nullable Output username) { } /** - * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. + * @param username Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group). * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerification.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerification.java new file mode 100644 index 00000000000..9dfbfb320bd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerification.java @@ -0,0 +1,317 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.vpclattice; + +import com.pulumi.aws.Utilities; +import com.pulumi.aws.vpclattice.DomainVerificationArgs; +import com.pulumi.aws.vpclattice.inputs.DomainVerificationState; +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import java.lang.String; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Resource for managing an AWS VPC Lattice Domain Verification. + * + * Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources. + * + * ## Example Usage + * + * ### Basic Usage + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.vpclattice.DomainVerification;
+ * import com.pulumi.aws.vpclattice.DomainVerificationArgs;
+ * import com.pulumi.aws.route53.Record;
+ * import com.pulumi.aws.route53.RecordArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new DomainVerification("example", DomainVerificationArgs.builder()
+ *             .domainName("example.com")
+ *             .build());
+ * 
+ *         // Create DNS TXT record for domain verification
+ *         var exampleRecord = new Record("exampleRecord", RecordArgs.builder()
+ *             .zoneId(exampleAwsRoute53Zone.zoneId())
+ *             .name(example.txtRecordName())
+ *             .type("TXT")
+ *             .ttl(300)
+ *             .records(example.txtRecordValue())
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * + * ### With Tags + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.vpclattice.DomainVerification;
+ * import com.pulumi.aws.vpclattice.DomainVerificationArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new DomainVerification("example", DomainVerificationArgs.builder()
+ *             .domainName("example.com")
+ *             .tags(Map.ofEntries(
+ *                 Map.entry("Environment", "production"),
+ *                 Map.entry("Purpose", "domain-verification")
+ *             ))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * + * ## Import + * + * Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example: + * + * ```sh + * $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f + * ``` + * + */ +@ResourceType(type="aws:vpclattice/domainVerification:DomainVerification") +public class DomainVerification extends com.pulumi.resources.CustomResource { + /** + * The Amazon Resource Name (ARN) of the domain verification. + * + */ + @Export(name="arn", refs={String.class}, tree="[0]") + private Output arn; + + /** + * @return The Amazon Resource Name (ARN) of the domain verification. + * + */ + public Output arn() { + return this.arn; + } + /** + * The date and time that the domain verification was created, in ISO-8601 format. + * + */ + @Export(name="createdAt", refs={String.class}, tree="[0]") + private Output createdAt; + + /** + * @return The date and time that the domain verification was created, in ISO-8601 format. + * + */ + public Output createdAt() { + return this.createdAt; + } + /** + * The domain name to verify ownership for. + * + * The following arguments are optional: + * + */ + @Export(name="domainName", refs={String.class}, tree="[0]") + private Output domainName; + + /** + * @return The domain name to verify ownership for. + * + * The following arguments are optional: + * + */ + public Output domainName() { + return this.domainName; + } + /** + * The date and time that the domain was last successfully verified, in ISO-8601 format. + * + */ + @Export(name="lastVerifiedTime", refs={String.class}, tree="[0]") + private Output lastVerifiedTime; + + /** + * @return The date and time that the domain was last successfully verified, in ISO-8601 format. + * + */ + public Output lastVerifiedTime() { + return this.lastVerifiedTime; + } + /** + * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + */ + @Export(name="region", refs={String.class}, tree="[0]") + private Output region; + + /** + * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + */ + public Output region() { + return this.region; + } + /** + * The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + * + */ + @Export(name="status", refs={String.class}, tree="[0]") + private Output status; + + /** + * @return The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`. + * + */ + public Output status() { + return this.status; + } + /** + * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + */ + @Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> tags; + + /** + * @return Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + */ + public Output>> tags() { + return Codegen.optional(this.tags); + } + /** + * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. + * + */ + @Export(name="tagsAll", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> tagsAll; + + /** + * @return Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. + * + */ + public Output> tagsAll() { + return this.tagsAll; + } + /** + * The name of the TXT record that must be created for domain verification. + * + */ + @Export(name="txtRecordName", refs={String.class}, tree="[0]") + private Output txtRecordName; + + /** + * @return The name of the TXT record that must be created for domain verification. + * + */ + public Output txtRecordName() { + return this.txtRecordName; + } + /** + * The value that must be added to the TXT record for domain verification. + * + */ + @Export(name="txtRecordValue", refs={String.class}, tree="[0]") + private Output txtRecordValue; + + /** + * @return The value that must be added to the TXT record for domain verification. + * + */ + public Output txtRecordValue() { + return this.txtRecordValue; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public DomainVerification(java.lang.String name) { + this(name, DomainVerificationArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public DomainVerification(java.lang.String name, DomainVerificationArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public DomainVerification(java.lang.String name, DomainVerificationArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("aws:vpclattice/domainVerification:DomainVerification", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false); + } + + private DomainVerification(java.lang.String name, Output id, @Nullable DomainVerificationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("aws:vpclattice/domainVerification:DomainVerification", name, state, makeResourceOptions(options, id), false); + } + + private static DomainVerificationArgs makeArgs(DomainVerificationArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + if (options != null && options.getUrn().isPresent()) { + return null; + } + return args == null ? DomainVerificationArgs.Empty : args; + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static DomainVerification get(java.lang.String name, Output id, @Nullable DomainVerificationState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new DomainVerification(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerificationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerificationArgs.java new file mode 100644 index 00000000000..daec3028004 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/DomainVerificationArgs.java @@ -0,0 +1,170 @@ +// *** WARNING: this file was generated by pulumi-language-java. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.aws.vpclattice; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class DomainVerificationArgs extends com.pulumi.resources.ResourceArgs { + + public static final DomainVerificationArgs Empty = new DomainVerificationArgs(); + + /** + * The domain name to verify ownership for. + * + * The following arguments are optional: + * + */ + @Import(name="domainName", required=true) + private Output domainName; + + /** + * @return The domain name to verify ownership for. + * + * The following arguments are optional: + * + */ + public Output domainName() { + return this.domainName; + } + + /** + * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + */ + @Import(name="region") + private @Nullable Output region; + + /** + * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + */ + public Optional> region() { + return Optional.ofNullable(this.region); + } + + /** + * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + */ + @Import(name="tags") + private @Nullable Output> tags; + + /** + * @return Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + */ + public Optional>> tags() { + return Optional.ofNullable(this.tags); + } + + private DomainVerificationArgs() {} + + private DomainVerificationArgs(DomainVerificationArgs $) { + this.domainName = $.domainName; + this.region = $.region; + this.tags = $.tags; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(DomainVerificationArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private DomainVerificationArgs $; + + public Builder() { + $ = new DomainVerificationArgs(); + } + + public Builder(DomainVerificationArgs defaults) { + $ = new DomainVerificationArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param domainName The domain name to verify ownership for. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder domainName(Output domainName) { + $.domainName = domainName; + return this; + } + + /** + * @param domainName The domain name to verify ownership for. + * + * The following arguments are optional: + * + * @return builder + * + */ + public Builder domainName(String domainName) { + return domainName(Output.of(domainName)); + } + + /** + * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + * @return builder + * + */ + public Builder region(@Nullable Output region) { + $.region = region; + return this; + } + + /** + * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. + * + * @return builder + * + */ + public Builder region(String region) { + return region(Output.of(region)); + } + + /** + * @param tags Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + * @return builder + * + */ + public Builder tags(@Nullable Output> tags) { + $.tags = tags; + return this; + } + + /** + * @param tags Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. + * + * @return builder + * + */ + public Builder tags(Map tags) { + return tags(Output.of(tags)); + } + + public DomainVerificationArgs build() { + if ($.domainName == null) { + throw new MissingRequiredPropertyException("DomainVerificationArgs", "domainName"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfiguration.java index 2bd9b51a81d..ca8e05acfd1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfiguration.java @@ -113,6 +113,59 @@ * } * * + * ### With custom domain + * + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.aws.vpclattice.DomainVerification;
+ * import com.pulumi.aws.vpclattice.DomainVerificationArgs;
+ * import com.pulumi.aws.vpclattice.ResourceConfiguration;
+ * import com.pulumi.aws.vpclattice.ResourceConfigurationArgs;
+ * import com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionArgs;
+ * import com.pulumi.aws.vpclattice.inputs.ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var example = new DomainVerification("example", DomainVerificationArgs.builder()
+ *             .domainName("example.com")
+ *             .build());
+ * 
+ *         var exampleResourceConfiguration = new ResourceConfiguration("exampleResourceConfiguration", ResourceConfigurationArgs.builder()
+ *             .name("Example")
+ *             .resourceGatewayIdentifier(exampleAwsVpclatticeResourceGateway.id())
+ *             .customDomainName("custom.example.com")
+ *             .domainVerificationId(example.id())
+ *             .portRanges("443")
+ *             .protocol("TCP")
+ *             .resourceConfigurationDefinition(ResourceConfigurationResourceConfigurationDefinitionArgs.builder()
+ *                 .dnsResource(ResourceConfigurationResourceConfigurationDefinitionDnsResourceArgs.builder()
+ *                     .domainName("test.example.com")
+ *                     .ipAddressType("IPV4")
+ *                     .build())
+ *                 .build())
+ *             .tags(Map.of("Environment", "Example"))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * * ### ARN Example * * 
@@ -194,6 +247,62 @@ public Output allowAssociationToShareableServiceNetwork() {
     public Output arn() {
         return this.arn;
     }
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    @Export(name="customDomainName", refs={String.class}, tree="[0]")
+    private Output customDomainName;
+
+    /**
+     * @return Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    public Output> customDomainName() {
+        return Codegen.optional(this.customDomainName);
+    }
+    /**
+     * ARN of the domain verification.
+     * 
+     */
+    @Export(name="domainVerificationArn", refs={String.class}, tree="[0]")
+    private Output domainVerificationArn;
+
+    /**
+     * @return ARN of the domain verification.
+     * 
+     */
+    public Output domainVerificationArn() {
+        return this.domainVerificationArn;
+    }
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    @Export(name="domainVerificationId", refs={String.class}, tree="[0]")
+    private Output domainVerificationId;
+
+    /**
+     * @return The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    public Output domainVerificationId() {
+        return this.domainVerificationId;
+    }
+    /**
+     * Domain verification status.
+     * 
+     */
+    @Export(name="domainVerificationStatus", refs={String.class}, tree="[0]")
+    private Output domainVerificationStatus;
+
+    /**
+     * @return Domain verification status.
+     * 
+     */
+    public Output domainVerificationStatus() {
+        return this.domainVerificationStatus;
+    }
     /**
      * Name for the Resource Configuration.
      * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfigurationArgs.java
index 0c2ac1e1404..6eb59ed5e31 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfigurationArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourceConfigurationArgs.java
@@ -35,6 +35,36 @@ public Optional> allowAssociationToShareableServiceNetwork() {
         return Optional.ofNullable(this.allowAssociationToShareableServiceNetwork);
     }
 
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    @Import(name="customDomainName")
+    private @Nullable Output customDomainName;
+
+    /**
+     * @return Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    public Optional> customDomainName() {
+        return Optional.ofNullable(this.customDomainName);
+    }
+
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    @Import(name="domainVerificationId")
+    private @Nullable Output domainVerificationId;
+
+    /**
+     * @return The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    public Optional> domainVerificationId() {
+        return Optional.ofNullable(this.domainVerificationId);
+    }
+
     /**
      * Name for the Resource Configuration.
      * 
@@ -185,6 +215,8 @@ private ResourceConfigurationArgs() {}
 
     private ResourceConfigurationArgs(ResourceConfigurationArgs $) {
         this.allowAssociationToShareableServiceNetwork = $.allowAssociationToShareableServiceNetwork;
+        this.customDomainName = $.customDomainName;
+        this.domainVerificationId = $.domainVerificationId;
         this.name = $.name;
         this.portRanges = $.portRanges;
         this.protocol = $.protocol;
@@ -236,6 +268,48 @@ public Builder allowAssociationToShareableServiceNetwork(Boolean allowAssociatio
             return allowAssociationToShareableServiceNetwork(Output.of(allowAssociationToShareableServiceNetwork));
         }
 
+        /**
+         * @param customDomainName Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder customDomainName(@Nullable Output customDomainName) {
+            $.customDomainName = customDomainName;
+            return this;
+        }
+
+        /**
+         * @param customDomainName Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder customDomainName(String customDomainName) {
+            return customDomainName(Output.of(customDomainName));
+        }
+
+        /**
+         * @param domainVerificationId The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationId(@Nullable Output domainVerificationId) {
+            $.domainVerificationId = domainVerificationId;
+            return this;
+        }
+
+        /**
+         * @param domainVerificationId The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationId(String domainVerificationId) {
+            return domainVerificationId(Output.of(domainVerificationId));
+        }
+
         /**
          * @param name Name for the Resource Configuration.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/DomainVerificationState.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/DomainVerificationState.java
new file mode 100644
index 00000000000..700830d3454
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/DomainVerificationState.java
@@ -0,0 +1,425 @@
+// *** WARNING: this file was generated by pulumi-language-java. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.vpclattice.inputs;
+
+import com.pulumi.core.Output;
+import com.pulumi.core.annotations.Import;
+import java.lang.String;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Optional;
+import javax.annotation.Nullable;
+
+
+public final class DomainVerificationState extends com.pulumi.resources.ResourceArgs {
+
+    public static final DomainVerificationState Empty = new DomainVerificationState();
+
+    /**
+     * The Amazon Resource Name (ARN) of the domain verification.
+     * 
+     */
+    @Import(name="arn")
+    private @Nullable Output arn;
+
+    /**
+     * @return The Amazon Resource Name (ARN) of the domain verification.
+     * 
+     */
+    public Optional> arn() {
+        return Optional.ofNullable(this.arn);
+    }
+
+    /**
+     * The date and time that the domain verification was created, in ISO-8601 format.
+     * 
+     */
+    @Import(name="createdAt")
+    private @Nullable Output createdAt;
+
+    /**
+     * @return The date and time that the domain verification was created, in ISO-8601 format.
+     * 
+     */
+    public Optional> createdAt() {
+        return Optional.ofNullable(this.createdAt);
+    }
+
+    /**
+     * The domain name to verify ownership for.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    @Import(name="domainName")
+    private @Nullable Output domainName;
+
+    /**
+     * @return The domain name to verify ownership for.
+     * 
+     * The following arguments are optional:
+     * 
+     */
+    public Optional> domainName() {
+        return Optional.ofNullable(this.domainName);
+    }
+
+    /**
+     * The date and time that the domain was last successfully verified, in ISO-8601 format.
+     * 
+     */
+    @Import(name="lastVerifiedTime")
+    private @Nullable Output lastVerifiedTime;
+
+    /**
+     * @return The date and time that the domain was last successfully verified, in ISO-8601 format.
+     * 
+     */
+    public Optional> lastVerifiedTime() {
+        return Optional.ofNullable(this.lastVerifiedTime);
+    }
+
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    @Import(name="region")
+    private @Nullable Output region;
+
+    /**
+     * @return Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     * 
+     */
+    public Optional> region() {
+        return Optional.ofNullable(this.region);
+    }
+
+    /**
+     * The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+     * 
+     */
+    @Import(name="status")
+    private @Nullable Output status;
+
+    /**
+     * @return The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+     * 
+     */
+    public Optional> status() {
+        return Optional.ofNullable(this.status);
+    }
+
+    /**
+     * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+     * 
+     */
+    @Import(name="tags")
+    private @Nullable Output> tags;
+
+    /**
+     * @return Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+     * 
+     */
+    public Optional>> tags() {
+        return Optional.ofNullable(this.tags);
+    }
+
+    /**
+     * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+     * 
+     */
+    @Import(name="tagsAll")
+    private @Nullable Output> tagsAll;
+
+    /**
+     * @return Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+     * 
+     */
+    public Optional>> tagsAll() {
+        return Optional.ofNullable(this.tagsAll);
+    }
+
+    /**
+     * The name of the TXT record that must be created for domain verification.
+     * 
+     */
+    @Import(name="txtRecordName")
+    private @Nullable Output txtRecordName;
+
+    /**
+     * @return The name of the TXT record that must be created for domain verification.
+     * 
+     */
+    public Optional> txtRecordName() {
+        return Optional.ofNullable(this.txtRecordName);
+    }
+
+    /**
+     * The value that must be added to the TXT record for domain verification.
+     * 
+     */
+    @Import(name="txtRecordValue")
+    private @Nullable Output txtRecordValue;
+
+    /**
+     * @return The value that must be added to the TXT record for domain verification.
+     * 
+     */
+    public Optional> txtRecordValue() {
+        return Optional.ofNullable(this.txtRecordValue);
+    }
+
+    private DomainVerificationState() {}
+
+    private DomainVerificationState(DomainVerificationState $) {
+        this.arn = $.arn;
+        this.createdAt = $.createdAt;
+        this.domainName = $.domainName;
+        this.lastVerifiedTime = $.lastVerifiedTime;
+        this.region = $.region;
+        this.status = $.status;
+        this.tags = $.tags;
+        this.tagsAll = $.tagsAll;
+        this.txtRecordName = $.txtRecordName;
+        this.txtRecordValue = $.txtRecordValue;
+    }
+
+    public static Builder builder() {
+        return new Builder();
+    }
+    public static Builder builder(DomainVerificationState defaults) {
+        return new Builder(defaults);
+    }
+
+    public static final class Builder {
+        private DomainVerificationState $;
+
+        public Builder() {
+            $ = new DomainVerificationState();
+        }
+
+        public Builder(DomainVerificationState defaults) {
+            $ = new DomainVerificationState(Objects.requireNonNull(defaults));
+        }
+
+        /**
+         * @param arn The Amazon Resource Name (ARN) of the domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder arn(@Nullable Output arn) {
+            $.arn = arn;
+            return this;
+        }
+
+        /**
+         * @param arn The Amazon Resource Name (ARN) of the domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder arn(String arn) {
+            return arn(Output.of(arn));
+        }
+
+        /**
+         * @param createdAt The date and time that the domain verification was created, in ISO-8601 format.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder createdAt(@Nullable Output createdAt) {
+            $.createdAt = createdAt;
+            return this;
+        }
+
+        /**
+         * @param createdAt The date and time that the domain verification was created, in ISO-8601 format.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder createdAt(String createdAt) {
+            return createdAt(Output.of(createdAt));
+        }
+
+        /**
+         * @param domainName The domain name to verify ownership for.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainName(@Nullable Output domainName) {
+            $.domainName = domainName;
+            return this;
+        }
+
+        /**
+         * @param domainName The domain name to verify ownership for.
+         * 
+         * The following arguments are optional:
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainName(String domainName) {
+            return domainName(Output.of(domainName));
+        }
+
+        /**
+         * @param lastVerifiedTime The date and time that the domain was last successfully verified, in ISO-8601 format.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder lastVerifiedTime(@Nullable Output lastVerifiedTime) {
+            $.lastVerifiedTime = lastVerifiedTime;
+            return this;
+        }
+
+        /**
+         * @param lastVerifiedTime The date and time that the domain was last successfully verified, in ISO-8601 format.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder lastVerifiedTime(String lastVerifiedTime) {
+            return lastVerifiedTime(Output.of(lastVerifiedTime));
+        }
+
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(@Nullable Output region) {
+            $.region = region;
+            return this;
+        }
+
+        /**
+         * @param region Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder region(String region) {
+            return region(Output.of(region));
+        }
+
+        /**
+         * @param status The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder status(@Nullable Output status) {
+            $.status = status;
+            return this;
+        }
+
+        /**
+         * @param status The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder status(String status) {
+            return status(Output.of(status));
+        }
+
+        /**
+         * @param tags Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder tags(@Nullable Output> tags) {
+            $.tags = tags;
+            return this;
+        }
+
+        /**
+         * @param tags Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder tags(Map tags) {
+            return tags(Output.of(tags));
+        }
+
+        /**
+         * @param tagsAll Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder tagsAll(@Nullable Output> tagsAll) {
+            $.tagsAll = tagsAll;
+            return this;
+        }
+
+        /**
+         * @param tagsAll Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder tagsAll(Map tagsAll) {
+            return tagsAll(Output.of(tagsAll));
+        }
+
+        /**
+         * @param txtRecordName The name of the TXT record that must be created for domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder txtRecordName(@Nullable Output txtRecordName) {
+            $.txtRecordName = txtRecordName;
+            return this;
+        }
+
+        /**
+         * @param txtRecordName The name of the TXT record that must be created for domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder txtRecordName(String txtRecordName) {
+            return txtRecordName(Output.of(txtRecordName));
+        }
+
+        /**
+         * @param txtRecordValue The value that must be added to the TXT record for domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder txtRecordValue(@Nullable Output txtRecordValue) {
+            $.txtRecordValue = txtRecordValue;
+            return this;
+        }
+
+        /**
+         * @param txtRecordValue The value that must be added to the TXT record for domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder txtRecordValue(String txtRecordValue) {
+            return txtRecordValue(Output.of(txtRecordValue));
+        }
+
+        public DomainVerificationState build() {
+            return $;
+        }
+    }
+
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/ResourceConfigurationState.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/ResourceConfigurationState.java
index 8849b72f466..890f8a1c874 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/ResourceConfigurationState.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/inputs/ResourceConfigurationState.java
@@ -50,6 +50,66 @@ public Optional> arn() {
         return Optional.ofNullable(this.arn);
     }
 
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    @Import(name="customDomainName")
+    private @Nullable Output customDomainName;
+
+    /**
+     * @return Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     * 
+     */
+    public Optional> customDomainName() {
+        return Optional.ofNullable(this.customDomainName);
+    }
+
+    /**
+     * ARN of the domain verification.
+     * 
+     */
+    @Import(name="domainVerificationArn")
+    private @Nullable Output domainVerificationArn;
+
+    /**
+     * @return ARN of the domain verification.
+     * 
+     */
+    public Optional> domainVerificationArn() {
+        return Optional.ofNullable(this.domainVerificationArn);
+    }
+
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    @Import(name="domainVerificationId")
+    private @Nullable Output domainVerificationId;
+
+    /**
+     * @return The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     * 
+     */
+    public Optional> domainVerificationId() {
+        return Optional.ofNullable(this.domainVerificationId);
+    }
+
+    /**
+     * Domain verification status.
+     * 
+     */
+    @Import(name="domainVerificationStatus")
+    private @Nullable Output domainVerificationStatus;
+
+    /**
+     * @return Domain verification status.
+     * 
+     */
+    public Optional> domainVerificationStatus() {
+        return Optional.ofNullable(this.domainVerificationStatus);
+    }
+
     /**
      * Name for the Resource Configuration.
      * 
@@ -216,6 +276,10 @@ private ResourceConfigurationState() {}
     private ResourceConfigurationState(ResourceConfigurationState $) {
         this.allowAssociationToShareableServiceNetwork = $.allowAssociationToShareableServiceNetwork;
         this.arn = $.arn;
+        this.customDomainName = $.customDomainName;
+        this.domainVerificationArn = $.domainVerificationArn;
+        this.domainVerificationId = $.domainVerificationId;
+        this.domainVerificationStatus = $.domainVerificationStatus;
         this.name = $.name;
         this.portRanges = $.portRanges;
         this.protocol = $.protocol;
@@ -289,6 +353,90 @@ public Builder arn(String arn) {
             return arn(Output.of(arn));
         }
 
+        /**
+         * @param customDomainName Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder customDomainName(@Nullable Output customDomainName) {
+            $.customDomainName = customDomainName;
+            return this;
+        }
+
+        /**
+         * @param customDomainName Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder customDomainName(String customDomainName) {
+            return customDomainName(Output.of(customDomainName));
+        }
+
+        /**
+         * @param domainVerificationArn ARN of the domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationArn(@Nullable Output domainVerificationArn) {
+            $.domainVerificationArn = domainVerificationArn;
+            return this;
+        }
+
+        /**
+         * @param domainVerificationArn ARN of the domain verification.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationArn(String domainVerificationArn) {
+            return domainVerificationArn(Output.of(domainVerificationArn));
+        }
+
+        /**
+         * @param domainVerificationId The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationId(@Nullable Output domainVerificationId) {
+            $.domainVerificationId = domainVerificationId;
+            return this;
+        }
+
+        /**
+         * @param domainVerificationId The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationId(String domainVerificationId) {
+            return domainVerificationId(Output.of(domainVerificationId));
+        }
+
+        /**
+         * @param domainVerificationStatus Domain verification status.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationStatus(@Nullable Output domainVerificationStatus) {
+            $.domainVerificationStatus = domainVerificationStatus;
+            return this;
+        }
+
+        /**
+         * @param domainVerificationStatus Domain verification status.
+         * 
+         * @return builder
+         * 
+         */
+        public Builder domainVerificationStatus(String domainVerificationStatus) {
+            return domainVerificationStatus(Output.of(domainVerificationStatus));
+        }
+
         /**
          * @param name Name for the Resource Configuration.
          * 
diff --git a/sdk/java/src/main/java/com/pulumi/aws/wafv2/RuleGroup.java b/sdk/java/src/main/java/com/pulumi/aws/wafv2/RuleGroup.java
index 2d3a5fa05ba..7f5947d7722 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/wafv2/RuleGroup.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/wafv2/RuleGroup.java
@@ -165,33 +165,35 @@
  *                         .block(RuleGroupRuleActionBlockArgs.builder()
  *                             .build())
  *                         .build())
- *                     .statement(Map.of("notStatement", Map.of("statements", Map.of("andStatement", RuleGroupRuleStatementAndStatementArgs.builder()
- *                         .statements(                        
- *                             RuleGroupRuleStatementArgs.builder()
- *                                 .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()
- *                                     .countryCodes("US")
- *                                     .build())
- *                                 .build(),
- *                             RuleGroupRuleStatementArgs.builder()
- *                                 .byteMatchStatement(RuleGroupRuleStatementByteMatchStatementArgs.builder()
- *                                     .positionalConstraint("CONTAINS")
- *                                     .searchString("word")
- *                                     .fieldToMatch(RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs.builder()
- *                                         .allQueryArguments(RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs.builder()
- *                                             .build())
+ *                     .statement(RuleGroupRuleStatementArgs.builder()
+ *                         .notStatement(RuleGroupRuleStatementNotStatementArgs.builder()
+ *                             .statements(Map.of("andStatement", Map.of("statements",                             
+ *                                 RuleGroupRuleStatementArgs.builder()
+ *                                     .geoMatchStatement(RuleGroupRuleStatementGeoMatchStatementArgs.builder()
+ *                                         .countryCodes("US")
  *                                         .build())
- *                                     .textTransformations(                                    
- *                                         RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()
- *                                             .priority(5)
- *                                             .type("CMD_LINE")
- *                                             .build(),
- *                                         RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()
- *                                             .priority(2)
- *                                             .type("LOWERCASE")
+ *                                     .build(),
+ *                                 RuleGroupRuleStatementArgs.builder()
+ *                                     .byteMatchStatement(RuleGroupRuleStatementByteMatchStatementArgs.builder()
+ *                                         .positionalConstraint("CONTAINS")
+ *                                         .searchString("word")
+ *                                         .fieldToMatch(RuleGroupRuleStatementByteMatchStatementFieldToMatchArgs.builder()
+ *                                             .allQueryArguments(RuleGroupRuleStatementByteMatchStatementFieldToMatchAllQueryArgumentsArgs.builder()
+ *                                                 .build())
  *                                             .build())
- *                                     .build())
- *                                 .build())
- *                         .build()))))
+ *                                         .textTransformations(                                        
+ *                                             RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()
+ *                                                 .priority(5)
+ *                                                 .type("CMD_LINE")
+ *                                                 .build(),
+ *                                             RuleGroupRuleStatementByteMatchStatementTextTransformationArgs.builder()
+ *                                                 .priority(2)
+ *                                                 .type("LOWERCASE")
+ *                                                 .build())
+ *                                         .build())
+ *                                     .build())))
+ *                             .build())
+ *                         .build())
  *                     .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()
  *                         .cloudwatchMetricsEnabled(false)
  *                         .metricName("rule-1")
@@ -205,54 +207,56 @@
  *                         .count(RuleGroupRuleActionCountArgs.builder()
  *                             .build())
  *                         .build())
- *                     .statement(Map.of("orStatement", Map.of("statements",                     
- *                         RuleGroupRuleStatementArgs.builder()
- *                             .regexMatchStatement(RuleGroupRuleStatementRegexMatchStatementArgs.builder()
- *                                 .regexString("a-z?")
- *                                 .fieldToMatch(RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs.builder()
- *                                     .singleHeader(RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs.builder()
- *                                         .name("user-agent")
+ *                     .statement(Map.of("orStatement", RuleGroupRuleStatementOrStatementArgs.builder()
+ *                         .statements(                        
+ *                             RuleGroupRuleStatementArgs.builder()
+ *                                 .regexMatchStatement(RuleGroupRuleStatementRegexMatchStatementArgs.builder()
+ *                                     .regexString("a-z?")
+ *                                     .fieldToMatch(RuleGroupRuleStatementRegexMatchStatementFieldToMatchArgs.builder()
+ *                                         .singleHeader(RuleGroupRuleStatementRegexMatchStatementFieldToMatchSingleHeaderArgs.builder()
+ *                                             .name("user-agent")
+ *                                             .build())
+ *                                         .build())
+ *                                     .textTransformations(RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs.builder()
+ *                                         .priority(6)
+ *                                         .type("NONE")
  *                                         .build())
  *                                     .build())
- *                                 .textTransformations(RuleGroupRuleStatementRegexMatchStatementTextTransformationArgs.builder()
- *                                     .priority(6)
- *                                     .type("NONE")
- *                                     .build())
- *                                 .build())
- *                             .build(),
- *                         RuleGroupRuleStatementArgs.builder()
- *                             .sqliMatchStatement(RuleGroupRuleStatementSqliMatchStatementArgs.builder()
- *                                 .fieldToMatch(RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs.builder()
- *                                     .body(RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs.builder()
+ *                                 .build(),
+ *                             RuleGroupRuleStatementArgs.builder()
+ *                                 .sqliMatchStatement(RuleGroupRuleStatementSqliMatchStatementArgs.builder()
+ *                                     .fieldToMatch(RuleGroupRuleStatementSqliMatchStatementFieldToMatchArgs.builder()
+ *                                         .body(RuleGroupRuleStatementSqliMatchStatementFieldToMatchBodyArgs.builder()
+ *                                             .build())
  *                                         .build())
+ *                                     .textTransformations(                                    
+ *                                         RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
+ *                                             .priority(5)
+ *                                             .type("URL_DECODE")
+ *                                             .build(),
+ *                                         RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
+ *                                             .priority(4)
+ *                                             .type("HTML_ENTITY_DECODE")
+ *                                             .build(),
+ *                                         RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
+ *                                             .priority(3)
+ *                                             .type("COMPRESS_WHITE_SPACE")
+ *                                             .build())
  *                                     .build())
- *                                 .textTransformations(                                
- *                                     RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
- *                                         .priority(5)
- *                                         .type("URL_DECODE")
- *                                         .build(),
- *                                     RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
- *                                         .priority(4)
- *                                         .type("HTML_ENTITY_DECODE")
- *                                         .build(),
- *                                     RuleGroupRuleStatementSqliMatchStatementTextTransformationArgs.builder()
- *                                         .priority(3)
- *                                         .type("COMPRESS_WHITE_SPACE")
+ *                                 .build(),
+ *                             RuleGroupRuleStatementArgs.builder()
+ *                                 .xssMatchStatement(RuleGroupRuleStatementXssMatchStatementArgs.builder()
+ *                                     .fieldToMatch(RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs.builder()
+ *                                         .method(RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs.builder()
+ *                                             .build())
  *                                         .build())
- *                                 .build())
- *                             .build(),
- *                         RuleGroupRuleStatementArgs.builder()
- *                             .xssMatchStatement(RuleGroupRuleStatementXssMatchStatementArgs.builder()
- *                                 .fieldToMatch(RuleGroupRuleStatementXssMatchStatementFieldToMatchArgs.builder()
- *                                     .method(RuleGroupRuleStatementXssMatchStatementFieldToMatchMethodArgs.builder()
+ *                                     .textTransformations(RuleGroupRuleStatementXssMatchStatementTextTransformationArgs.builder()
+ *                                         .priority(2)
+ *                                         .type("NONE")
  *                                         .build())
  *                                     .build())
- *                                 .textTransformations(RuleGroupRuleStatementXssMatchStatementTextTransformationArgs.builder()
- *                                     .priority(2)
- *                                     .type("NONE")
- *                                     .build())
  *                                 .build())
- *                             .build())))
+ *                         .build()))
  *                     .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()
  *                         .cloudwatchMetricsEnabled(false)
  *                         .metricName("rule-2")
@@ -299,28 +303,26 @@
  *                         .block(RuleGroupRuleActionBlockArgs.builder()
  *                             .build())
  *                         .build())
- *                     .statement(Map.of("orStatement", RuleGroupRuleStatementOrStatementArgs.builder()
- *                         .statements(                        
- *                             RuleGroupRuleStatementArgs.builder()
- *                                 .ipSetReferenceStatement(RuleGroupRuleStatementIpSetReferenceStatementArgs.builder()
- *                                     .arn(test.arn())
- *                                     .build())
- *                                 .build(),
- *                             RuleGroupRuleStatementArgs.builder()
- *                                 .regexPatternSetReferenceStatement(RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs.builder()
- *                                     .arn(testRegexPatternSet.arn())
- *                                     .fieldToMatch(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs.builder()
- *                                         .singleHeader(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs.builder()
- *                                             .name("referer")
- *                                             .build())
- *                                         .build())
- *                                     .textTransformations(RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs.builder()
- *                                         .priority(2)
- *                                         .type("NONE")
+ *                     .statement(Map.of("orStatement", Map.of("statements",                     
+ *                         RuleGroupRuleStatementArgs.builder()
+ *                             .ipSetReferenceStatement(RuleGroupRuleStatementIpSetReferenceStatementArgs.builder()
+ *                                 .arn(test.arn())
+ *                                 .build())
+ *                             .build(),
+ *                         RuleGroupRuleStatementArgs.builder()
+ *                             .regexPatternSetReferenceStatement(RuleGroupRuleStatementRegexPatternSetReferenceStatementArgs.builder()
+ *                                 .arn(testRegexPatternSet.arn())
+ *                                 .fieldToMatch(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchArgs.builder()
+ *                                     .singleHeader(RuleGroupRuleStatementRegexPatternSetReferenceStatementFieldToMatchSingleHeaderArgs.builder()
+ *                                         .name("referer")
  *                                         .build())
  *                                     .build())
+ *                                 .textTransformations(RuleGroupRuleStatementRegexPatternSetReferenceStatementTextTransformationArgs.builder()
+ *                                     .priority(2)
+ *                                     .type("NONE")
+ *                                     .build())
  *                                 .build())
- *                         .build()))
+ *                             .build())))
  *                     .visibilityConfig(RuleGroupRuleVisibilityConfigArgs.builder()
  *                         .cloudwatchMetricsEnabled(false)
  *                         .metricName("rule-4")
diff --git a/sdk/nodejs/alb/listener.ts b/sdk/nodejs/alb/listener.ts
index 698fef30fc0..47c1bc8c780 100644
--- a/sdk/nodejs/alb/listener.ts
+++ b/sdk/nodejs/alb/listener.ts
@@ -196,6 +196,49 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### JWT Validation Action
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const test = new aws.lb.Listener("test", {
+ *     loadBalancerArn: testAwsLb.id,
+ *     protocol: "HTTPS",
+ *     port: 443,
+ *     sslPolicy: "ELBSecurityPolicy-2016-08",
+ *     certificateArn: testAwsIamServerCertificate.arn,
+ *     defaultActions: [
+ *         {
+ *             type: "jwt-validation",
+ *             jwtValidation: {
+ *                 issuer: "https://example.com",
+ *                 jwksEndpoint: "https://example.com/.well-known/jwks.json",
+ *                 additionalClaims: [
+ *                     {
+ *                         format: "string-array",
+ *                         name: "claim_name1",
+ *                         values: [
+ *                             "value1",
+ *                             "value2",
+ *                         ],
+ *                     },
+ *                     {
+ *                         format: "single-string",
+ *                         name: "claim_name2",
+ *                         values: ["value1"],
+ *                     },
+ *                 ],
+ *             },
+ *         },
+ *         {
+ *             targetGroupArn: testAwsLbTargetGroup.id,
+ *             type: "forward",
+ *         },
+ *     ],
+ * });
+ * ```
+ *
  * ### Gateway Load Balancer Listener
  *
  * ```typescript
diff --git a/sdk/nodejs/alb/listenerRule.ts b/sdk/nodejs/alb/listenerRule.ts
index 378fbe0e3cd..d7214ae3e7d 100644
--- a/sdk/nodejs/alb/listenerRule.ts
+++ b/sdk/nodejs/alb/listenerRule.ts
@@ -11,209 +11,6 @@ import * as utilities from "../utilities";
  * Provides a Load Balancer Listener Rule resource.
  *
  * > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.
- *
- * ## Example Usage
- *
- * ```typescript
- * import * as pulumi from "@pulumi/pulumi";
- * import * as aws from "@pulumi/aws";
- *
- * const frontEnd = new aws.lb.LoadBalancer("front_end", {});
- * const frontEndListener = new aws.lb.Listener("front_end", {});
- * const static = new aws.lb.ListenerRule("static", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 100,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [
- *         {
- *             pathPattern: {
- *                 values: ["/static/*"],
- *             },
- *         },
- *         {
- *             hostHeader: {
- *                 values: ["example.com"],
- *             },
- *         },
- *     ],
- * });
- * // Forward action
- * const hostBasedWeightedRouting = new aws.lb.ListenerRule("host_based_weighted_routing", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 99,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [{
- *         hostHeader: {
- *             values: ["my-service.*.mycompany.io"],
- *         },
- *     }],
- * });
- * // Weighted Forward action
- * const hostBasedRouting = new aws.lb.ListenerRule("host_based_routing", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 99,
- *     actions: [{
- *         type: "forward",
- *         forward: {
- *             targetGroups: [
- *                 {
- *                     arn: main.arn,
- *                     weight: 80,
- *                 },
- *                 {
- *                     arn: canary.arn,
- *                     weight: 20,
- *                 },
- *             ],
- *             stickiness: {
- *                 enabled: true,
- *                 duration: 600,
- *             },
- *         },
- *     }],
- *     conditions: [{
- *         hostHeader: {
- *             values: ["my-service.*.mycompany.io"],
- *         },
- *     }],
- * });
- * // Redirect action
- * const redirectHttpToHttps = new aws.lb.ListenerRule("redirect_http_to_https", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "redirect",
- *         redirect: {
- *             port: "443",
- *             protocol: "HTTPS",
- *             statusCode: "HTTP_301",
- *         },
- *     }],
- *     conditions: [{
- *         httpHeader: {
- *             httpHeaderName: "X-Forwarded-For",
- *             values: ["192.168.1.*"],
- *         },
- *     }],
- * });
- * // Fixed-response action
- * const healthCheck = new aws.lb.ListenerRule("health_check", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "fixed-response",
- *         fixedResponse: {
- *             contentType: "text/plain",
- *             messageBody: "HEALTHY",
- *             statusCode: "200",
- *         },
- *     }],
- *     conditions: [{
- *         queryStrings: [
- *             {
- *                 key: "health",
- *                 value: "check",
- *             },
- *             {
- *                 value: "bar",
- *             },
- *         ],
- *     }],
- * });
- * // Authenticate-cognito Action
- * const pool = new aws.cognito.UserPool("pool", {});
- * const client = new aws.cognito.UserPoolClient("client", {});
- * const domain = new aws.cognito.UserPoolDomain("domain", {});
- * const admin = new aws.lb.ListenerRule("admin", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [
- *         {
- *             type: "authenticate-cognito",
- *             authenticateCognito: {
- *                 userPoolArn: pool.arn,
- *                 userPoolClientId: client.id,
- *                 userPoolDomain: domain.domain,
- *             },
- *         },
- *         {
- *             type: "forward",
- *             targetGroupArn: staticAwsLbTargetGroup.arn,
- *         },
- *     ],
- * });
- * // Authenticate-oidc Action
- * const oidc = new aws.lb.ListenerRule("oidc", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [
- *         {
- *             type: "authenticate-oidc",
- *             authenticateOidc: {
- *                 authorizationEndpoint: "https://example.com/authorization_endpoint",
- *                 clientId: "client_id",
- *                 clientSecret: "client_secret",
- *                 issuer: "https://example.com",
- *                 tokenEndpoint: "https://example.com/token_endpoint",
- *                 userInfoEndpoint: "https://example.com/user_info_endpoint",
- *             },
- *         },
- *         {
- *             type: "forward",
- *             targetGroupArn: staticAwsLbTargetGroup.arn,
- *         },
- *     ],
- * });
- * // With transform
- * const transform = new aws.lb.ListenerRule("transform", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [{
- *         pathPattern: {
- *             values: ["*"],
- *         },
- *     }],
- *     transforms: [
- *         {
- *             type: "host-header-rewrite",
- *             hostHeaderRewriteConfig: {
- *                 rewrite: {
- *                     regex: "^mywebsite-(.+).com$",
- *                     replace: "internal.dev.$1.myweb.com",
- *                 },
- *             },
- *         },
- *         {
- *             type: "url-rewrite",
- *             urlRewriteConfig: {
- *                 rewrite: {
- *                     regex: "^/dp/([A-Za-z0-9]+)/?$",
- *                     replace: "/product.php?id=$1",
- *                 },
- *             },
- *         },
- *     ],
- * });
- * ```
- *
- * ## Import
- *
- * ### Identity Schema
- *
- * #### Required
- *
- * - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
- *
- * Using `pulumi import`, import rules using their ARN. For example:
- *
- * console
- *
- * % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
  */
 export class ListenerRule extends pulumi.CustomResource {
     /**
diff --git a/sdk/nodejs/backup/logicallyAirGappedVault.ts b/sdk/nodejs/backup/logicallyAirGappedVault.ts
index b6cef449ba5..d13aa317503 100644
--- a/sdk/nodejs/backup/logicallyAirGappedVault.ts
+++ b/sdk/nodejs/backup/logicallyAirGappedVault.ts
@@ -65,6 +65,10 @@ export class LogicallyAirGappedVault extends pulumi.CustomResource {
      * The ARN of the Logically Air Gapped Backup Vault.
      */
     declare public /*out*/ readonly arn: pulumi.Output;
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     */
+    declare public readonly encryptionKeyArn: pulumi.Output;
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      */
@@ -105,6 +109,7 @@ export class LogicallyAirGappedVault extends pulumi.CustomResource {
         if (opts.id) {
             const state = argsOrState as LogicallyAirGappedVaultState | undefined;
             resourceInputs["arn"] = state?.arn;
+            resourceInputs["encryptionKeyArn"] = state?.encryptionKeyArn;
             resourceInputs["maxRetentionDays"] = state?.maxRetentionDays;
             resourceInputs["minRetentionDays"] = state?.minRetentionDays;
             resourceInputs["name"] = state?.name;
@@ -120,6 +125,7 @@ export class LogicallyAirGappedVault extends pulumi.CustomResource {
             if (args?.minRetentionDays === undefined && !opts.urn) {
                 throw new Error("Missing required property 'minRetentionDays'");
             }
+            resourceInputs["encryptionKeyArn"] = args?.encryptionKeyArn;
             resourceInputs["maxRetentionDays"] = args?.maxRetentionDays;
             resourceInputs["minRetentionDays"] = args?.minRetentionDays;
             resourceInputs["name"] = args?.name;
@@ -142,6 +148,10 @@ export interface LogicallyAirGappedVaultState {
      * The ARN of the Logically Air Gapped Backup Vault.
      */
     arn?: pulumi.Input;
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     */
+    encryptionKeyArn?: pulumi.Input;
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      */
@@ -173,6 +183,10 @@ export interface LogicallyAirGappedVaultState {
  * The set of arguments for constructing a LogicallyAirGappedVault resource.
  */
 export interface LogicallyAirGappedVaultArgs {
+    /**
+     * The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+     */
+    encryptionKeyArn?: pulumi.Input;
     /**
      * Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
      */
diff --git a/sdk/nodejs/bedrock/agentcoreAgentRuntime.ts b/sdk/nodejs/bedrock/agentcoreAgentRuntime.ts
index a63dec41312..5a2b03c0e25 100644
--- a/sdk/nodejs/bedrock/agentcoreAgentRuntime.ts
+++ b/sdk/nodejs/bedrock/agentcoreAgentRuntime.ts
@@ -108,6 +108,33 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### Agent runtime artifact from S3 with Code Configuration
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.bedrock.AgentcoreAgentRuntime("example", {
+ *     agentRuntimeName: "example_agent_runtime",
+ *     roleArn: exampleAwsIamRole.arn,
+ *     agentRuntimeArtifact: {
+ *         codeConfiguration: {
+ *             entryPoints: ["main.py"],
+ *             runtime: "PYTHON_3_13",
+ *             code: {
+ *                 s3: {
+ *                     bucket: "example-bucket",
+ *                     prefix: "example-agent-runtime-code.zip",
+ *                 },
+ *             },
+ *         },
+ *     },
+ *     networkConfiguration: {
+ *         networkMode: "PUBLIC",
+ *     },
+ * });
+ * ```
+ *
  * ## Import
  *
  * Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example:
diff --git a/sdk/nodejs/billing/index.ts b/sdk/nodejs/billing/index.ts
index 50a50aeb08e..bf8daa8b4f0 100644
--- a/sdk/nodejs/billing/index.ts
+++ b/sdk/nodejs/billing/index.ts
@@ -1,6 +1,7 @@
 // *** WARNING: this file was generated by pulumi-language-nodejs. ***
 // *** Do not edit by hand unless you're certain you know what you are doing! ***
 
+import * as pulumi from "@pulumi/pulumi";
 import * as utilities from "../utilities";
 
 // Export members:
@@ -9,3 +10,21 @@ export const getViews: typeof import("./getViews").getViews = null as any;
 export const getViewsOutput: typeof import("./getViews").getViewsOutput = null as any;
 utilities.lazyLoad(exports, ["getViews","getViewsOutput"], () => require("./getViews"));
 
+export { ViewArgs, ViewState } from "./view";
+export type View = import("./view").View;
+export const View: typeof import("./view").View = null as any;
+utilities.lazyLoad(exports, ["View"], () => require("./view"));
+
+
+const _module = {
+    version: utilities.getVersion(),
+    construct: (name: string, type: string, urn: string): pulumi.Resource => {
+        switch (type) {
+            case "aws:billing/view:View":
+                return new View(name, undefined, { urn })
+            default:
+                throw new Error(`unknown resource type ${type}`);
+        }
+    },
+};
+pulumi.runtime.registerResourceModule("aws", "billing/view", _module)
diff --git a/sdk/nodejs/billing/view.ts b/sdk/nodejs/billing/view.ts
new file mode 100644
index 00000000000..03a2f383d11
--- /dev/null
+++ b/sdk/nodejs/billing/view.ts
@@ -0,0 +1,277 @@
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "../types/input";
+import * as outputs from "../types/output";
+import * as enums from "../types/enums";
+import * as utilities from "../utilities";
+
+/**
+ * Manages an AWS Billing View.
+ *
+ * ## Example Usage
+ *
+ * ### Basic Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.billing.View("example", {
+ *     name: "example",
+ *     description: "example description",
+ *     sourceViews: ["arn:aws:billing::123456789012:billingview/example"],
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Using `pulumi import`, import Billing View using the `arn`. For example:
+ *
+ * ```sh
+ * $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example
+ * ```
+ */
+export class View extends pulumi.CustomResource {
+    /**
+     * Get an existing View resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    public static get(name: string, id: pulumi.Input, state?: ViewState, opts?: pulumi.CustomResourceOptions): View {
+        return new View(name, state, { ...opts, id: id });
+    }
+
+    /** @internal */
+    public static readonly __pulumiType = 'aws:billing/view:View';
+
+    /**
+     * Returns true if the given object is an instance of View.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    public static isInstance(obj: any): obj is View {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === View.__pulumiType;
+    }
+
+    /**
+     * ARN of the View.
+     */
+    declare public /*out*/ readonly arn: pulumi.Output;
+    /**
+     * Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+     */
+    declare public /*out*/ readonly billingViewType: pulumi.Output;
+    /**
+     * Timestamp when the billing view was created.
+     */
+    declare public /*out*/ readonly createdAt: pulumi.Output;
+    /**
+     * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+     */
+    declare public readonly dataFilterExpression: pulumi.Output;
+    /**
+     * Number of billing views that use this billing view as a source.
+     */
+    declare public /*out*/ readonly derivedViewCount: pulumi.Output;
+    /**
+     * Description of the custom billing view.
+     */
+    declare public readonly description: pulumi.Output;
+    /**
+     * Name of the custom billing view to be created.
+     */
+    declare public readonly name: pulumi.Output;
+    /**
+     * Account owner of the billing view.
+     */
+    declare public /*out*/ readonly ownerAccountId: pulumi.Output;
+    /**
+     * AWS account ID that owns the source billing view, if this is a derived billing view.
+     */
+    declare public /*out*/ readonly sourceAccountId: pulumi.Output;
+    /**
+     * Number of source views associated with this billing view.
+     */
+    declare public /*out*/ readonly sourceViewCount: pulumi.Output;
+    /**
+     * List of ARNs of the source data views for the custom billing view.
+     *
+     * The following arguments are optional:
+     */
+    declare public readonly sourceViews: pulumi.Output;
+    /**
+     * List of key value map specifying tags associated to the billing view being created.
+     */
+    declare public readonly tags: pulumi.Output<{[key: string]: string} | undefined>;
+    /**
+     * List of key value map specifying tags associated to the billing view.
+     */
+    declare public /*out*/ readonly tagsAll: pulumi.Output<{[key: string]: string}>;
+    declare public readonly timeouts: pulumi.Output;
+    /**
+     * Time when the billing view was last updated.
+     */
+    declare public /*out*/ readonly updatedAt: pulumi.Output;
+    /**
+     * Timestamp of when the billing view definition was last updated.
+     */
+    declare public /*out*/ readonly viewDefinitionLastUpdatedAt: pulumi.Output;
+
+    /**
+     * Create a View resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args?: ViewArgs, opts?: pulumi.CustomResourceOptions)
+    constructor(name: string, argsOrState?: ViewArgs | ViewState, opts?: pulumi.CustomResourceOptions) {
+        let resourceInputs: pulumi.Inputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState as ViewState | undefined;
+            resourceInputs["arn"] = state?.arn;
+            resourceInputs["billingViewType"] = state?.billingViewType;
+            resourceInputs["createdAt"] = state?.createdAt;
+            resourceInputs["dataFilterExpression"] = state?.dataFilterExpression;
+            resourceInputs["derivedViewCount"] = state?.derivedViewCount;
+            resourceInputs["description"] = state?.description;
+            resourceInputs["name"] = state?.name;
+            resourceInputs["ownerAccountId"] = state?.ownerAccountId;
+            resourceInputs["sourceAccountId"] = state?.sourceAccountId;
+            resourceInputs["sourceViewCount"] = state?.sourceViewCount;
+            resourceInputs["sourceViews"] = state?.sourceViews;
+            resourceInputs["tags"] = state?.tags;
+            resourceInputs["tagsAll"] = state?.tagsAll;
+            resourceInputs["timeouts"] = state?.timeouts;
+            resourceInputs["updatedAt"] = state?.updatedAt;
+            resourceInputs["viewDefinitionLastUpdatedAt"] = state?.viewDefinitionLastUpdatedAt;
+        } else {
+            const args = argsOrState as ViewArgs | undefined;
+            resourceInputs["dataFilterExpression"] = args?.dataFilterExpression;
+            resourceInputs["description"] = args?.description;
+            resourceInputs["name"] = args?.name;
+            resourceInputs["sourceViews"] = args?.sourceViews;
+            resourceInputs["tags"] = args?.tags;
+            resourceInputs["timeouts"] = args?.timeouts;
+            resourceInputs["arn"] = undefined /*out*/;
+            resourceInputs["billingViewType"] = undefined /*out*/;
+            resourceInputs["createdAt"] = undefined /*out*/;
+            resourceInputs["derivedViewCount"] = undefined /*out*/;
+            resourceInputs["ownerAccountId"] = undefined /*out*/;
+            resourceInputs["sourceAccountId"] = undefined /*out*/;
+            resourceInputs["sourceViewCount"] = undefined /*out*/;
+            resourceInputs["tagsAll"] = undefined /*out*/;
+            resourceInputs["updatedAt"] = undefined /*out*/;
+            resourceInputs["viewDefinitionLastUpdatedAt"] = undefined /*out*/;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        super(View.__pulumiType, name, resourceInputs, opts);
+    }
+}
+
+/**
+ * Input properties used for looking up and filtering View resources.
+ */
+export interface ViewState {
+    /**
+     * ARN of the View.
+     */
+    arn?: pulumi.Input;
+    /**
+     * Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+     */
+    billingViewType?: pulumi.Input;
+    /**
+     * Timestamp when the billing view was created.
+     */
+    createdAt?: pulumi.Input;
+    /**
+     * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+     */
+    dataFilterExpression?: pulumi.Input;
+    /**
+     * Number of billing views that use this billing view as a source.
+     */
+    derivedViewCount?: pulumi.Input;
+    /**
+     * Description of the custom billing view.
+     */
+    description?: pulumi.Input;
+    /**
+     * Name of the custom billing view to be created.
+     */
+    name?: pulumi.Input;
+    /**
+     * Account owner of the billing view.
+     */
+    ownerAccountId?: pulumi.Input;
+    /**
+     * AWS account ID that owns the source billing view, if this is a derived billing view.
+     */
+    sourceAccountId?: pulumi.Input;
+    /**
+     * Number of source views associated with this billing view.
+     */
+    sourceViewCount?: pulumi.Input;
+    /**
+     * List of ARNs of the source data views for the custom billing view.
+     *
+     * The following arguments are optional:
+     */
+    sourceViews?: pulumi.Input[]>;
+    /**
+     * List of key value map specifying tags associated to the billing view being created.
+     */
+    tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
+    /**
+     * List of key value map specifying tags associated to the billing view.
+     */
+    tagsAll?: pulumi.Input<{[key: string]: pulumi.Input}>;
+    timeouts?: pulumi.Input;
+    /**
+     * Time when the billing view was last updated.
+     */
+    updatedAt?: pulumi.Input;
+    /**
+     * Timestamp of when the billing view definition was last updated.
+     */
+    viewDefinitionLastUpdatedAt?: pulumi.Input;
+}
+
+/**
+ * The set of arguments for constructing a View resource.
+ */
+export interface ViewArgs {
+    /**
+     * Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+     */
+    dataFilterExpression?: pulumi.Input;
+    /**
+     * Description of the custom billing view.
+     */
+    description?: pulumi.Input;
+    /**
+     * Name of the custom billing view to be created.
+     */
+    name?: pulumi.Input;
+    /**
+     * List of ARNs of the source data views for the custom billing view.
+     *
+     * The following arguments are optional:
+     */
+    sourceViews?: pulumi.Input[]>;
+    /**
+     * List of key value map specifying tags associated to the billing view being created.
+     */
+    tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
+    timeouts?: pulumi.Input;
+}
diff --git a/sdk/nodejs/config/vars.ts b/sdk/nodejs/config/vars.ts
index 61979cc9cbe..e4d2a1e93b3 100644
--- a/sdk/nodejs/config/vars.ts
+++ b/sdk/nodejs/config/vars.ts
@@ -324,6 +324,17 @@ Object.defineProperty(exports, "stsRegion", {
     enumerable: true,
 });
 
+/**
+ * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+ */
+export declare const tagPolicyCompliance: string | undefined;
+Object.defineProperty(exports, "tagPolicyCompliance", {
+    get() {
+        return __config.get("tagPolicyCompliance");
+    },
+    enumerable: true,
+});
+
 /**
  * session token. A session token is only required if you are
  * using temporary security credentials.
diff --git a/sdk/nodejs/dynamodb/table.ts b/sdk/nodejs/dynamodb/table.ts
index 29422e58109..f49d71ff3a3 100644
--- a/sdk/nodejs/dynamodb/table.ts
+++ b/sdk/nodejs/dynamodb/table.ts
@@ -109,9 +109,13 @@ import * as utilities from "../utilities";
  *
  * A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read.
  *
+ * You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas.
+ *
  * **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html).
  *
- * Consistency Mode (`consistencyMode`) is a new argument on the embedded `replica` that allows you to configure consistency mode for Global Tables.
+ * Consistency Mode (`consistencyMode`) on the embedded `replica` allows you to configure consistency mode for Global Tables.
+ *
+ * ##### Consistency mode with 3 Replicas
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
@@ -140,6 +144,32 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ##### Consistency Mode with 2 Replicas and Witness Region
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.dynamodb.Table("example", {
+ *     name: "example",
+ *     hashKey: "TestTableHashKey",
+ *     billingMode: "PAY_PER_REQUEST",
+ *     streamEnabled: true,
+ *     streamViewType: "NEW_AND_OLD_IMAGES",
+ *     attributes: [{
+ *         name: "TestTableHashKey",
+ *         type: "S",
+ *     }],
+ *     replicas: [{
+ *         regionName: "us-east-2",
+ *         consistencyMode: "STRONG",
+ *     }],
+ *     globalTableWitness: {
+ *         regionName: "us-west-2",
+ *     },
+ * });
+ * ```
+ *
  * ### Replica Tagging
  *
  * You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `aws.dynamodb.Tag` resource for the other.
@@ -243,6 +273,10 @@ export class Table extends pulumi.CustomResource {
      * Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
      */
     declare public readonly globalSecondaryIndexes: pulumi.Output;
+    /**
+     * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below.
+     */
+    declare public readonly globalTableWitness: pulumi.Output;
     /**
      * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
      */
@@ -366,6 +400,7 @@ export class Table extends pulumi.CustomResource {
             resourceInputs["billingMode"] = state?.billingMode;
             resourceInputs["deletionProtectionEnabled"] = state?.deletionProtectionEnabled;
             resourceInputs["globalSecondaryIndexes"] = state?.globalSecondaryIndexes;
+            resourceInputs["globalTableWitness"] = state?.globalTableWitness;
             resourceInputs["hashKey"] = state?.hashKey;
             resourceInputs["importTable"] = state?.importTable;
             resourceInputs["localSecondaryIndexes"] = state?.localSecondaryIndexes;
@@ -397,6 +432,7 @@ export class Table extends pulumi.CustomResource {
             resourceInputs["billingMode"] = args?.billingMode;
             resourceInputs["deletionProtectionEnabled"] = args?.deletionProtectionEnabled;
             resourceInputs["globalSecondaryIndexes"] = args?.globalSecondaryIndexes;
+            resourceInputs["globalTableWitness"] = args?.globalTableWitness;
             resourceInputs["hashKey"] = args?.hashKey;
             resourceInputs["importTable"] = args?.importTable;
             resourceInputs["localSecondaryIndexes"] = args?.localSecondaryIndexes;
@@ -453,6 +489,10 @@ export interface TableState {
      * Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
      */
     globalSecondaryIndexes?: pulumi.Input[]>;
+    /**
+     * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below.
+     */
+    globalTableWitness?: pulumi.Input;
     /**
      * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
      */
@@ -579,6 +619,10 @@ export interface TableArgs {
      * Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
      */
     globalSecondaryIndexes?: pulumi.Input[]>;
+    /**
+     * Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistencyMode` set to `STRONG`. Other combinations will fail to provision. See below.
+     */
+    globalTableWitness?: pulumi.Input;
     /**
      * Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
      */
diff --git a/sdk/nodejs/ec2/vpnConnection.ts b/sdk/nodejs/ec2/vpnConnection.ts
index c7876b7ce68..f51a1160b7d 100644
--- a/sdk/nodejs/ec2/vpnConnection.ts
+++ b/sdk/nodejs/ec2/vpnConnection.ts
@@ -420,6 +420,10 @@ export class VpnConnection extends pulumi.CustomResource {
      * The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
      */
     declare public /*out*/ readonly tunnel2VgwInsideAddress: pulumi.Output;
+    /**
+     * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`.
+     */
+    declare public readonly tunnelBandwidth: pulumi.Output;
     /**
      * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
      */
@@ -521,6 +525,7 @@ export class VpnConnection extends pulumi.CustomResource {
             resourceInputs["tunnel2ReplayWindowSize"] = state?.tunnel2ReplayWindowSize;
             resourceInputs["tunnel2StartupAction"] = state?.tunnel2StartupAction;
             resourceInputs["tunnel2VgwInsideAddress"] = state?.tunnel2VgwInsideAddress;
+            resourceInputs["tunnelBandwidth"] = state?.tunnelBandwidth;
             resourceInputs["tunnelInsideIpVersion"] = state?.tunnelInsideIpVersion;
             resourceInputs["type"] = state?.type;
             resourceInputs["vgwTelemetries"] = state?.vgwTelemetries;
@@ -586,6 +591,7 @@ export class VpnConnection extends pulumi.CustomResource {
             resourceInputs["tunnel2RekeyMarginTimeSeconds"] = args?.tunnel2RekeyMarginTimeSeconds;
             resourceInputs["tunnel2ReplayWindowSize"] = args?.tunnel2ReplayWindowSize;
             resourceInputs["tunnel2StartupAction"] = args?.tunnel2StartupAction;
+            resourceInputs["tunnelBandwidth"] = args?.tunnelBandwidth;
             resourceInputs["tunnelInsideIpVersion"] = args?.tunnelInsideIpVersion;
             resourceInputs["type"] = args?.type;
             resourceInputs["vpnGatewayId"] = args?.vpnGatewayId;
@@ -904,6 +910,10 @@ export interface VpnConnectionState {
      * The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
      */
     tunnel2VgwInsideAddress?: pulumi.Input;
+    /**
+     * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`.
+     */
+    tunnelBandwidth?: pulumi.Input;
     /**
      * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
      */
@@ -1138,6 +1148,10 @@ export interface VpnConnectionArgs {
      * The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.
      */
     tunnel2StartupAction?: pulumi.Input;
+    /**
+     * Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpnGatewayId` is specified, or `enableAcceleration` is `true`.
+     */
+    tunnelBandwidth?: pulumi.Input;
     /**
      * Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
      */
diff --git a/sdk/nodejs/emr/managedScalingPolicy.ts b/sdk/nodejs/emr/managedScalingPolicy.ts
index f85a3f7f4c5..5d25e0be8d4 100644
--- a/sdk/nodejs/emr/managedScalingPolicy.ts
+++ b/sdk/nodejs/emr/managedScalingPolicy.ts
@@ -86,6 +86,14 @@ export class ManagedScalingPolicy extends pulumi.CustomResource {
      * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
      */
     declare public readonly region: pulumi.Output;
+    /**
+     * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+     */
+    declare public readonly scalingStrategy: pulumi.Output;
+    /**
+     * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+     */
+    declare public readonly utilizationPerformanceIndex: pulumi.Output;
 
     /**
      * Create a ManagedScalingPolicy resource with the given unique name, arguments, and options.
@@ -103,6 +111,8 @@ export class ManagedScalingPolicy extends pulumi.CustomResource {
             resourceInputs["clusterId"] = state?.clusterId;
             resourceInputs["computeLimits"] = state?.computeLimits;
             resourceInputs["region"] = state?.region;
+            resourceInputs["scalingStrategy"] = state?.scalingStrategy;
+            resourceInputs["utilizationPerformanceIndex"] = state?.utilizationPerformanceIndex;
         } else {
             const args = argsOrState as ManagedScalingPolicyArgs | undefined;
             if (args?.clusterId === undefined && !opts.urn) {
@@ -114,6 +124,8 @@ export class ManagedScalingPolicy extends pulumi.CustomResource {
             resourceInputs["clusterId"] = args?.clusterId;
             resourceInputs["computeLimits"] = args?.computeLimits;
             resourceInputs["region"] = args?.region;
+            resourceInputs["scalingStrategy"] = args?.scalingStrategy;
+            resourceInputs["utilizationPerformanceIndex"] = args?.utilizationPerformanceIndex;
         }
         opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
         super(ManagedScalingPolicy.__pulumiType, name, resourceInputs, opts);
@@ -136,6 +148,14 @@ export interface ManagedScalingPolicyState {
      * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
      */
     region?: pulumi.Input;
+    /**
+     * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+     */
+    scalingStrategy?: pulumi.Input;
+    /**
+     * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+     */
+    utilizationPerformanceIndex?: pulumi.Input;
 }
 
 /**
@@ -154,4 +174,12 @@ export interface ManagedScalingPolicyArgs {
      * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
      */
     region?: pulumi.Input;
+    /**
+     * Specifies the scaling strategy. When set to `ADVANCED`, the `utilizationPerformanceIndex` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+     */
+    scalingStrategy?: pulumi.Input;
+    /**
+     * Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scalingStrategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+     */
+    utilizationPerformanceIndex?: pulumi.Input;
 }
diff --git a/sdk/nodejs/lambda/invocation.ts b/sdk/nodejs/lambda/invocation.ts
index 2916e5daa43..eee2ce64ab6 100644
--- a/sdk/nodejs/lambda/invocation.ts
+++ b/sdk/nodejs/lambda/invocation.ts
@@ -102,6 +102,16 @@ import * as utilities from "../utilities";
  * If the `databaseUrl` changes, the Lambda will be invoked again with:
  *
  * When the invocation resource is removed, the final invocation will have:
+ *
+ * ## Import
+ *
+ * Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example:
+ *
+ * ```sh
+ * $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09
+ * ```
+ * Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function.
+ * To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function.
  */
 export class Invocation extends pulumi.CustomResource {
     /**
diff --git a/sdk/nodejs/lb/listener.ts b/sdk/nodejs/lb/listener.ts
index 1a9601ad70c..fc42b0e686e 100644
--- a/sdk/nodejs/lb/listener.ts
+++ b/sdk/nodejs/lb/listener.ts
@@ -196,6 +196,49 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### JWT Validation Action
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const test = new aws.lb.Listener("test", {
+ *     loadBalancerArn: testAwsLb.id,
+ *     protocol: "HTTPS",
+ *     port: 443,
+ *     sslPolicy: "ELBSecurityPolicy-2016-08",
+ *     certificateArn: testAwsIamServerCertificate.arn,
+ *     defaultActions: [
+ *         {
+ *             type: "jwt-validation",
+ *             jwtValidation: {
+ *                 issuer: "https://example.com",
+ *                 jwksEndpoint: "https://example.com/.well-known/jwks.json",
+ *                 additionalClaims: [
+ *                     {
+ *                         format: "string-array",
+ *                         name: "claim_name1",
+ *                         values: [
+ *                             "value1",
+ *                             "value2",
+ *                         ],
+ *                     },
+ *                     {
+ *                         format: "single-string",
+ *                         name: "claim_name2",
+ *                         values: ["value1"],
+ *                     },
+ *                 ],
+ *             },
+ *         },
+ *         {
+ *             targetGroupArn: testAwsLbTargetGroup.id,
+ *             type: "forward",
+ *         },
+ *     ],
+ * });
+ * ```
+ *
  * ### Gateway Load Balancer Listener
  *
  * ```typescript
diff --git a/sdk/nodejs/lb/listenerRule.ts b/sdk/nodejs/lb/listenerRule.ts
index 1eee5b05758..5f61dd2c7d3 100644
--- a/sdk/nodejs/lb/listenerRule.ts
+++ b/sdk/nodejs/lb/listenerRule.ts
@@ -11,209 +11,6 @@ import * as utilities from "../utilities";
  * Provides a Load Balancer Listener Rule resource.
  *
  * > **Note:** `aws.alb.ListenerRule` is known as `aws.lb.ListenerRule`. The functionality is identical.
- *
- * ## Example Usage
- *
- * ```typescript
- * import * as pulumi from "@pulumi/pulumi";
- * import * as aws from "@pulumi/aws";
- *
- * const frontEnd = new aws.lb.LoadBalancer("front_end", {});
- * const frontEndListener = new aws.lb.Listener("front_end", {});
- * const static = new aws.lb.ListenerRule("static", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 100,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [
- *         {
- *             pathPattern: {
- *                 values: ["/static/*"],
- *             },
- *         },
- *         {
- *             hostHeader: {
- *                 values: ["example.com"],
- *             },
- *         },
- *     ],
- * });
- * // Forward action
- * const hostBasedWeightedRouting = new aws.lb.ListenerRule("host_based_weighted_routing", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 99,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [{
- *         hostHeader: {
- *             values: ["my-service.*.mycompany.io"],
- *         },
- *     }],
- * });
- * // Weighted Forward action
- * const hostBasedRouting = new aws.lb.ListenerRule("host_based_routing", {
- *     listenerArn: frontEndListener.arn,
- *     priority: 99,
- *     actions: [{
- *         type: "forward",
- *         forward: {
- *             targetGroups: [
- *                 {
- *                     arn: main.arn,
- *                     weight: 80,
- *                 },
- *                 {
- *                     arn: canary.arn,
- *                     weight: 20,
- *                 },
- *             ],
- *             stickiness: {
- *                 enabled: true,
- *                 duration: 600,
- *             },
- *         },
- *     }],
- *     conditions: [{
- *         hostHeader: {
- *             values: ["my-service.*.mycompany.io"],
- *         },
- *     }],
- * });
- * // Redirect action
- * const redirectHttpToHttps = new aws.lb.ListenerRule("redirect_http_to_https", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "redirect",
- *         redirect: {
- *             port: "443",
- *             protocol: "HTTPS",
- *             statusCode: "HTTP_301",
- *         },
- *     }],
- *     conditions: [{
- *         httpHeader: {
- *             httpHeaderName: "X-Forwarded-For",
- *             values: ["192.168.1.*"],
- *         },
- *     }],
- * });
- * // Fixed-response action
- * const healthCheck = new aws.lb.ListenerRule("health_check", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "fixed-response",
- *         fixedResponse: {
- *             contentType: "text/plain",
- *             messageBody: "HEALTHY",
- *             statusCode: "200",
- *         },
- *     }],
- *     conditions: [{
- *         queryStrings: [
- *             {
- *                 key: "health",
- *                 value: "check",
- *             },
- *             {
- *                 value: "bar",
- *             },
- *         ],
- *     }],
- * });
- * // Authenticate-cognito Action
- * const pool = new aws.cognito.UserPool("pool", {});
- * const client = new aws.cognito.UserPoolClient("client", {});
- * const domain = new aws.cognito.UserPoolDomain("domain", {});
- * const admin = new aws.lb.ListenerRule("admin", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [
- *         {
- *             type: "authenticate-cognito",
- *             authenticateCognito: {
- *                 userPoolArn: pool.arn,
- *                 userPoolClientId: client.id,
- *                 userPoolDomain: domain.domain,
- *             },
- *         },
- *         {
- *             type: "forward",
- *             targetGroupArn: staticAwsLbTargetGroup.arn,
- *         },
- *     ],
- * });
- * // Authenticate-oidc Action
- * const oidc = new aws.lb.ListenerRule("oidc", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [
- *         {
- *             type: "authenticate-oidc",
- *             authenticateOidc: {
- *                 authorizationEndpoint: "https://example.com/authorization_endpoint",
- *                 clientId: "client_id",
- *                 clientSecret: "client_secret",
- *                 issuer: "https://example.com",
- *                 tokenEndpoint: "https://example.com/token_endpoint",
- *                 userInfoEndpoint: "https://example.com/user_info_endpoint",
- *             },
- *         },
- *         {
- *             type: "forward",
- *             targetGroupArn: staticAwsLbTargetGroup.arn,
- *         },
- *     ],
- * });
- * // With transform
- * const transform = new aws.lb.ListenerRule("transform", {
- *     listenerArn: frontEndListener.arn,
- *     actions: [{
- *         type: "forward",
- *         targetGroupArn: staticAwsLbTargetGroup.arn,
- *     }],
- *     conditions: [{
- *         pathPattern: {
- *             values: ["*"],
- *         },
- *     }],
- *     transforms: [
- *         {
- *             type: "host-header-rewrite",
- *             hostHeaderRewriteConfig: {
- *                 rewrite: {
- *                     regex: "^mywebsite-(.+).com$",
- *                     replace: "internal.dev.$1.myweb.com",
- *                 },
- *             },
- *         },
- *         {
- *             type: "url-rewrite",
- *             urlRewriteConfig: {
- *                 rewrite: {
- *                     regex: "^/dp/([A-Za-z0-9]+)/?$",
- *                     replace: "/product.php?id=$1",
- *                 },
- *             },
- *         },
- *     ],
- * });
- * ```
- *
- * ## Import
- *
- * ### Identity Schema
- *
- * #### Required
- *
- * - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
- *
- * Using `pulumi import`, import rules using their ARN. For example:
- *
- * console
- *
- * % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
  */
 export class ListenerRule extends pulumi.CustomResource {
     /**
diff --git a/sdk/nodejs/notifications/channelAssociation.ts b/sdk/nodejs/notifications/channelAssociation.ts
index aaf4fcd30d1..c4d1818f749 100644
--- a/sdk/nodejs/notifications/channelAssociation.ts
+++ b/sdk/nodejs/notifications/channelAssociation.ts
@@ -66,7 +66,7 @@ export class ChannelAssociation extends pulumi.CustomResource {
     }
 
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
      */
     declare public readonly arn: pulumi.Output;
     /**
@@ -110,7 +110,7 @@ export class ChannelAssociation extends pulumi.CustomResource {
  */
 export interface ChannelAssociationState {
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
      */
     arn?: pulumi.Input;
     /**
@@ -124,7 +124,7 @@ export interface ChannelAssociationState {
  */
 export interface ChannelAssociationArgs {
     /**
-     * ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+     * ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
      */
     arn: pulumi.Input;
     /**
diff --git a/sdk/nodejs/odb/cloudVmCluster.ts b/sdk/nodejs/odb/cloudVmCluster.ts
index a46c5bce2b2..7de03a23bb9 100644
--- a/sdk/nodejs/odb/cloudVmCluster.ts
+++ b/sdk/nodejs/odb/cloudVmCluster.ts
@@ -113,7 +113,11 @@ export class CloudVmCluster extends pulumi.CustomResource {
      */
     declare public /*out*/ readonly arn: pulumi.Output;
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    declare public readonly cloudExadataInfrastructureArn: pulumi.Output;
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
     declare public readonly cloudExadataInfrastructureId: pulumi.Output;
     /**
@@ -224,7 +228,11 @@ export class CloudVmCluster extends pulumi.CustomResource {
      */
     declare public /*out*/ readonly ocid: pulumi.Output;
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    declare public readonly odbNetworkArn: pulumi.Output;
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
     declare public readonly odbNetworkId: pulumi.Output;
     /**
@@ -307,6 +315,7 @@ export class CloudVmCluster extends pulumi.CustomResource {
         if (opts.id) {
             const state = argsOrState as CloudVmClusterState | undefined;
             resourceInputs["arn"] = state?.arn;
+            resourceInputs["cloudExadataInfrastructureArn"] = state?.cloudExadataInfrastructureArn;
             resourceInputs["cloudExadataInfrastructureId"] = state?.cloudExadataInfrastructureId;
             resourceInputs["clusterName"] = state?.clusterName;
             resourceInputs["computeModel"] = state?.computeModel;
@@ -334,6 +343,7 @@ export class CloudVmCluster extends pulumi.CustomResource {
             resourceInputs["ociResourceAnchorName"] = state?.ociResourceAnchorName;
             resourceInputs["ociUrl"] = state?.ociUrl;
             resourceInputs["ocid"] = state?.ocid;
+            resourceInputs["odbNetworkArn"] = state?.odbNetworkArn;
             resourceInputs["odbNetworkId"] = state?.odbNetworkId;
             resourceInputs["percentProgress"] = state?.percentProgress;
             resourceInputs["region"] = state?.region;
@@ -354,9 +364,6 @@ export class CloudVmCluster extends pulumi.CustomResource {
             resourceInputs["vipIds"] = state?.vipIds;
         } else {
             const args = argsOrState as CloudVmClusterArgs | undefined;
-            if (args?.cloudExadataInfrastructureId === undefined && !opts.urn) {
-                throw new Error("Missing required property 'cloudExadataInfrastructureId'");
-            }
             if (args?.cpuCoreCount === undefined && !opts.urn) {
                 throw new Error("Missing required property 'cpuCoreCount'");
             }
@@ -375,12 +382,10 @@ export class CloudVmCluster extends pulumi.CustomResource {
             if (args?.hostnamePrefix === undefined && !opts.urn) {
                 throw new Error("Missing required property 'hostnamePrefix'");
             }
-            if (args?.odbNetworkId === undefined && !opts.urn) {
-                throw new Error("Missing required property 'odbNetworkId'");
-            }
             if (args?.sshPublicKeys === undefined && !opts.urn) {
                 throw new Error("Missing required property 'sshPublicKeys'");
             }
+            resourceInputs["cloudExadataInfrastructureArn"] = args?.cloudExadataInfrastructureArn;
             resourceInputs["cloudExadataInfrastructureId"] = args?.cloudExadataInfrastructureId;
             resourceInputs["clusterName"] = args?.clusterName;
             resourceInputs["cpuCoreCount"] = args?.cpuCoreCount;
@@ -395,6 +400,7 @@ export class CloudVmCluster extends pulumi.CustomResource {
             resourceInputs["isSparseDiskgroupEnabled"] = args?.isSparseDiskgroupEnabled;
             resourceInputs["licenseModel"] = args?.licenseModel;
             resourceInputs["memorySizeInGbs"] = args?.memorySizeInGbs;
+            resourceInputs["odbNetworkArn"] = args?.odbNetworkArn;
             resourceInputs["odbNetworkId"] = args?.odbNetworkId;
             resourceInputs["region"] = args?.region;
             resourceInputs["scanListenerPortTcp"] = args?.scanListenerPortTcp;
@@ -442,7 +448,11 @@ export interface CloudVmClusterState {
      */
     arn?: pulumi.Input;
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    cloudExadataInfrastructureArn?: pulumi.Input;
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
     cloudExadataInfrastructureId?: pulumi.Input;
     /**
@@ -553,7 +563,11 @@ export interface CloudVmClusterState {
      */
     ocid?: pulumi.Input;
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    odbNetworkArn?: pulumi.Input;
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
     odbNetworkId?: pulumi.Input;
     /**
@@ -628,9 +642,13 @@ export interface CloudVmClusterState {
  */
 export interface CloudVmClusterArgs {
     /**
-     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+     * The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    cloudExadataInfrastructureArn?: pulumi.Input;
+    /**
+     * The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
-    cloudExadataInfrastructureId: pulumi.Input;
+    cloudExadataInfrastructureId?: pulumi.Input;
     /**
      * The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource.
      */
@@ -686,9 +704,13 @@ export interface CloudVmClusterArgs {
      */
     memorySizeInGbs?: pulumi.Input;
     /**
-     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+     * The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
+     */
+    odbNetworkArn?: pulumi.Input;
+    /**
+     * The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloudExadataInfrastructureId and odbNetworkId or cloudExadataInfrastructureArn and odbNetworkArn must be used.
      */
-    odbNetworkId: pulumi.Input;
+    odbNetworkId?: pulumi.Input;
     /**
      * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
      */
diff --git a/sdk/nodejs/organizations/organization.ts b/sdk/nodejs/organizations/organization.ts
index ab5d2753488..9759b163323 100644
--- a/sdk/nodejs/organizations/organization.ts
+++ b/sdk/nodejs/organizations/organization.ts
@@ -88,7 +88,7 @@ export class Organization extends pulumi.CustomResource {
      */
     declare public readonly awsServiceAccessPrincipals: pulumi.Output;
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      */
     declare public readonly enabledPolicyTypes: pulumi.Output;
     /**
@@ -180,7 +180,7 @@ export interface OrganizationState {
      */
     awsServiceAccessPrincipals?: pulumi.Input[]>;
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      */
     enabledPolicyTypes?: pulumi.Input[]>;
     /**
@@ -222,7 +222,7 @@ export interface OrganizationArgs {
      */
     awsServiceAccessPrincipals?: pulumi.Input[]>;
     /**
-     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+     * List of Organizations policy types to enable in the Organization Root. Organization must have `featureSet` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `awsServiceAccessPrincipals` must include `securityhub.amazonaws.com`.
      */
     enabledPolicyTypes?: pulumi.Input[]>;
     /**
diff --git a/sdk/nodejs/provider.ts b/sdk/nodejs/provider.ts
index 9634fe2a061..fc222ff02f3 100644
--- a/sdk/nodejs/provider.ts
+++ b/sdk/nodejs/provider.ts
@@ -85,6 +85,10 @@ export class Provider extends pulumi.ProviderResource {
      * are us-east-1 and us-west-2.
      */
     declare public readonly stsRegion: pulumi.Output;
+    /**
+     * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+     */
+    declare public readonly tagPolicyCompliance: pulumi.Output;
     /**
      * session token. A session token is only required if you are
      * using temporary security credentials.
@@ -131,6 +135,7 @@ export class Provider extends pulumi.ProviderResource {
             resourceInputs["skipRegionValidation"] = pulumi.output((args?.skipRegionValidation) ?? true).apply(JSON.stringify);
             resourceInputs["skipRequestingAccountId"] = pulumi.output(args?.skipRequestingAccountId).apply(JSON.stringify);
             resourceInputs["stsRegion"] = args?.stsRegion;
+            resourceInputs["tagPolicyCompliance"] = args?.tagPolicyCompliance;
             resourceInputs["token"] = args?.token ? pulumi.secret(args.token) : undefined;
             resourceInputs["tokenBucketRateLimiterCapacity"] = pulumi.output(args?.tokenBucketRateLimiterCapacity).apply(JSON.stringify);
             resourceInputs["useDualstackEndpoint"] = pulumi.output(args?.useDualstackEndpoint).apply(JSON.stringify);
@@ -267,6 +272,10 @@ export interface ProviderArgs {
      * are us-east-1 and us-west-2.
      */
     stsRegion?: pulumi.Input;
+    /**
+     * The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+     */
+    tagPolicyCompliance?: pulumi.Input;
     /**
      * session token. A session token is only required if you are
      * using temporary security credentials.
diff --git a/sdk/nodejs/quicksight/accountSettings.ts b/sdk/nodejs/quicksight/accountSettings.ts
index a3cdf45424d..2f4b2c3462a 100644
--- a/sdk/nodejs/quicksight/accountSettings.ts
+++ b/sdk/nodejs/quicksight/accountSettings.ts
@@ -70,6 +70,10 @@ export class AccountSettings extends pulumi.CustomResource {
      * The default namespace for this Amazon Web Services account. Currently, the default is `default`.
      */
     declare public readonly defaultNamespace: pulumi.Output;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    declare public readonly region: pulumi.Output;
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      */
@@ -91,12 +95,14 @@ export class AccountSettings extends pulumi.CustomResource {
             const state = argsOrState as AccountSettingsState | undefined;
             resourceInputs["awsAccountId"] = state?.awsAccountId;
             resourceInputs["defaultNamespace"] = state?.defaultNamespace;
+            resourceInputs["region"] = state?.region;
             resourceInputs["terminationProtectionEnabled"] = state?.terminationProtectionEnabled;
             resourceInputs["timeouts"] = state?.timeouts;
         } else {
             const args = argsOrState as AccountSettingsArgs | undefined;
             resourceInputs["awsAccountId"] = args?.awsAccountId;
             resourceInputs["defaultNamespace"] = args?.defaultNamespace;
+            resourceInputs["region"] = args?.region;
             resourceInputs["terminationProtectionEnabled"] = args?.terminationProtectionEnabled;
             resourceInputs["timeouts"] = args?.timeouts;
         }
@@ -114,6 +120,10 @@ export interface AccountSettingsState {
      * The default namespace for this Amazon Web Services account. Currently, the default is `default`.
      */
     defaultNamespace?: pulumi.Input;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    region?: pulumi.Input;
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      */
@@ -130,6 +140,10 @@ export interface AccountSettingsArgs {
      * The default namespace for this Amazon Web Services account. Currently, the default is `default`.
      */
     defaultNamespace?: pulumi.Input;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    region?: pulumi.Input;
     /**
      * A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
      */
diff --git a/sdk/nodejs/route53/getZone.ts b/sdk/nodejs/route53/getZone.ts
index a59379c2252..9a2d42c8639 100644
--- a/sdk/nodejs/route53/getZone.ts
+++ b/sdk/nodejs/route53/getZone.ts
@@ -29,6 +29,8 @@ import * as utilities from "../utilities";
  *     records: ["10.0.0.1"],
  * });
  * ```
+ *
+ * The following example shows how to get a Hosted Zone from a unique combination of its tags:
  */
 export function getZone(args?: GetZoneArgs, opts?: pulumi.InvokeOptions): Promise {
     args = args || {};
@@ -47,27 +49,28 @@ export function getZone(args?: GetZoneArgs, opts?: pulumi.InvokeOptions): Promis
  */
 export interface GetZoneArgs {
     /**
-     * Hosted Zone name of the desired Hosted Zone.
+     * Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`.
      */
     name?: string;
     /**
-     * Used with `name` field to get a private Hosted Zone.
+     * Filter to only private Hosted Zones.
      */
     privateZone?: boolean;
     /**
-     * Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+     * A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+     *
+     * The arguments of this data source act as filters for querying the available Hosted Zone.
      *
-     * The arguments of this data source act as filters for querying the available
-     * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one
-     * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`.
+     * - The given filter must match exactly one Hosted Zone.
      */
     tags?: {[key: string]: string};
     /**
-     * Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory).
+     * Filter to private Hosted Zones associated with the specified `vpcId`.
      */
     vpcId?: string;
     /**
-     * Hosted Zone id of the desired Hosted Zone.
+     * and `name` are mutually exclusive.
+     * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`.
      */
     zoneId?: string;
 }
@@ -124,7 +127,7 @@ export interface GetZoneResult {
      * A map of tags assigned to the Hosted Zone.
      */
     readonly tags: {[key: string]: string};
-    readonly vpcId: string;
+    readonly vpcId?: string;
     /**
      * The Hosted Zone identifier.
      */
@@ -155,6 +158,8 @@ export interface GetZoneResult {
  *     records: ["10.0.0.1"],
  * });
  * ```
+ *
+ * The following example shows how to get a Hosted Zone from a unique combination of its tags:
  */
 export function getZoneOutput(args?: GetZoneOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output {
     args = args || {};
@@ -173,27 +178,28 @@ export function getZoneOutput(args?: GetZoneOutputArgs, opts?: pulumi.InvokeOutp
  */
 export interface GetZoneOutputArgs {
     /**
-     * Hosted Zone name of the desired Hosted Zone.
+     * Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `privateZone`, `vpcId` and `tags`.
      */
     name?: pulumi.Input;
     /**
-     * Used with `name` field to get a private Hosted Zone.
+     * Filter to only private Hosted Zones.
      */
     privateZone?: pulumi.Input;
     /**
-     * Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+     * A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+     *
+     * The arguments of this data source act as filters for querying the available Hosted Zone.
      *
-     * The arguments of this data source act as filters for querying the available
-     * Hosted Zone. You have to use `zoneId` or `name`, not both of them. The given filter must match exactly one
-     * Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `privateZone` field to `true`.
+     * - The given filter must match exactly one Hosted Zone.
      */
     tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
     /**
-     * Used with `name` field to get a private Hosted Zone associated with the vpcId (in this case, privateZone is not mandatory).
+     * Filter to private Hosted Zones associated with the specified `vpcId`.
      */
     vpcId?: pulumi.Input;
     /**
-     * Hosted Zone id of the desired Hosted Zone.
+     * and `name` are mutually exclusive.
+     * - If you use the `name` argument for a private Hosted Zone, you need to set the `privateZone` argument to `true`.
      */
     zoneId?: pulumi.Input;
 }
diff --git a/sdk/nodejs/s3/bucketServerSideEncryptionConfiguration.ts b/sdk/nodejs/s3/bucketServerSideEncryptionConfiguration.ts
index 005c46fbfd2..6be6808ece0 100644
--- a/sdk/nodejs/s3/bucketServerSideEncryptionConfiguration.ts
+++ b/sdk/nodejs/s3/bucketServerSideEncryptionConfiguration.ts
@@ -12,6 +12,8 @@ import * as utilities from "../utilities";
  *
  * > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
  *
+ * > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+ *
  * ## Example Usage
  *
  * ```typescript
@@ -34,6 +36,30 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### Blocking SSE-C Uploads
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const mykey = new aws.kms.Key("mykey", {
+ *     description: "This key is used to encrypt bucket objects",
+ *     deletionWindowInDays: 10,
+ * });
+ * const mybucket = new aws.s3.Bucket("mybucket", {bucket: "mybucket"});
+ * const example = new aws.s3.BucketServerSideEncryptionConfiguration("example", {
+ *     bucket: mybucket.id,
+ *     rules: [{
+ *         applyServerSideEncryptionByDefault: {
+ *             kmsMasterKeyId: mykey.arn,
+ *             sseAlgorithm: "aws:kms",
+ *         },
+ *         bucketKeyEnabled: true,
+ *         blockedEncryptionTypes: ["SSE-C"],
+ *     }],
+ * });
+ * ```
+ *
  * ## Import
  *
  * ### Identity Schema
diff --git a/sdk/nodejs/s3/bucketServerSideEncryptionConfigurationV2.ts b/sdk/nodejs/s3/bucketServerSideEncryptionConfigurationV2.ts
index 2a58d0178d3..c81907f9841 100644
--- a/sdk/nodejs/s3/bucketServerSideEncryptionConfigurationV2.ts
+++ b/sdk/nodejs/s3/bucketServerSideEncryptionConfigurationV2.ts
@@ -12,6 +12,8 @@ import * as utilities from "../utilities";
  *
  * > **NOTE:** Destroying an `aws.s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
  *
+ * > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blockedEncryptionTypes` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+ *
  * ## Example Usage
  *
  * ```typescript
@@ -34,6 +36,30 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### Blocking SSE-C Uploads
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const mykey = new aws.kms.Key("mykey", {
+ *     description: "This key is used to encrypt bucket objects",
+ *     deletionWindowInDays: 10,
+ * });
+ * const mybucket = new aws.s3.Bucket("mybucket", {bucket: "mybucket"});
+ * const example = new aws.s3.BucketServerSideEncryptionConfiguration("example", {
+ *     bucket: mybucket.id,
+ *     rules: [{
+ *         applyServerSideEncryptionByDefault: {
+ *             kmsMasterKeyId: mykey.arn,
+ *             sseAlgorithm: "aws:kms",
+ *         },
+ *         bucketKeyEnabled: true,
+ *         blockedEncryptionTypes: ["SSE-C"],
+ *     }],
+ * });
+ * ```
+ *
  * ## Import
  *
  * ### Identity Schema
diff --git a/sdk/nodejs/sagemaker/model.ts b/sdk/nodejs/sagemaker/model.ts
index 4c873b0b5f8..b8021d7a43e 100644
--- a/sdk/nodejs/sagemaker/model.ts
+++ b/sdk/nodejs/sagemaker/model.ts
@@ -8,11 +8,11 @@ import * as enums from "../types/enums";
 import * as utilities from "../utilities";
 
 /**
- * Provides a SageMaker AI model resource.
+ * Manages an Amazon SageMaker AI Model.
  *
  * ## Example Usage
  *
- * Basic usage:
+ * ### Basic Usage
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
@@ -40,21 +40,12 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
- * ## Inference Execution Config
- *
- * * `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`.
- *
- * ### VPC Config
- *
- * * `securityGroupIds` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
- * * `subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model.
- *
  * ## Import
  *
  * Using `pulumi import`, import models using the `name`. For example:
  *
  * ```sh
- * $ pulumi import aws:sagemaker/model:Model test_model model-foo
+ * $ pulumi import aws:sagemaker/model:Model example model-foo
  * ```
  */
 export class Model extends pulumi.CustomResource {
@@ -86,7 +77,7 @@ export class Model extends pulumi.CustomResource {
     }
 
     /**
-     * The Amazon Resource Name (ARN) assigned by AWS to this model.
+     * Amazon Resource Name (ARN) assigned by AWS to this model.
      */
     declare public /*out*/ readonly arn: pulumi.Output;
     /**
@@ -106,11 +97,11 @@ export class Model extends pulumi.CustomResource {
      */
     declare public readonly inferenceExecutionConfig: pulumi.Output;
     /**
-     * The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+     * Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
      */
     declare public readonly name: pulumi.Output;
     /**
-     * The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+     * Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
      */
     declare public readonly primaryContainer: pulumi.Output;
     /**
@@ -181,7 +172,7 @@ export class Model extends pulumi.CustomResource {
  */
 export interface ModelState {
     /**
-     * The Amazon Resource Name (ARN) assigned by AWS to this model.
+     * Amazon Resource Name (ARN) assigned by AWS to this model.
      */
     arn?: pulumi.Input;
     /**
@@ -201,11 +192,11 @@ export interface ModelState {
      */
     inferenceExecutionConfig?: pulumi.Input;
     /**
-     * The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+     * Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
      */
     name?: pulumi.Input;
     /**
-     * The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+     * Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
      */
     primaryContainer?: pulumi.Input;
     /**
@@ -247,11 +238,11 @@ export interface ModelArgs {
      */
     inferenceExecutionConfig?: pulumi.Input;
     /**
-     * The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+     * Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
      */
     name?: pulumi.Input;
     /**
-     * The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+     * Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
      */
     primaryContainer?: pulumi.Input;
     /**
diff --git a/sdk/nodejs/ssoadmin/accountAssignment.ts b/sdk/nodejs/ssoadmin/accountAssignment.ts
index ddcd9af6633..b8885f0b713 100644
--- a/sdk/nodejs/ssoadmin/accountAssignment.ts
+++ b/sdk/nodejs/ssoadmin/accountAssignment.ts
@@ -137,7 +137,7 @@ export class AccountAssignment extends pulumi.CustomResource {
     /**
      * The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
      */
-    declare public readonly targetType: pulumi.Output;
+    declare public readonly targetType: pulumi.Output;
 
     /**
      * Create a AccountAssignment resource with the given unique name, arguments, and options.
@@ -176,6 +176,9 @@ export class AccountAssignment extends pulumi.CustomResource {
             if (args?.targetId === undefined && !opts.urn) {
                 throw new Error("Missing required property 'targetId'");
             }
+            if (args?.targetType === undefined && !opts.urn) {
+                throw new Error("Missing required property 'targetType'");
+            }
             resourceInputs["instanceArn"] = args?.instanceArn;
             resourceInputs["permissionSetArn"] = args?.permissionSetArn;
             resourceInputs["principalId"] = args?.principalId;
@@ -254,5 +257,5 @@ export interface AccountAssignmentArgs {
     /**
      * The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
      */
-    targetType?: pulumi.Input;
+    targetType: pulumi.Input;
 }
diff --git a/sdk/nodejs/timestreaminfluxdb/dbCluster.ts b/sdk/nodejs/timestreaminfluxdb/dbCluster.ts
index 779264c0e27..333efbc7035 100644
--- a/sdk/nodejs/timestreaminfluxdb/dbCluster.ts
+++ b/sdk/nodejs/timestreaminfluxdb/dbCluster.ts
@@ -123,6 +123,52 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### Usage with InfluxDB V3
+ *
+ * For InfluxDB V3 clusters, you can create a cluster without providing `allocatedStorage`, `bucket`, `organization`, `username`, `password`, or `deploymentType` by specifying a `dbParameterGroupIdentifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster:
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.timestreaminfluxdb.DbCluster("example", {
+ *     name: "example-v3-cluster",
+ *     dbInstanceType: "db.influx.large",
+ *     dbParameterGroupIdentifier: "InfluxDBV3Core",
+ *     vpcSubnetIds: [
+ *         example1.id,
+ *         example2.id,
+ *     ],
+ *     vpcSecurityGroupIds: [exampleAwsSecurityGroup.id],
+ * });
+ * ```
+ *
+ * ## Cluster Type Requirements
+ *
+ * ### InfluxDB V2 Clusters (default)
+ *
+ * The following arguments are **required** for InfluxDB V2 clusters:
+ *
+ * * `allocatedStorage`
+ * * `bucket`
+ * * `deploymentType`
+ * * `organization`
+ * * `password`
+ * * `username`
+ *
+ * The `deploymentType` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified.
+ *
+ * ### InfluxDB V3 Clusters (when using V3 parameter groups)
+ *
+ * The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group):
+ *
+ * * `allocatedStorage`
+ * * `bucket`
+ * * `deploymentType`
+ * * `organization`
+ * * `password`
+ * * `username`
+ *
  * ## Import
  *
  * Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example:
@@ -160,17 +206,17 @@ export class DbCluster extends pulumi.CustomResource {
     }
 
     /**
-     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    declare public readonly allocatedStorage: pulumi.Output;
+    declare public readonly allocatedStorage: pulumi.Output;
     /**
      * ARN of the Timestream for InfluxDB cluster.
      */
     declare public /*out*/ readonly arn: pulumi.Output;
     /**
-     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    declare public readonly bucket: pulumi.Output;
+    declare public readonly bucket: pulumi.Output;
     /**
      * Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
      */
@@ -184,19 +230,23 @@ export class DbCluster extends pulumi.CustomResource {
      */
     declare public readonly dbStorageType: pulumi.Output;
     /**
-     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     declare public readonly deploymentType: pulumi.Output;
     /**
      * Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.
      */
     declare public /*out*/ readonly endpoint: pulumi.Output;
+    /**
+     * Database engine type of the DB cluster.
+     */
+    declare public /*out*/ readonly engineType: pulumi.Output;
     /**
      * Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
      */
     declare public readonly failoverMode: pulumi.Output;
     /**
-     * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+     * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
      */
     declare public /*out*/ readonly influxAuthParametersSecretArn: pulumi.Output;
     /**
@@ -212,13 +262,13 @@ export class DbCluster extends pulumi.CustomResource {
      */
     declare public readonly networkType: pulumi.Output;
     /**
-     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    declare public readonly organization: pulumi.Output;
+    declare public readonly organization: pulumi.Output;
     /**
-     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
      */
-    declare public readonly password: pulumi.Output;
+    declare public readonly password: pulumi.Output;
     /**
      * The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
      */
@@ -245,9 +295,9 @@ export class DbCluster extends pulumi.CustomResource {
     declare public /*out*/ readonly tagsAll: pulumi.Output<{[key: string]: string}>;
     declare public readonly timeouts: pulumi.Output;
     /**
-     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    declare public readonly username: pulumi.Output;
+    declare public readonly username: pulumi.Output;
     /**
      * List of VPC security group IDs to associate with the cluster.
      */
@@ -280,6 +330,7 @@ export class DbCluster extends pulumi.CustomResource {
             resourceInputs["dbStorageType"] = state?.dbStorageType;
             resourceInputs["deploymentType"] = state?.deploymentType;
             resourceInputs["endpoint"] = state?.endpoint;
+            resourceInputs["engineType"] = state?.engineType;
             resourceInputs["failoverMode"] = state?.failoverMode;
             resourceInputs["influxAuthParametersSecretArn"] = state?.influxAuthParametersSecretArn;
             resourceInputs["logDeliveryConfiguration"] = state?.logDeliveryConfiguration;
@@ -299,24 +350,9 @@ export class DbCluster extends pulumi.CustomResource {
             resourceInputs["vpcSubnetIds"] = state?.vpcSubnetIds;
         } else {
             const args = argsOrState as DbClusterArgs | undefined;
-            if (args?.allocatedStorage === undefined && !opts.urn) {
-                throw new Error("Missing required property 'allocatedStorage'");
-            }
-            if (args?.bucket === undefined && !opts.urn) {
-                throw new Error("Missing required property 'bucket'");
-            }
             if (args?.dbInstanceType === undefined && !opts.urn) {
                 throw new Error("Missing required property 'dbInstanceType'");
             }
-            if (args?.organization === undefined && !opts.urn) {
-                throw new Error("Missing required property 'organization'");
-            }
-            if (args?.password === undefined && !opts.urn) {
-                throw new Error("Missing required property 'password'");
-            }
-            if (args?.username === undefined && !opts.urn) {
-                throw new Error("Missing required property 'username'");
-            }
             if (args?.vpcSecurityGroupIds === undefined && !opts.urn) {
                 throw new Error("Missing required property 'vpcSecurityGroupIds'");
             }
@@ -345,6 +381,7 @@ export class DbCluster extends pulumi.CustomResource {
             resourceInputs["vpcSubnetIds"] = args?.vpcSubnetIds;
             resourceInputs["arn"] = undefined /*out*/;
             resourceInputs["endpoint"] = undefined /*out*/;
+            resourceInputs["engineType"] = undefined /*out*/;
             resourceInputs["influxAuthParametersSecretArn"] = undefined /*out*/;
             resourceInputs["readerEndpoint"] = undefined /*out*/;
             resourceInputs["tagsAll"] = undefined /*out*/;
@@ -361,7 +398,7 @@ export class DbCluster extends pulumi.CustomResource {
  */
 export interface DbClusterState {
     /**
-     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     allocatedStorage?: pulumi.Input;
     /**
@@ -369,7 +406,7 @@ export interface DbClusterState {
      */
     arn?: pulumi.Input;
     /**
-     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     bucket?: pulumi.Input;
     /**
@@ -385,19 +422,23 @@ export interface DbClusterState {
      */
     dbStorageType?: pulumi.Input;
     /**
-     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     deploymentType?: pulumi.Input;
     /**
      * Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.
      */
     endpoint?: pulumi.Input;
+    /**
+     * Database engine type of the DB cluster.
+     */
+    engineType?: pulumi.Input;
     /**
      * Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
      */
     failoverMode?: pulumi.Input;
     /**
-     * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+     * ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
      */
     influxAuthParametersSecretArn?: pulumi.Input;
     /**
@@ -413,11 +454,11 @@ export interface DbClusterState {
      */
     networkType?: pulumi.Input;
     /**
-     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     organization?: pulumi.Input;
     /**
-     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
      */
     password?: pulumi.Input;
     /**
@@ -446,7 +487,7 @@ export interface DbClusterState {
     tagsAll?: pulumi.Input<{[key: string]: pulumi.Input}>;
     timeouts?: pulumi.Input;
     /**
-     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     username?: pulumi.Input;
     /**
@@ -466,13 +507,13 @@ export interface DbClusterState {
  */
 export interface DbClusterArgs {
     /**
-     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+     * Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `dbStorageType` places restrictions on this argument's minimum value. The following is a list of `dbStorageType` values and the corresponding minimum value for `allocatedStorage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    allocatedStorage: pulumi.Input;
+    allocatedStorage?: pulumi.Input;
     /**
-     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    bucket: pulumi.Input;
+    bucket?: pulumi.Input;
     /**
      * Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
      */
@@ -486,7 +527,7 @@ export interface DbClusterArgs {
      */
     dbStorageType?: pulumi.Input;
     /**
-     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+     * Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
     deploymentType?: pulumi.Input;
     /**
@@ -506,13 +547,13 @@ export interface DbClusterArgs {
      */
     networkType?: pulumi.Input;
     /**
-     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    organization: pulumi.Input;
+    organization?: pulumi.Input;
     /**
-     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
      */
-    password: pulumi.Input;
+    password?: pulumi.Input;
     /**
      * The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
      */
@@ -531,9 +572,9 @@ export interface DbClusterArgs {
     tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
     timeouts?: pulumi.Input;
     /**
-     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute.
+     * Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influxAuthParametersSecretArn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
      */
-    username: pulumi.Input;
+    username?: pulumi.Input;
     /**
      * List of VPC security group IDs to associate with the cluster.
      */
diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json
index 886361e8708..819b814bd2b 100644
--- a/sdk/nodejs/tsconfig.json
+++ b/sdk/nodejs/tsconfig.json
@@ -297,6 +297,7 @@
         "bedrockmodel/invocationLoggingConfiguration.ts",
         "billing/getViews.ts",
         "billing/index.ts",
+        "billing/view.ts",
         "budgets/budget.ts",
         "budgets/budgetAction.ts",
         "budgets/getBudget.ts",
@@ -2383,6 +2384,7 @@
         "vpc/securityGroupVpcAssociation.ts",
         "vpclattice/accessLogSubscription.ts",
         "vpclattice/authPolicy.ts",
+        "vpclattice/domainVerification.ts",
         "vpclattice/getAuthPolicy.ts",
         "vpclattice/getListener.ts",
         "vpclattice/getResourcePolicy.ts",
diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts
index 0b7cac16cd6..743bae5dc74 100644
--- a/sdk/nodejs/types/input.ts
+++ b/sdk/nodejs/types/input.ts
@@ -1671,6 +1671,10 @@ export namespace alb {
          * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
          */
         forward?: pulumi.Input;
+        /**
+         * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: pulumi.Input;
         /**
          * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          */
@@ -1684,7 +1688,7 @@ export namespace alb {
          */
         targetGroupArn?: pulumi.Input;
         /**
-         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          *
          * The following arguments are optional:
          */
@@ -1833,6 +1837,38 @@ export namespace alb {
         weight?: pulumi.Input;
     }
 
+    export interface ListenerDefaultActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: pulumi.Input[]>;
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: pulumi.Input;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         *
+         * The following arguments are optional:
+         */
+        jwksEndpoint: pulumi.Input;
+    }
+
+    export interface ListenerDefaultActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: pulumi.Input;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: pulumi.Input;
+        /**
+         * List of expected values of the claim.
+         */
+        values: pulumi.Input[]>;
+    }
+
     export interface ListenerDefaultActionRedirect {
         /**
          * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -1901,6 +1937,10 @@ export namespace alb {
          * Cannot be specified with `targetGroupArn`.
          */
         forward?: pulumi.Input;
+        /**
+         * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: pulumi.Input;
         /**
          * Order for the action.
          * The action with the lowest value for order is performed first.
@@ -1920,7 +1960,7 @@ export namespace alb {
          */
         targetGroupArn?: pulumi.Input;
         /**
-         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          */
         type: pulumi.Input;
     }
@@ -2055,6 +2095,36 @@ export namespace alb {
         weight?: pulumi.Input;
     }
 
+    export interface ListenerRuleActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: pulumi.Input[]>;
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: pulumi.Input;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         */
+        jwksEndpoint: pulumi.Input;
+    }
+
+    export interface ListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: pulumi.Input;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: pulumi.Input;
+        /**
+         * List of expected values of the claim.
+         */
+        values: pulumi.Input[]>;
+    }
+
     export interface ListenerRuleActionRedirect {
         /**
          * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -2424,7 +2494,7 @@ export namespace amp {
 
     export interface QueryLoggingConfigurationDestinationCloudwatchLogs {
         /**
-         * The ARN of the CloudWatch log group to which query logs will be sent.
+         * The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
          */
         logGroupArn: pulumi.Input;
     }
@@ -2556,7 +2626,7 @@ export namespace amp {
 
     export interface WorkspaceLoggingConfiguration {
         /**
-         * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+         * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
          */
         logGroupArn: pulumi.Input;
     }
@@ -12490,6 +12560,10 @@ export namespace bedrock {
     }
 
     export interface AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping {
+        /**
+         * Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
+         */
+        customMetadataField?: pulumi.Input;
         /**
          * Name of the field in which Amazon Bedrock stores metadata about the vector store.
          */
@@ -12823,11 +12897,52 @@ export namespace bedrock {
 
     export interface AgentcoreAgentRuntimeAgentRuntimeArtifact {
         /**
-         * Container configuration block. See `containerConfiguration` below.
+         * Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below.
+         */
+        codeConfiguration?: pulumi.Input;
+        /**
+         * Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below.
          */
         containerConfiguration?: pulumi.Input;
     }
 
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration {
+        /**
+         * Configuration block for the source code location and configuration details. See `code` below.
+         */
+        code?: pulumi.Input;
+        /**
+         * Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+         */
+        entryPoints: pulumi.Input[]>;
+        /**
+         * Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+         */
+        runtime: pulumi.Input;
+    }
+
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode {
+        /**
+         * Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+         */
+        s3?: pulumi.Input;
+    }
+
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 {
+        /**
+         * Name of the Amazon S3 bucket.
+         */
+        bucket: pulumi.Input;
+        /**
+         * Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+         */
+        prefix: pulumi.Input;
+        /**
+         * Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+         */
+        versionId?: pulumi.Input;
+    }
+
     export interface AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration {
         /**
          * URI of the container image in Amazon ECR.
@@ -14257,11 +14372,35 @@ export namespace bedrock {
 
     export interface GuardrailContentPolicyConfigFiltersConfig {
         /**
-         * Strength for filters.
+         * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+         */
+        inputAction?: pulumi.Input;
+        /**
+         * Toggles guardrail evaluation on input.
+         */
+        inputEnabled?: pulumi.Input;
+        /**
+         * List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+         */
+        inputModalities?: pulumi.Input[]>;
+        /**
+         * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
          */
         inputStrength: pulumi.Input;
         /**
-         * Strength for filters.
+         * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+         */
+        outputAction?: pulumi.Input;
+        /**
+         * Toggles guardrail evaluation on output.
+         */
+        outputEnabled?: pulumi.Input;
+        /**
+         * List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
+         */
+        outputModalities?: pulumi.Input[]>;
+        /**
+         * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
          */
         outputStrength: pulumi.Input;
         /**
@@ -14602,6 +14741,65 @@ export namespace bedrockmodel {
 }
 
 export namespace billing {
+    export interface ViewDataFilterExpression {
+        /**
+         * Dimension to use for `expression`. Refer to #dimensions for more details.
+         */
+        dimensions?: pulumi.Input;
+        /**
+         * List of key value map specifying tags associated to the billing view being created.
+         */
+        tags?: pulumi.Input[]>;
+        /**
+         * Time range to use for `expression`. Refer to #time-range for more details.
+         */
+        timeRange?: pulumi.Input;
+    }
+
+    export interface ViewDataFilterExpressionDimensions {
+        /**
+         * Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+         */
+        key: pulumi.Input;
+        /**
+         * List of metadata values that you can use to filter and group your results.
+         */
+        values: pulumi.Input[]>;
+    }
+
+    export interface ViewDataFilterExpressionTag {
+        /**
+         * Key of the tag.
+         */
+        key: pulumi.Input;
+        /**
+         * List of values for the tag.
+         */
+        values: pulumi.Input[]>;
+    }
+
+    export interface ViewDataFilterExpressionTimeRange {
+        /**
+         * Inclusive end date of the time range.
+         */
+        beginDateInclusive: pulumi.Input;
+        endDateInclusive: pulumi.Input;
+    }
+
+    export interface ViewTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: pulumi.Input;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: pulumi.Input;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        update?: pulumi.Input;
+    }
 }
 
 export namespace budgets {
@@ -19892,7 +20090,7 @@ export namespace codestarconnections {
 export namespace codestarnotifications {
     export interface NotificationRuleTarget {
         /**
-         * The ARN of notification rule target. For example, a SNS Topic ARN.
+         * The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
          */
         address: pulumi.Input;
         /**
@@ -19900,7 +20098,7 @@ export namespace codestarnotifications {
          */
         status?: pulumi.Input;
         /**
-         * The type of the notification target. Default value is `SNS`.
+         * The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
          */
         type?: pulumi.Input;
     }
@@ -25379,6 +25577,13 @@ export namespace dynamodb {
         writeUnitsPerSecond?: pulumi.Input;
     }
 
+    export interface TableGlobalTableWitness {
+        /**
+         * Name of the AWS Region that serves as a witness for the MRSC global table.
+         */
+        regionName?: pulumi.Input;
+    }
+
     export interface TableImportTable {
         /**
          * Type of compression to be used on the input coming from the imported table.
@@ -36075,7 +36280,7 @@ export namespace fis {
 
     export interface ExperimentTemplateActionTarget {
         /**
-         * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+         * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
          */
         key: pulumi.Input;
         /**
@@ -36163,7 +36368,7 @@ export namespace fis {
 
     export interface ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration {
         /**
-         * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+         * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
          */
         logGroupArn: pulumi.Input;
     }
@@ -47273,6 +47478,11 @@ export namespace lb {
          * Detailed below.
          */
         forwards?: inputs.lb.GetListenerRuleActionForward[];
+        /**
+         * An action to validate using JWT.
+         * Detailed below.
+         */
+        jwtValidations?: inputs.lb.GetListenerRuleActionJwtValidation[];
         /**
          * The evaluation order of the action.
          */
@@ -47309,6 +47519,11 @@ export namespace lb {
          * Detailed below.
          */
         forwards?: pulumi.Input[]>;
+        /**
+         * An action to validate using JWT.
+         * Detailed below.
+         */
+        jwtValidations?: pulumi.Input[]>;
         /**
          * The evaluation order of the action.
          */
@@ -47411,7 +47626,7 @@ export namespace lb {
          */
         clientId?: string;
         /**
-         * OIDC issuer identifier of the IdP.
+         * Issuer of the JWT.
          */
         issuer?: string;
         /**
@@ -47455,7 +47670,7 @@ export namespace lb {
          */
         clientId?: pulumi.Input;
         /**
-         * OIDC issuer identifier of the IdP.
+         * Issuer of the JWT.
          */
         issuer?: pulumi.Input;
         /**
@@ -47586,6 +47801,66 @@ export namespace lb {
         weight?: pulumi.Input;
     }
 
+    export interface GetListenerRuleActionJwtValidation {
+        /**
+         * Additional claims to validate.
+         */
+        additionalClaims?: inputs.lb.GetListenerRuleActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer?: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint.
+         */
+        jwksEndpoint?: string;
+    }
+
+    export interface GetListenerRuleActionJwtValidationArgs {
+        /**
+         * Additional claims to validate.
+         */
+        additionalClaims?: pulumi.Input[]>;
+        /**
+         * Issuer of the JWT.
+         */
+        issuer?: pulumi.Input;
+        /**
+         * JSON Web Key Set (JWKS) endpoint.
+         */
+        jwksEndpoint?: pulumi.Input;
+    }
+
+    export interface GetListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value.
+         */
+        format?: string;
+        /**
+         * Name of the claim to validate.
+         */
+        name?: string;
+        /**
+         * Set of `key`-`value` pairs indicating the query string parameters to match.
+         */
+        values?: string[];
+    }
+
+    export interface GetListenerRuleActionJwtValidationAdditionalClaimArgs {
+        /**
+         * Format of the claim value.
+         */
+        format?: pulumi.Input;
+        /**
+         * Name of the claim to validate.
+         */
+        name?: pulumi.Input;
+        /**
+         * Set of `key`-`value` pairs indicating the query string parameters to match.
+         */
+        values?: pulumi.Input[]>;
+    }
+
     export interface GetListenerRuleActionRedirect {
         /**
          * The hostname.
@@ -47959,6 +48234,10 @@ export namespace lb {
          * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
          */
         forward?: pulumi.Input;
+        /**
+         * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: pulumi.Input;
         /**
          * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          */
@@ -47972,7 +48251,7 @@ export namespace lb {
          */
         targetGroupArn?: pulumi.Input;
         /**
-         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          *
          * The following arguments are optional:
          */
@@ -48121,6 +48400,38 @@ export namespace lb {
         weight?: pulumi.Input;
     }
 
+    export interface ListenerDefaultActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: pulumi.Input[]>;
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: pulumi.Input;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         *
+         * The following arguments are optional:
+         */
+        jwksEndpoint: pulumi.Input;
+    }
+
+    export interface ListenerDefaultActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: pulumi.Input;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: pulumi.Input;
+        /**
+         * List of expected values of the claim.
+         */
+        values: pulumi.Input[]>;
+    }
+
     export interface ListenerDefaultActionRedirect {
         /**
          * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -48189,6 +48500,10 @@ export namespace lb {
          * Cannot be specified with `targetGroupArn`.
          */
         forward?: pulumi.Input;
+        /**
+         * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: pulumi.Input;
         /**
          * Order for the action.
          * The action with the lowest value for order is performed first.
@@ -48208,7 +48523,7 @@ export namespace lb {
          */
         targetGroupArn?: pulumi.Input;
         /**
-         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          */
         type: pulumi.Input;
     }
@@ -48343,6 +48658,36 @@ export namespace lb {
         weight?: pulumi.Input;
     }
 
+    export interface ListenerRuleActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: pulumi.Input[]>;
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: pulumi.Input;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         */
+        jwksEndpoint: pulumi.Input;
+    }
+
+    export interface ListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: pulumi.Input;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: pulumi.Input;
+        /**
+         * List of expected values of the claim.
+         */
+        values: pulumi.Input[]>;
+    }
+
     export interface ListenerRuleActionRedirect {
         /**
          * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -75610,6 +75955,10 @@ export namespace s3 {
          * Single object for setting server-side encryption by default. See below.
          */
         applyServerSideEncryptionByDefault?: pulumi.Input;
+        /**
+         * List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+         */
+        blockedEncryptionTypes?: pulumi.Input[]>;
         /**
          * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
          */
@@ -75632,6 +75981,10 @@ export namespace s3 {
          * Single object for setting server-side encryption by default. See below.
          */
         applyServerSideEncryptionByDefault?: pulumi.Input;
+        /**
+         * List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+         */
+        blockedEncryptionTypes?: pulumi.Input[]>;
         /**
          * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
          */
@@ -79037,16 +79390,19 @@ export namespace sagemaker {
 
     export interface ModelContainer {
         /**
-         * The DNS host name for the container.
+         * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source.
+         */
+        additionalModelDataSources?: pulumi.Input[]>;
+        /**
+         * DNS host name for the container.
          */
         containerHostname?: pulumi.Input;
         /**
          * Environment variables for the Docker container.
-         * A list of key value pairs.
          */
         environment?: pulumi.Input<{[key: string]: pulumi.Input}>;
         /**
-         * The registry path where the inference code image is stored in Amazon ECR.
+         * Registry path where the inference code image is stored in Amazon ECR.
          */
         image?: pulumi.Input;
         /**
@@ -79054,23 +79410,24 @@ export namespace sagemaker {
          */
         imageConfig?: pulumi.Input;
         /**
-         * The inference specification name in the model package version.
+         * Inference specification name in the model package version.
          */
         inferenceSpecificationName?: pulumi.Input;
         /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+         * Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
          */
         mode?: pulumi.Input;
         /**
-         * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+         * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
          */
         modelDataSource?: pulumi.Input;
         /**
-         * The URL for the S3 location where model artifacts are stored.
+         * URL for the S3 location where model artifacts are stored.
          */
         modelDataUrl?: pulumi.Input;
         /**
-         * The Amazon Resource Name (ARN) of the model package to use to create the model.
+         * Amazon Resource Name (ARN) of the model package to use to create the model.
+         * A list of key value pairs.
          */
         modelPackageName?: pulumi.Input;
         /**
@@ -79079,6 +79436,43 @@ export namespace sagemaker {
         multiModelConfig?: pulumi.Input;
     }
 
+    export interface ModelContainerAdditionalModelDataSource {
+        /**
+         * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+         */
+        channelName: pulumi.Input;
+        /**
+         * S3 location of model data to deploy. See S3 Data Source.
+         */
+        s3DataSources: pulumi.Input[]>;
+    }
+
+    export interface ModelContainerAdditionalModelDataSourceS3DataSource {
+        /**
+         * How the model data is prepared. Allowed values are: `None` and `Gzip`.
+         */
+        compressionType: pulumi.Input;
+        /**
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
+         */
+        modelAccessConfig?: pulumi.Input;
+        /**
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         */
+        s3DataType: pulumi.Input;
+        /**
+         * The S3 path of model data to deploy.
+         */
+        s3Uri: pulumi.Input;
+    }
+
+    export interface ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig {
+        /**
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         */
+        acceptEula: pulumi.Input;
+    }
+
     export interface ModelContainerImageConfig {
         /**
          * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.
@@ -79092,14 +79486,14 @@ export namespace sagemaker {
 
     export interface ModelContainerImageConfigRepositoryAuthConfig {
         /**
-         * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+         * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
          */
         repositoryCredentialsProviderArn: pulumi.Input;
     }
 
     export interface ModelContainerModelDataSource {
         /**
-         * The S3 location of model data to deploy.
+         * S3 location of model data to deploy. See S3 Data Source.
          */
         s3DataSources: pulumi.Input[]>;
     }
@@ -79110,11 +79504,11 @@ export namespace sagemaker {
          */
         compressionType: pulumi.Input;
         /**
-         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config.
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
          */
         modelAccessConfig?: pulumi.Input;
         /**
-         * The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
          */
         s3DataType: pulumi.Input;
         /**
@@ -79125,7 +79519,7 @@ export namespace sagemaker {
 
     export interface ModelContainerModelDataSourceS3DataSourceModelAccessConfig {
         /**
-         * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
          */
         acceptEula: pulumi.Input;
     }
@@ -79139,23 +79533,26 @@ export namespace sagemaker {
 
     export interface ModelInferenceExecutionConfig {
         /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+         * How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
          */
         mode: pulumi.Input;
     }
 
     export interface ModelPrimaryContainer {
         /**
-         * The DNS host name for the container.
+         * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source.
+         */
+        additionalModelDataSources?: pulumi.Input[]>;
+        /**
+         * DNS host name for the container.
          */
         containerHostname?: pulumi.Input;
         /**
          * Environment variables for the Docker container.
-         * A list of key value pairs.
          */
         environment?: pulumi.Input<{[key: string]: pulumi.Input}>;
         /**
-         * The registry path where the inference code image is stored in Amazon ECR.
+         * Registry path where the inference code image is stored in Amazon ECR.
          */
         image?: pulumi.Input;
         /**
@@ -79163,23 +79560,21 @@ export namespace sagemaker {
          */
         imageConfig?: pulumi.Input;
         /**
-         * The inference specification name in the model package version.
+         * Inference specification name in the model package version.
          */
         inferenceSpecificationName?: pulumi.Input;
-        /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-         */
         mode?: pulumi.Input;
         /**
-         * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+         * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
          */
         modelDataSource?: pulumi.Input;
         /**
-         * The URL for the S3 location where model artifacts are stored.
+         * URL for the S3 location where model artifacts are stored.
          */
         modelDataUrl?: pulumi.Input;
         /**
-         * The Amazon Resource Name (ARN) of the model package to use to create the model.
+         * Amazon Resource Name (ARN) of the model package to use to create the model.
+         * A list of key value pairs.
          */
         modelPackageName?: pulumi.Input;
         /**
@@ -79188,6 +79583,43 @@ export namespace sagemaker {
         multiModelConfig?: pulumi.Input;
     }
 
+    export interface ModelPrimaryContainerAdditionalModelDataSource {
+        /**
+         * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+         */
+        channelName: pulumi.Input;
+        /**
+         * S3 location of model data to deploy. See S3 Data Source.
+         */
+        s3DataSources: pulumi.Input[]>;
+    }
+
+    export interface ModelPrimaryContainerAdditionalModelDataSourceS3DataSource {
+        /**
+         * How the model data is prepared. Allowed values are: `None` and `Gzip`.
+         */
+        compressionType: pulumi.Input;
+        /**
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
+         */
+        modelAccessConfig?: pulumi.Input;
+        /**
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         */
+        s3DataType: pulumi.Input;
+        /**
+         * The S3 path of model data to deploy.
+         */
+        s3Uri: pulumi.Input;
+    }
+
+    export interface ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig {
+        /**
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         */
+        acceptEula: pulumi.Input;
+    }
+
     export interface ModelPrimaryContainerImageConfig {
         /**
          * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.
@@ -79201,14 +79633,14 @@ export namespace sagemaker {
 
     export interface ModelPrimaryContainerImageConfigRepositoryAuthConfig {
         /**
-         * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+         * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
          */
         repositoryCredentialsProviderArn: pulumi.Input;
     }
 
     export interface ModelPrimaryContainerModelDataSource {
         /**
-         * The S3 location of model data to deploy.
+         * S3 location of model data to deploy. See S3 Data Source.
          */
         s3DataSources: pulumi.Input[]>;
     }
@@ -79219,11 +79651,11 @@ export namespace sagemaker {
          */
         compressionType: pulumi.Input;
         /**
-         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config.
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
          */
         modelAccessConfig?: pulumi.Input;
         /**
-         * The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
          */
         s3DataType: pulumi.Input;
         /**
@@ -79234,7 +79666,7 @@ export namespace sagemaker {
 
     export interface ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig {
         /**
-         * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
          */
         acceptEula: pulumi.Input;
     }
@@ -79247,7 +79679,13 @@ export namespace sagemaker {
     }
 
     export interface ModelVpcConfig {
+        /**
+         * List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+         */
         securityGroupIds: pulumi.Input[]>;
+        /**
+         * List of subnet IDs in the VPC to which you want to connect your training job or model.
+         */
         subnets: pulumi.Input[]>;
     }
 
diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts
index b9a3840b4c3..f39b7046d0a 100644
--- a/sdk/nodejs/types/output.ts
+++ b/sdk/nodejs/types/output.ts
@@ -370,6 +370,7 @@ export namespace alb {
         authenticateOidcs: outputs.alb.GetListenerDefaultActionAuthenticateOidc[];
         fixedResponses: outputs.alb.GetListenerDefaultActionFixedResponse[];
         forwards: outputs.alb.GetListenerDefaultActionForward[];
+        jwtValidations: outputs.alb.GetListenerDefaultActionJwtValidation[];
         order: number;
         redirects: outputs.alb.GetListenerDefaultActionRedirect[];
         targetGroupArn: string;
@@ -425,6 +426,18 @@ export namespace alb {
         weight: number;
     }
 
+    export interface GetListenerDefaultActionJwtValidation {
+        additionalClaims: outputs.alb.GetListenerDefaultActionJwtValidationAdditionalClaim[];
+        issuer: string;
+        jwksEndpoint: string;
+    }
+
+    export interface GetListenerDefaultActionJwtValidationAdditionalClaim {
+        format: string;
+        name: string;
+        values: string[];
+    }
+
     export interface GetListenerDefaultActionRedirect {
         host: string;
         path: string;
@@ -504,6 +517,10 @@ export namespace alb {
          * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
          */
         forward?: outputs.alb.ListenerDefaultActionForward;
+        /**
+         * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: outputs.alb.ListenerDefaultActionJwtValidation;
         /**
          * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          */
@@ -517,7 +534,7 @@ export namespace alb {
          */
         targetGroupArn?: string;
         /**
-         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          *
          * The following arguments are optional:
          */
@@ -666,6 +683,38 @@ export namespace alb {
         weight?: number;
     }
 
+    export interface ListenerDefaultActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: outputs.alb.ListenerDefaultActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         *
+         * The following arguments are optional:
+         */
+        jwksEndpoint: string;
+    }
+
+    export interface ListenerDefaultActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: string;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: string;
+        /**
+         * List of expected values of the claim.
+         */
+        values: string[];
+    }
+
     export interface ListenerDefaultActionRedirect {
         /**
          * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -734,6 +783,10 @@ export namespace alb {
          * Cannot be specified with `targetGroupArn`.
          */
         forward?: outputs.alb.ListenerRuleActionForward;
+        /**
+         * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: outputs.alb.ListenerRuleActionJwtValidation;
         /**
          * Order for the action.
          * The action with the lowest value for order is performed first.
@@ -753,7 +806,7 @@ export namespace alb {
          */
         targetGroupArn?: string;
         /**
-         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          */
         type: string;
     }
@@ -888,6 +941,36 @@ export namespace alb {
         weight?: number;
     }
 
+    export interface ListenerRuleActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: outputs.alb.ListenerRuleActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         */
+        jwksEndpoint: string;
+    }
+
+    export interface ListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: string;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: string;
+        /**
+         * List of expected values of the claim.
+         */
+        values: string[];
+    }
+
     export interface ListenerRuleActionRedirect {
         /**
          * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -1258,7 +1341,7 @@ export namespace amp {
 
     export interface QueryLoggingConfigurationDestinationCloudwatchLogs {
         /**
-         * The ARN of the CloudWatch log group to which query logs will be sent.
+         * The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
          */
         logGroupArn: string;
     }
@@ -1390,7 +1473,7 @@ export namespace amp {
 
     export interface WorkspaceLoggingConfiguration {
         /**
-         * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+         * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
          */
         logGroupArn: string;
     }
@@ -13853,6 +13936,10 @@ export namespace bedrock {
     }
 
     export interface AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping {
+        /**
+         * Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
+         */
+        customMetadataField?: string;
         /**
          * Name of the field in which Amazon Bedrock stores metadata about the vector store.
          */
@@ -14186,11 +14273,52 @@ export namespace bedrock {
 
     export interface AgentcoreAgentRuntimeAgentRuntimeArtifact {
         /**
-         * Container configuration block. See `containerConfiguration` below.
+         * Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `codeConfiguration` below.
+         */
+        codeConfiguration?: outputs.bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration;
+        /**
+         * Container configuration block for the agent artifact. Exactly one of `codeConfiguration` or `containerConfiguration` must be specified. See `containerConfiguration` below.
          */
         containerConfiguration?: outputs.bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration;
     }
 
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration {
+        /**
+         * Configuration block for the source code location and configuration details. See `code` below.
+         */
+        code?: outputs.bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode;
+        /**
+         * Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+         */
+        entryPoints: string[];
+        /**
+         * Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+         */
+        runtime: string;
+    }
+
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode {
+        /**
+         * Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+         */
+        s3?: outputs.bedrock.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3;
+    }
+
+    export interface AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3 {
+        /**
+         * Name of the Amazon S3 bucket.
+         */
+        bucket: string;
+        /**
+         * Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+         */
+        prefix: string;
+        /**
+         * Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+         */
+        versionId?: string;
+    }
+
     export interface AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration {
         /**
          * URI of the container image in Amazon ECR.
@@ -15690,11 +15818,35 @@ export namespace bedrock {
 
     export interface GuardrailContentPolicyConfigFiltersConfig {
         /**
-         * Strength for filters.
+         * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+         */
+        inputAction?: string;
+        /**
+         * Toggles guardrail evaluation on input.
+         */
+        inputEnabled?: boolean;
+        /**
+         * List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+         */
+        inputModalities?: string[];
+        /**
+         * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
          */
         inputStrength: string;
         /**
-         * Strength for filters.
+         * Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+         */
+        outputAction?: string;
+        /**
+         * Toggles guardrail evaluation on output.
+         */
+        outputEnabled?: boolean;
+        /**
+         * List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
+         */
+        outputModalities?: string[];
+        /**
+         * Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
          */
         outputStrength: string;
         /**
@@ -16096,6 +16248,66 @@ export namespace billing {
         ownerAccountId: string;
     }
 
+    export interface ViewDataFilterExpression {
+        /**
+         * Dimension to use for `expression`. Refer to #dimensions for more details.
+         */
+        dimensions?: outputs.billing.ViewDataFilterExpressionDimensions;
+        /**
+         * List of key value map specifying tags associated to the billing view being created.
+         */
+        tags?: outputs.billing.ViewDataFilterExpressionTag[];
+        /**
+         * Time range to use for `expression`. Refer to #time-range for more details.
+         */
+        timeRange?: outputs.billing.ViewDataFilterExpressionTimeRange;
+    }
+
+    export interface ViewDataFilterExpressionDimensions {
+        /**
+         * Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+         */
+        key: string;
+        /**
+         * List of metadata values that you can use to filter and group your results.
+         */
+        values: string[];
+    }
+
+    export interface ViewDataFilterExpressionTag {
+        /**
+         * Key of the tag.
+         */
+        key: string;
+        /**
+         * List of values for the tag.
+         */
+        values: string[];
+    }
+
+    export interface ViewDataFilterExpressionTimeRange {
+        /**
+         * Inclusive end date of the time range.
+         */
+        beginDateInclusive: string;
+        endDateInclusive: string;
+    }
+
+    export interface ViewTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        update?: string;
+    }
+
 }
 
 export namespace budgets {
@@ -21974,7 +22186,7 @@ export namespace codestarconnections {
 export namespace codestarnotifications {
     export interface NotificationRuleTarget {
         /**
-         * The ARN of notification rule target. For example, a SNS Topic ARN.
+         * The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
          */
         address: string;
         /**
@@ -21982,7 +22194,7 @@ export namespace codestarnotifications {
          */
         status: string;
         /**
-         * The type of the notification target. Default value is `SNS`.
+         * The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
          */
         type?: string;
     }
@@ -30526,6 +30738,13 @@ export namespace dynamodb {
         writeUnitsPerSecond: number;
     }
 
+    export interface TableGlobalTableWitness {
+        /**
+         * Name of the AWS Region that serves as a witness for the MRSC global table.
+         */
+        regionName: string;
+    }
+
     export interface TableImportTable {
         /**
          * Type of compression to be used on the input coming from the imported table.
@@ -43364,7 +43583,7 @@ export namespace fis {
 
     export interface ExperimentTemplateActionTarget {
         /**
-         * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+         * Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
          */
         key: string;
         /**
@@ -43452,7 +43671,7 @@ export namespace fis {
 
     export interface ExperimentTemplateLogConfigurationCloudwatchLogsConfiguration {
         /**
-         * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+         * The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
          */
         logGroupArn: string;
     }
@@ -55821,6 +56040,7 @@ export namespace lb {
         authenticateOidcs: outputs.lb.GetListenerDefaultActionAuthenticateOidc[];
         fixedResponses: outputs.lb.GetListenerDefaultActionFixedResponse[];
         forwards: outputs.lb.GetListenerDefaultActionForward[];
+        jwtValidations: outputs.lb.GetListenerDefaultActionJwtValidation[];
         order: number;
         redirects: outputs.lb.GetListenerDefaultActionRedirect[];
         targetGroupArn: string;
@@ -55876,6 +56096,18 @@ export namespace lb {
         weight: number;
     }
 
+    export interface GetListenerDefaultActionJwtValidation {
+        additionalClaims: outputs.lb.GetListenerDefaultActionJwtValidationAdditionalClaim[];
+        issuer: string;
+        jwksEndpoint: string;
+    }
+
+    export interface GetListenerDefaultActionJwtValidationAdditionalClaim {
+        format: string;
+        name: string;
+        values: string[];
+    }
+
     export interface GetListenerDefaultActionRedirect {
         host: string;
         path: string;
@@ -55916,6 +56148,11 @@ export namespace lb {
          * Detailed below.
          */
         forwards?: outputs.lb.GetListenerRuleActionForward[];
+        /**
+         * An action to validate using JWT.
+         * Detailed below.
+         */
+        jwtValidations?: outputs.lb.GetListenerRuleActionJwtValidation[];
         /**
          * The evaluation order of the action.
          */
@@ -55982,7 +56219,7 @@ export namespace lb {
          */
         clientId: string;
         /**
-         * OIDC issuer identifier of the IdP.
+         * Issuer of the JWT.
          */
         issuer: string;
         /**
@@ -56062,6 +56299,36 @@ export namespace lb {
         weight: number;
     }
 
+    export interface GetListenerRuleActionJwtValidation {
+        /**
+         * Additional claims to validate.
+         */
+        additionalClaims?: outputs.lb.GetListenerRuleActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint.
+         */
+        jwksEndpoint: string;
+    }
+
+    export interface GetListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value.
+         */
+        format: string;
+        /**
+         * Name of the claim to validate.
+         */
+        name: string;
+        /**
+         * Set of `key`-`value` pairs indicating the query string parameters to match.
+         */
+        values: string[];
+    }
+
     export interface GetListenerRuleActionRedirect {
         /**
          * The hostname.
@@ -56300,6 +56567,10 @@ export namespace lb {
          * Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
          */
         forward?: outputs.lb.ListenerDefaultActionForward;
+        /**
+         * Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: outputs.lb.ListenerDefaultActionJwtValidation;
         /**
          * Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
          */
@@ -56313,7 +56584,7 @@ export namespace lb {
          */
         targetGroupArn?: string;
         /**
-         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          *
          * The following arguments are optional:
          */
@@ -56462,6 +56733,38 @@ export namespace lb {
         weight?: number;
     }
 
+    export interface ListenerDefaultActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: outputs.lb.ListenerDefaultActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         *
+         * The following arguments are optional:
+         */
+        jwksEndpoint: string;
+    }
+
+    export interface ListenerDefaultActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: string;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: string;
+        /**
+         * List of expected values of the claim.
+         */
+        values: string[];
+    }
+
     export interface ListenerDefaultActionRedirect {
         /**
          * Hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -56530,6 +56833,10 @@ export namespace lb {
          * Cannot be specified with `targetGroupArn`.
          */
         forward?: outputs.lb.ListenerRuleActionForward;
+        /**
+         * Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+         */
+        jwtValidation?: outputs.lb.ListenerRuleActionJwtValidation;
         /**
          * Order for the action.
          * The action with the lowest value for order is performed first.
@@ -56549,7 +56856,7 @@ export namespace lb {
          */
         targetGroupArn?: string;
         /**
-         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+         * The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
          */
         type: string;
     }
@@ -56684,6 +56991,36 @@ export namespace lb {
         weight?: number;
     }
 
+    export interface ListenerRuleActionJwtValidation {
+        /**
+         * Repeatable configuration block for additional claims to validate.
+         */
+        additionalClaims?: outputs.lb.ListenerRuleActionJwtValidationAdditionalClaim[];
+        /**
+         * Issuer of the JWT.
+         */
+        issuer: string;
+        /**
+         * JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+         */
+        jwksEndpoint: string;
+    }
+
+    export interface ListenerRuleActionJwtValidationAdditionalClaim {
+        /**
+         * Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+         */
+        format: string;
+        /**
+         * Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+         */
+        name: string;
+        /**
+         * List of expected values of the claim.
+         */
+        values: string[];
+    }
+
     export interface ListenerRuleActionRedirect {
         /**
          * The hostname. This component is not percent-encoded. The hostname can contain `#{host}`. Defaults to `#{host}`.
@@ -76957,6 +77294,9 @@ export namespace odb {
          * The ID of the Exadata infrastructure that hosts the database server.
          */
         exadataInfrastructureId: string;
+        /**
+         * The unique identifier of the database server.
+         */
         id: string;
         /**
          * The total number of CPU cores available on the database server.
@@ -86083,6 +86423,10 @@ export namespace s3 {
          * Single object for setting server-side encryption by default. See below.
          */
         applyServerSideEncryptionByDefault?: outputs.s3.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault;
+        /**
+         * List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+         */
+        blockedEncryptionTypes?: string[];
         /**
          * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
          */
@@ -86105,6 +86449,10 @@ export namespace s3 {
          * Single object for setting server-side encryption by default. See below.
          */
         applyServerSideEncryptionByDefault?: outputs.s3.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault;
+        /**
+         * List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+         */
+        blockedEncryptionTypes?: string[];
         /**
          * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
          */
@@ -89571,16 +89919,19 @@ export namespace sagemaker {
 
     export interface ModelContainer {
         /**
-         * The DNS host name for the container.
+         * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source.
+         */
+        additionalModelDataSources: outputs.sagemaker.ModelContainerAdditionalModelDataSource[];
+        /**
+         * DNS host name for the container.
          */
         containerHostname?: string;
         /**
          * Environment variables for the Docker container.
-         * A list of key value pairs.
          */
         environment?: {[key: string]: string};
         /**
-         * The registry path where the inference code image is stored in Amazon ECR.
+         * Registry path where the inference code image is stored in Amazon ECR.
          */
         image?: string;
         /**
@@ -89588,23 +89939,24 @@ export namespace sagemaker {
          */
         imageConfig?: outputs.sagemaker.ModelContainerImageConfig;
         /**
-         * The inference specification name in the model package version.
+         * Inference specification name in the model package version.
          */
         inferenceSpecificationName?: string;
         /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+         * Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
          */
         mode?: string;
         /**
-         * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+         * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
          */
         modelDataSource: outputs.sagemaker.ModelContainerModelDataSource;
         /**
-         * The URL for the S3 location where model artifacts are stored.
+         * URL for the S3 location where model artifacts are stored.
          */
         modelDataUrl?: string;
         /**
-         * The Amazon Resource Name (ARN) of the model package to use to create the model.
+         * Amazon Resource Name (ARN) of the model package to use to create the model.
+         * A list of key value pairs.
          */
         modelPackageName?: string;
         /**
@@ -89613,6 +89965,43 @@ export namespace sagemaker {
         multiModelConfig?: outputs.sagemaker.ModelContainerMultiModelConfig;
     }
 
+    export interface ModelContainerAdditionalModelDataSource {
+        /**
+         * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+         */
+        channelName: string;
+        /**
+         * S3 location of model data to deploy. See S3 Data Source.
+         */
+        s3DataSources: outputs.sagemaker.ModelContainerAdditionalModelDataSourceS3DataSource[];
+    }
+
+    export interface ModelContainerAdditionalModelDataSourceS3DataSource {
+        /**
+         * How the model data is prepared. Allowed values are: `None` and `Gzip`.
+         */
+        compressionType: string;
+        /**
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
+         */
+        modelAccessConfig?: outputs.sagemaker.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig;
+        /**
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         */
+        s3DataType: string;
+        /**
+         * The S3 path of model data to deploy.
+         */
+        s3Uri: string;
+    }
+
+    export interface ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig {
+        /**
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         */
+        acceptEula: boolean;
+    }
+
     export interface ModelContainerImageConfig {
         /**
          * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.
@@ -89626,14 +90015,14 @@ export namespace sagemaker {
 
     export interface ModelContainerImageConfigRepositoryAuthConfig {
         /**
-         * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+         * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
          */
         repositoryCredentialsProviderArn: string;
     }
 
     export interface ModelContainerModelDataSource {
         /**
-         * The S3 location of model data to deploy.
+         * S3 location of model data to deploy. See S3 Data Source.
          */
         s3DataSources: outputs.sagemaker.ModelContainerModelDataSourceS3DataSource[];
     }
@@ -89644,11 +90033,11 @@ export namespace sagemaker {
          */
         compressionType: string;
         /**
-         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config.
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
          */
         modelAccessConfig?: outputs.sagemaker.ModelContainerModelDataSourceS3DataSourceModelAccessConfig;
         /**
-         * The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
          */
         s3DataType: string;
         /**
@@ -89659,7 +90048,7 @@ export namespace sagemaker {
 
     export interface ModelContainerModelDataSourceS3DataSourceModelAccessConfig {
         /**
-         * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
          */
         acceptEula: boolean;
     }
@@ -89673,23 +90062,26 @@ export namespace sagemaker {
 
     export interface ModelInferenceExecutionConfig {
         /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+         * How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
          */
         mode: string;
     }
 
     export interface ModelPrimaryContainer {
         /**
-         * The DNS host name for the container.
+         * Additional data sources that are available to the model in addition to those specified in `modelDataSource`. See Additional Model Data Source.
+         */
+        additionalModelDataSources: outputs.sagemaker.ModelPrimaryContainerAdditionalModelDataSource[];
+        /**
+         * DNS host name for the container.
          */
         containerHostname?: string;
         /**
          * Environment variables for the Docker container.
-         * A list of key value pairs.
          */
         environment?: {[key: string]: string};
         /**
-         * The registry path where the inference code image is stored in Amazon ECR.
+         * Registry path where the inference code image is stored in Amazon ECR.
          */
         image?: string;
         /**
@@ -89697,23 +90089,21 @@ export namespace sagemaker {
          */
         imageConfig?: outputs.sagemaker.ModelPrimaryContainerImageConfig;
         /**
-         * The inference specification name in the model package version.
+         * Inference specification name in the model package version.
          */
         inferenceSpecificationName?: string;
-        /**
-         * The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-         */
         mode?: string;
         /**
-         * The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+         * Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
          */
         modelDataSource: outputs.sagemaker.ModelPrimaryContainerModelDataSource;
         /**
-         * The URL for the S3 location where model artifacts are stored.
+         * URL for the S3 location where model artifacts are stored.
          */
         modelDataUrl?: string;
         /**
-         * The Amazon Resource Name (ARN) of the model package to use to create the model.
+         * Amazon Resource Name (ARN) of the model package to use to create the model.
+         * A list of key value pairs.
          */
         modelPackageName?: string;
         /**
@@ -89722,6 +90112,43 @@ export namespace sagemaker {
         multiModelConfig?: outputs.sagemaker.ModelPrimaryContainerMultiModelConfig;
     }
 
+    export interface ModelPrimaryContainerAdditionalModelDataSource {
+        /**
+         * Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+         */
+        channelName: string;
+        /**
+         * S3 location of model data to deploy. See S3 Data Source.
+         */
+        s3DataSources: outputs.sagemaker.ModelPrimaryContainerAdditionalModelDataSourceS3DataSource[];
+    }
+
+    export interface ModelPrimaryContainerAdditionalModelDataSourceS3DataSource {
+        /**
+         * How the model data is prepared. Allowed values are: `None` and `Gzip`.
+         */
+        compressionType: string;
+        /**
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
+         */
+        modelAccessConfig?: outputs.sagemaker.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig;
+        /**
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         */
+        s3DataType: string;
+        /**
+         * The S3 path of model data to deploy.
+         */
+        s3Uri: string;
+    }
+
+    export interface ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig {
+        /**
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         */
+        acceptEula: boolean;
+    }
+
     export interface ModelPrimaryContainerImageConfig {
         /**
          * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). Allowed values are: `Platform` and `Vpc`.
@@ -89735,14 +90162,14 @@ export namespace sagemaker {
 
     export interface ModelPrimaryContainerImageConfigRepositoryAuthConfig {
         /**
-         * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+         * Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
          */
         repositoryCredentialsProviderArn: string;
     }
 
     export interface ModelPrimaryContainerModelDataSource {
         /**
-         * The S3 location of model data to deploy.
+         * S3 location of model data to deploy. See S3 Data Source.
          */
         s3DataSources: outputs.sagemaker.ModelPrimaryContainerModelDataSourceS3DataSource[];
     }
@@ -89753,11 +90180,11 @@ export namespace sagemaker {
          */
         compressionType: string;
         /**
-         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. see Model Access Config.
+         * Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`modelAccessConfig` configuration block]. See Model Access Config.
          */
         modelAccessConfig?: outputs.sagemaker.ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig;
         /**
-         * The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+         * Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
          */
         s3DataType: string;
         /**
@@ -89768,7 +90195,7 @@ export namespace sagemaker {
 
     export interface ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig {
         /**
-         * Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+         * Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
          */
         acceptEula: boolean;
     }
@@ -89781,7 +90208,13 @@ export namespace sagemaker {
     }
 
     export interface ModelVpcConfig {
+        /**
+         * List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+         */
         securityGroupIds: string[];
+        /**
+         * List of subnet IDs in the VPC to which you want to connect your training job or model.
+         */
         subnets: string[];
     }
 
diff --git a/sdk/nodejs/vpclattice/domainVerification.ts b/sdk/nodejs/vpclattice/domainVerification.ts
new file mode 100644
index 00000000000..e4634b1320b
--- /dev/null
+++ b/sdk/nodejs/vpclattice/domainVerification.ts
@@ -0,0 +1,235 @@
+// *** WARNING: this file was generated by pulumi-language-nodejs. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import * as utilities from "../utilities";
+
+/**
+ * Resource for managing an AWS VPC Lattice Domain Verification.
+ *
+ * Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources.
+ *
+ * ## Example Usage
+ *
+ * ### Basic Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.vpclattice.DomainVerification("example", {domainName: "example.com"});
+ * // Create DNS TXT record for domain verification
+ * const exampleRecord = new aws.route53.Record("example", {
+ *     zoneId: exampleAwsRoute53Zone.zoneId,
+ *     name: example.txtRecordName,
+ *     type: aws.route53.RecordType.TXT,
+ *     ttl: 300,
+ *     records: [example.txtRecordValue],
+ * });
+ * ```
+ *
+ * ### With Tags
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.vpclattice.DomainVerification("example", {
+ *     domainName: "example.com",
+ *     tags: {
+ *         Environment: "production",
+ *         Purpose: "domain-verification",
+ *     },
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example:
+ *
+ * ```sh
+ * $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f
+ * ```
+ */
+export class DomainVerification extends pulumi.CustomResource {
+    /**
+     * Get an existing DomainVerification resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    public static get(name: string, id: pulumi.Input, state?: DomainVerificationState, opts?: pulumi.CustomResourceOptions): DomainVerification {
+        return new DomainVerification(name, state, { ...opts, id: id });
+    }
+
+    /** @internal */
+    public static readonly __pulumiType = 'aws:vpclattice/domainVerification:DomainVerification';
+
+    /**
+     * Returns true if the given object is an instance of DomainVerification.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    public static isInstance(obj: any): obj is DomainVerification {
+        if (obj === undefined || obj === null) {
+            return false;
+        }
+        return obj['__pulumiType'] === DomainVerification.__pulumiType;
+    }
+
+    /**
+     * The Amazon Resource Name (ARN) of the domain verification.
+     */
+    declare public /*out*/ readonly arn: pulumi.Output;
+    /**
+     * The date and time that the domain verification was created, in ISO-8601 format.
+     */
+    declare public /*out*/ readonly createdAt: pulumi.Output;
+    /**
+     * The domain name to verify ownership for.
+     *
+     * The following arguments are optional:
+     */
+    declare public readonly domainName: pulumi.Output;
+    /**
+     * The date and time that the domain was last successfully verified, in ISO-8601 format.
+     */
+    declare public /*out*/ readonly lastVerifiedTime: pulumi.Output;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    declare public readonly region: pulumi.Output;
+    /**
+     * The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+     */
+    declare public /*out*/ readonly status: pulumi.Output;
+    /**
+     * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+     */
+    declare public readonly tags: pulumi.Output<{[key: string]: string} | undefined>;
+    /**
+     * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+     */
+    declare public /*out*/ readonly tagsAll: pulumi.Output<{[key: string]: string}>;
+    /**
+     * The name of the TXT record that must be created for domain verification.
+     */
+    declare public /*out*/ readonly txtRecordName: pulumi.Output;
+    /**
+     * The value that must be added to the TXT record for domain verification.
+     */
+    declare public /*out*/ readonly txtRecordValue: pulumi.Output;
+
+    /**
+     * Create a DomainVerification resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: DomainVerificationArgs, opts?: pulumi.CustomResourceOptions)
+    constructor(name: string, argsOrState?: DomainVerificationArgs | DomainVerificationState, opts?: pulumi.CustomResourceOptions) {
+        let resourceInputs: pulumi.Inputs = {};
+        opts = opts || {};
+        if (opts.id) {
+            const state = argsOrState as DomainVerificationState | undefined;
+            resourceInputs["arn"] = state?.arn;
+            resourceInputs["createdAt"] = state?.createdAt;
+            resourceInputs["domainName"] = state?.domainName;
+            resourceInputs["lastVerifiedTime"] = state?.lastVerifiedTime;
+            resourceInputs["region"] = state?.region;
+            resourceInputs["status"] = state?.status;
+            resourceInputs["tags"] = state?.tags;
+            resourceInputs["tagsAll"] = state?.tagsAll;
+            resourceInputs["txtRecordName"] = state?.txtRecordName;
+            resourceInputs["txtRecordValue"] = state?.txtRecordValue;
+        } else {
+            const args = argsOrState as DomainVerificationArgs | undefined;
+            if (args?.domainName === undefined && !opts.urn) {
+                throw new Error("Missing required property 'domainName'");
+            }
+            resourceInputs["domainName"] = args?.domainName;
+            resourceInputs["region"] = args?.region;
+            resourceInputs["tags"] = args?.tags;
+            resourceInputs["arn"] = undefined /*out*/;
+            resourceInputs["createdAt"] = undefined /*out*/;
+            resourceInputs["lastVerifiedTime"] = undefined /*out*/;
+            resourceInputs["status"] = undefined /*out*/;
+            resourceInputs["tagsAll"] = undefined /*out*/;
+            resourceInputs["txtRecordName"] = undefined /*out*/;
+            resourceInputs["txtRecordValue"] = undefined /*out*/;
+        }
+        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
+        super(DomainVerification.__pulumiType, name, resourceInputs, opts);
+    }
+}
+
+/**
+ * Input properties used for looking up and filtering DomainVerification resources.
+ */
+export interface DomainVerificationState {
+    /**
+     * The Amazon Resource Name (ARN) of the domain verification.
+     */
+    arn?: pulumi.Input;
+    /**
+     * The date and time that the domain verification was created, in ISO-8601 format.
+     */
+    createdAt?: pulumi.Input;
+    /**
+     * The domain name to verify ownership for.
+     *
+     * The following arguments are optional:
+     */
+    domainName?: pulumi.Input;
+    /**
+     * The date and time that the domain was last successfully verified, in ISO-8601 format.
+     */
+    lastVerifiedTime?: pulumi.Input;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    region?: pulumi.Input;
+    /**
+     * The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+     */
+    status?: pulumi.Input;
+    /**
+     * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+     */
+    tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
+    /**
+     * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
+     */
+    tagsAll?: pulumi.Input<{[key: string]: pulumi.Input}>;
+    /**
+     * The name of the TXT record that must be created for domain verification.
+     */
+    txtRecordName?: pulumi.Input;
+    /**
+     * The value that must be added to the TXT record for domain verification.
+     */
+    txtRecordValue?: pulumi.Input;
+}
+
+/**
+ * The set of arguments for constructing a DomainVerification resource.
+ */
+export interface DomainVerificationArgs {
+    /**
+     * The domain name to verify ownership for.
+     *
+     * The following arguments are optional:
+     */
+    domainName: pulumi.Input;
+    /**
+     * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+     */
+    region?: pulumi.Input;
+    /**
+     * Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+     */
+    tags?: pulumi.Input<{[key: string]: pulumi.Input}>;
+}
diff --git a/sdk/nodejs/vpclattice/index.ts b/sdk/nodejs/vpclattice/index.ts
index a4db7833577..d7efc2e9f58 100644
--- a/sdk/nodejs/vpclattice/index.ts
+++ b/sdk/nodejs/vpclattice/index.ts
@@ -15,6 +15,11 @@ export type AuthPolicy = import("./authPolicy").AuthPolicy;
 export const AuthPolicy: typeof import("./authPolicy").AuthPolicy = null as any;
 utilities.lazyLoad(exports, ["AuthPolicy"], () => require("./authPolicy"));
 
+export { DomainVerificationArgs, DomainVerificationState } from "./domainVerification";
+export type DomainVerification = import("./domainVerification").DomainVerification;
+export const DomainVerification: typeof import("./domainVerification").DomainVerification = null as any;
+utilities.lazyLoad(exports, ["DomainVerification"], () => require("./domainVerification"));
+
 export { GetAuthPolicyArgs, GetAuthPolicyResult, GetAuthPolicyOutputArgs } from "./getAuthPolicy";
 export const getAuthPolicy: typeof import("./getAuthPolicy").getAuthPolicy = null as any;
 export const getAuthPolicyOutput: typeof import("./getAuthPolicy").getAuthPolicyOutput = null as any;
@@ -109,6 +114,8 @@ const _module = {
                 return new AccessLogSubscription(name, undefined, { urn })
             case "aws:vpclattice/authPolicy:AuthPolicy":
                 return new AuthPolicy(name, undefined, { urn })
+            case "aws:vpclattice/domainVerification:DomainVerification":
+                return new DomainVerification(name, undefined, { urn })
             case "aws:vpclattice/listener:Listener":
                 return new Listener(name, undefined, { urn })
             case "aws:vpclattice/listenerRule:ListenerRule":
@@ -140,6 +147,7 @@ const _module = {
 };
 pulumi.runtime.registerResourceModule("aws", "vpclattice/accessLogSubscription", _module)
 pulumi.runtime.registerResourceModule("aws", "vpclattice/authPolicy", _module)
+pulumi.runtime.registerResourceModule("aws", "vpclattice/domainVerification", _module)
 pulumi.runtime.registerResourceModule("aws", "vpclattice/listener", _module)
 pulumi.runtime.registerResourceModule("aws", "vpclattice/listenerRule", _module)
 pulumi.runtime.registerResourceModule("aws", "vpclattice/resourceConfiguration", _module)
diff --git a/sdk/nodejs/vpclattice/resourceConfiguration.ts b/sdk/nodejs/vpclattice/resourceConfiguration.ts
index 3cdeb87bc8c..597a8f93e96 100644
--- a/sdk/nodejs/vpclattice/resourceConfiguration.ts
+++ b/sdk/nodejs/vpclattice/resourceConfiguration.ts
@@ -57,6 +57,32 @@ import * as utilities from "../utilities";
  * });
  * ```
  *
+ * ### With custom domain
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as aws from "@pulumi/aws";
+ *
+ * const example = new aws.vpclattice.DomainVerification("example", {domainName: "example.com"});
+ * const exampleResourceConfiguration = new aws.vpclattice.ResourceConfiguration("example", {
+ *     name: "Example",
+ *     resourceGatewayIdentifier: exampleAwsVpclatticeResourceGateway.id,
+ *     customDomainName: "custom.example.com",
+ *     domainVerificationId: example.id,
+ *     portRanges: ["443"],
+ *     protocol: "TCP",
+ *     resourceConfigurationDefinition: {
+ *         dnsResource: {
+ *             domainName: "test.example.com",
+ *             ipAddressType: "IPV4",
+ *         },
+ *     },
+ *     tags: {
+ *         Environment: "Example",
+ *     },
+ * });
+ * ```
+ *
  * ### ARN Example
  *
  * ```typescript
@@ -119,6 +145,22 @@ export class ResourceConfiguration extends pulumi.CustomResource {
      * ARN of the resource gateway.
      */
     declare public /*out*/ readonly arn: pulumi.Output;
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     */
+    declare public readonly customDomainName: pulumi.Output;
+    /**
+     * ARN of the domain verification.
+     */
+    declare public /*out*/ readonly domainVerificationArn: pulumi.Output;
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     */
+    declare public readonly domainVerificationId: pulumi.Output;
+    /**
+     * Domain verification status.
+     */
+    declare public /*out*/ readonly domainVerificationStatus: pulumi.Output;
     /**
      * Name for the Resource Configuration.
      */
@@ -178,6 +220,10 @@ export class ResourceConfiguration extends pulumi.CustomResource {
             const state = argsOrState as ResourceConfigurationState | undefined;
             resourceInputs["allowAssociationToShareableServiceNetwork"] = state?.allowAssociationToShareableServiceNetwork;
             resourceInputs["arn"] = state?.arn;
+            resourceInputs["customDomainName"] = state?.customDomainName;
+            resourceInputs["domainVerificationArn"] = state?.domainVerificationArn;
+            resourceInputs["domainVerificationId"] = state?.domainVerificationId;
+            resourceInputs["domainVerificationStatus"] = state?.domainVerificationStatus;
             resourceInputs["name"] = state?.name;
             resourceInputs["portRanges"] = state?.portRanges;
             resourceInputs["protocol"] = state?.protocol;
@@ -192,6 +238,8 @@ export class ResourceConfiguration extends pulumi.CustomResource {
         } else {
             const args = argsOrState as ResourceConfigurationArgs | undefined;
             resourceInputs["allowAssociationToShareableServiceNetwork"] = args?.allowAssociationToShareableServiceNetwork;
+            resourceInputs["customDomainName"] = args?.customDomainName;
+            resourceInputs["domainVerificationId"] = args?.domainVerificationId;
             resourceInputs["name"] = args?.name;
             resourceInputs["portRanges"] = args?.portRanges;
             resourceInputs["protocol"] = args?.protocol;
@@ -203,6 +251,8 @@ export class ResourceConfiguration extends pulumi.CustomResource {
             resourceInputs["timeouts"] = args?.timeouts;
             resourceInputs["type"] = args?.type;
             resourceInputs["arn"] = undefined /*out*/;
+            resourceInputs["domainVerificationArn"] = undefined /*out*/;
+            resourceInputs["domainVerificationStatus"] = undefined /*out*/;
             resourceInputs["tagsAll"] = undefined /*out*/;
         }
         opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
@@ -222,6 +272,22 @@ export interface ResourceConfigurationState {
      * ARN of the resource gateway.
      */
     arn?: pulumi.Input;
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     */
+    customDomainName?: pulumi.Input;
+    /**
+     * ARN of the domain verification.
+     */
+    domainVerificationArn?: pulumi.Input;
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     */
+    domainVerificationId?: pulumi.Input;
+    /**
+     * Domain verification status.
+     */
+    domainVerificationStatus?: pulumi.Input;
     /**
      * Name for the Resource Configuration.
      */
@@ -275,6 +341,14 @@ export interface ResourceConfigurationArgs {
      * Allow or Deny the association of this resource to a shareable service network.
      */
     allowAssociationToShareableServiceNetwork?: pulumi.Input;
+    /**
+     * Custom domain name for your resource configuration. Additionally, provide a `domainVerificationId` to prove your ownership of a domain.
+     */
+    customDomainName?: pulumi.Input;
+    /**
+     * The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+     */
+    domainVerificationId?: pulumi.Input;
     /**
      * Name for the Resource Configuration.
      */
diff --git a/sdk/python/pulumi_aws/__init__.py b/sdk/python/pulumi_aws/__init__.py
index ba30d89e5a3..bbd838e2f19 100644
--- a/sdk/python/pulumi_aws/__init__.py
+++ b/sdk/python/pulumi_aws/__init__.py
@@ -2247,6 +2247,14 @@
    "aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration": "InvocationLoggingConfiguration"
   }
  },
+ {
+  "pkg": "aws",
+  "mod": "billing/view",
+  "fqn": "pulumi_aws.billing",
+  "classes": {
+   "aws:billing/view:View": "View"
+  }
+ },
  {
   "pkg": "aws",
   "mod": "budgets/budget",
@@ -12767,6 +12775,14 @@
    "aws:vpclattice/authPolicy:AuthPolicy": "AuthPolicy"
   }
  },
+ {
+  "pkg": "aws",
+  "mod": "vpclattice/domainVerification",
+  "fqn": "pulumi_aws.vpclattice",
+  "classes": {
+   "aws:vpclattice/domainVerification:DomainVerification": "DomainVerification"
+  }
+ },
  {
   "pkg": "aws",
   "mod": "vpclattice/listener",
diff --git a/sdk/python/pulumi_aws/alb/_inputs.py b/sdk/python/pulumi_aws/alb/_inputs.py
index d989d70000e..0ab1af1421e 100644
--- a/sdk/python/pulumi_aws/alb/_inputs.py
+++ b/sdk/python/pulumi_aws/alb/_inputs.py
@@ -30,6 +30,10 @@
     'ListenerDefaultActionForwardStickinessArgsDict',
     'ListenerDefaultActionForwardTargetGroupArgs',
     'ListenerDefaultActionForwardTargetGroupArgsDict',
+    'ListenerDefaultActionJwtValidationArgs',
+    'ListenerDefaultActionJwtValidationArgsDict',
+    'ListenerDefaultActionJwtValidationAdditionalClaimArgs',
+    'ListenerDefaultActionJwtValidationAdditionalClaimArgsDict',
     'ListenerDefaultActionRedirectArgs',
     'ListenerDefaultActionRedirectArgsDict',
     'ListenerMutualAuthenticationArgs',
@@ -48,6 +52,10 @@
     'ListenerRuleActionForwardStickinessArgsDict',
     'ListenerRuleActionForwardTargetGroupArgs',
     'ListenerRuleActionForwardTargetGroupArgsDict',
+    'ListenerRuleActionJwtValidationArgs',
+    'ListenerRuleActionJwtValidationArgsDict',
+    'ListenerRuleActionJwtValidationAdditionalClaimArgs',
+    'ListenerRuleActionJwtValidationAdditionalClaimArgsDict',
     'ListenerRuleActionRedirectArgs',
     'ListenerRuleActionRedirectArgsDict',
     'ListenerRuleConditionArgs',
@@ -106,7 +114,7 @@
     class ListenerDefaultActionArgsDict(TypedDict):
         type: pulumi.Input[_builtins.str]
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -126,6 +134,10 @@ class ListenerDefaultActionArgsDict(TypedDict):
         """
         Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
         """
+        jwt_validation: NotRequired[pulumi.Input['ListenerDefaultActionJwtValidationArgsDict']]
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
         order: NotRequired[pulumi.Input[_builtins.int]]
         """
         Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
@@ -149,17 +161,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional[pulumi.Input['ListenerDefaultActionAuthenticateOidcArgs']] = None,
                  fixed_response: Optional[pulumi.Input['ListenerDefaultActionFixedResponseArgs']] = None,
                  forward: Optional[pulumi.Input['ListenerDefaultActionForwardArgs']] = None,
+                 jwt_validation: Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']] = None,
                  order: Optional[pulumi.Input[_builtins.int]] = None,
                  redirect: Optional[pulumi.Input['ListenerDefaultActionRedirectArgs']] = None,
                  target_group_arn: Optional[pulumi.Input[_builtins.str]] = None):
         """
-        :param pulumi.Input[_builtins.str] type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param pulumi.Input[_builtins.str] type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
                
                The following arguments are optional:
         :param pulumi.Input['ListenerDefaultActionAuthenticateCognitoArgs'] authenticate_cognito: Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. See below.
         :param pulumi.Input['ListenerDefaultActionAuthenticateOidcArgs'] authenticate_oidc: Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. See below.
         :param pulumi.Input['ListenerDefaultActionFixedResponseArgs'] fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param pulumi.Input['ListenerDefaultActionForwardArgs'] forward: Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
+        :param pulumi.Input['ListenerDefaultActionJwtValidationArgs'] jwt_validation: Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param pulumi.Input[_builtins.int] order: Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
         :param pulumi.Input['ListenerDefaultActionRedirectArgs'] redirect: Configuration block for creating a redirect action. Required if `type` is `redirect`. See below.
         :param pulumi.Input[_builtins.str] target_group_arn: ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match.
@@ -173,6 +187,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -184,7 +200,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> pulumi.Input[_builtins.str]:
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -242,6 +258,18 @@ def forward(self) -> Optional[pulumi.Input['ListenerDefaultActionForwardArgs']]:
     def forward(self, value: Optional[pulumi.Input['ListenerDefaultActionForwardArgs']]):
         pulumi.set(self, "forward", value)
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']]:
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
+    @jwt_validation.setter
+    def jwt_validation(self, value: Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']]):
+        pulumi.set(self, "jwt_validation", value)
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -934,6 +962,151 @@ def weight(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "weight", value)
 
 
+if not MYPY:
+    class ListenerDefaultActionJwtValidationArgsDict(TypedDict):
+        issuer: pulumi.Input[_builtins.str]
+        """
+        Issuer of the JWT.
+        """
+        jwks_endpoint: pulumi.Input[_builtins.str]
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        additional_claims: NotRequired[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgsDict']]]]
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+elif False:
+    ListenerDefaultActionJwtValidationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerDefaultActionJwtValidationArgs:
+    def __init__(__self__, *,
+                 issuer: pulumi.Input[_builtins.str],
+                 jwks_endpoint: pulumi.Input[_builtins.str],
+                 additional_claims: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]] = None):
+        """
+        :param pulumi.Input[_builtins.str] issuer: Issuer of the JWT.
+        :param pulumi.Input[_builtins.str] jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> pulumi.Input[_builtins.str]:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @issuer.setter
+    def issuer(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "issuer", value)
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> pulumi.Input[_builtins.str]:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @jwks_endpoint.setter
+    def jwks_endpoint(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "jwks_endpoint", value)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+    @additional_claims.setter
+    def additional_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]]):
+        pulumi.set(self, "additional_claims", value)
+
+
+if not MYPY:
+    class ListenerDefaultActionJwtValidationAdditionalClaimArgsDict(TypedDict):
+        format: pulumi.Input[_builtins.str]
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        name: pulumi.Input[_builtins.str]
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of expected values of the claim.
+        """
+elif False:
+    ListenerDefaultActionJwtValidationAdditionalClaimArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerDefaultActionJwtValidationAdditionalClaimArgs:
+    def __init__(__self__, *,
+                 format: pulumi.Input[_builtins.str],
+                 name: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param pulumi.Input[_builtins.str] name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> pulumi.Input[_builtins.str]:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @format.setter
+    def format(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "format", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
 if not MYPY:
     class ListenerDefaultActionRedirectArgsDict(TypedDict):
         status_code: pulumi.Input[_builtins.str]
@@ -1169,7 +1342,7 @@ def trust_store_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
     class ListenerRuleActionArgsDict(TypedDict):
         type: pulumi.Input[_builtins.str]
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         authenticate_cognito: NotRequired[pulumi.Input['ListenerRuleActionAuthenticateCognitoArgsDict']]
         """
@@ -1189,6 +1362,10 @@ class ListenerRuleActionArgsDict(TypedDict):
         Specify only if `type` is `forward`.
         Cannot be specified with `target_group_arn`.
         """
+        jwt_validation: NotRequired[pulumi.Input['ListenerRuleActionJwtValidationArgsDict']]
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
         order: NotRequired[pulumi.Input[_builtins.int]]
         """
         Order for the action.
@@ -1218,17 +1395,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional[pulumi.Input['ListenerRuleActionAuthenticateOidcArgs']] = None,
                  fixed_response: Optional[pulumi.Input['ListenerRuleActionFixedResponseArgs']] = None,
                  forward: Optional[pulumi.Input['ListenerRuleActionForwardArgs']] = None,
+                 jwt_validation: Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']] = None,
                  order: Optional[pulumi.Input[_builtins.int]] = None,
                  redirect: Optional[pulumi.Input['ListenerRuleActionRedirectArgs']] = None,
                  target_group_arn: Optional[pulumi.Input[_builtins.str]] = None):
         """
-        :param pulumi.Input[_builtins.str] type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param pulumi.Input[_builtins.str] type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         :param pulumi.Input['ListenerRuleActionAuthenticateCognitoArgs'] authenticate_cognito: Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.
         :param pulumi.Input['ListenerRuleActionAuthenticateOidcArgs'] authenticate_oidc: Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.
         :param pulumi.Input['ListenerRuleActionFixedResponseArgs'] fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param pulumi.Input['ListenerRuleActionForwardArgs'] forward: Configuration block for creating an action that distributes requests among one or more target groups.
                Specify only if `type` is `forward`.
                Cannot be specified with `target_group_arn`.
+        :param pulumi.Input['ListenerRuleActionJwtValidationArgs'] jwt_validation: Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param pulumi.Input[_builtins.int] order: Order for the action.
                The action with the lowest value for order is performed first.
                Valid values are between `1` and `50000`.
@@ -1248,6 +1427,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -1259,7 +1440,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> pulumi.Input[_builtins.str]:
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         return pulumi.get(self, "type")
 
@@ -1317,6 +1498,18 @@ def forward(self) -> Optional[pulumi.Input['ListenerRuleActionForwardArgs']]:
     def forward(self, value: Optional[pulumi.Input['ListenerRuleActionForwardArgs']]):
         pulumi.set(self, "forward", value)
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']]:
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
+    @jwt_validation.setter
+    def jwt_validation(self, value: Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']]):
+        pulumi.set(self, "jwt_validation", value)
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -1979,6 +2172,145 @@ def weight(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "weight", value)
 
 
+if not MYPY:
+    class ListenerRuleActionJwtValidationArgsDict(TypedDict):
+        issuer: pulumi.Input[_builtins.str]
+        """
+        Issuer of the JWT.
+        """
+        jwks_endpoint: pulumi.Input[_builtins.str]
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        additional_claims: NotRequired[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgsDict']]]]
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+elif False:
+    ListenerRuleActionJwtValidationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerRuleActionJwtValidationArgs:
+    def __init__(__self__, *,
+                 issuer: pulumi.Input[_builtins.str],
+                 jwks_endpoint: pulumi.Input[_builtins.str],
+                 additional_claims: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]] = None):
+        """
+        :param pulumi.Input[_builtins.str] issuer: Issuer of the JWT.
+        :param pulumi.Input[_builtins.str] jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        :param pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> pulumi.Input[_builtins.str]:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @issuer.setter
+    def issuer(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "issuer", value)
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> pulumi.Input[_builtins.str]:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @jwks_endpoint.setter
+    def jwks_endpoint(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "jwks_endpoint", value)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+    @additional_claims.setter
+    def additional_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]]):
+        pulumi.set(self, "additional_claims", value)
+
+
+if not MYPY:
+    class ListenerRuleActionJwtValidationAdditionalClaimArgsDict(TypedDict):
+        format: pulumi.Input[_builtins.str]
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        name: pulumi.Input[_builtins.str]
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of expected values of the claim.
+        """
+elif False:
+    ListenerRuleActionJwtValidationAdditionalClaimArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerRuleActionJwtValidationAdditionalClaimArgs:
+    def __init__(__self__, *,
+                 format: pulumi.Input[_builtins.str],
+                 name: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param pulumi.Input[_builtins.str] name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> pulumi.Input[_builtins.str]:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @format.setter
+    def format(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "format", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
 if not MYPY:
     class ListenerRuleActionRedirectArgsDict(TypedDict):
         status_code: pulumi.Input[_builtins.str]
diff --git a/sdk/python/pulumi_aws/alb/listener.py b/sdk/python/pulumi_aws/alb/listener.py
index 326e062ec44..a7e1865b1f4 100644
--- a/sdk/python/pulumi_aws/alb/listener.py
+++ b/sdk/python/pulumi_aws/alb/listener.py
@@ -1259,6 +1259,48 @@ def __init__(__self__,
             ])
         ```
 
+        ### JWT Validation Action
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        test = aws.lb.Listener("test",
+            load_balancer_arn=test_aws_lb["id"],
+            protocol="HTTPS",
+            port=443,
+            ssl_policy="ELBSecurityPolicy-2016-08",
+            certificate_arn=test_aws_iam_server_certificate["arn"],
+            default_actions=[
+                {
+                    "type": "jwt-validation",
+                    "jwt_validation": {
+                        "issuer": "https://example.com",
+                        "jwks_endpoint": "https://example.com/.well-known/jwks.json",
+                        "additional_claims": [
+                            {
+                                "format": "string-array",
+                                "name": "claim_name1",
+                                "values": [
+                                    "value1",
+                                    "value2",
+                                ],
+                            },
+                            {
+                                "format": "single-string",
+                                "name": "claim_name2",
+                                "values": ["value1"],
+                            },
+                        ],
+                    },
+                },
+                {
+                    "target_group_arn": test_aws_lb_target_group["id"],
+                    "type": "forward",
+                },
+            ])
+        ```
+
         ### Gateway Load Balancer Listener
 
         ```python
@@ -1547,6 +1589,48 @@ def __init__(__self__,
             ])
         ```
 
+        ### JWT Validation Action
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        test = aws.lb.Listener("test",
+            load_balancer_arn=test_aws_lb["id"],
+            protocol="HTTPS",
+            port=443,
+            ssl_policy="ELBSecurityPolicy-2016-08",
+            certificate_arn=test_aws_iam_server_certificate["arn"],
+            default_actions=[
+                {
+                    "type": "jwt-validation",
+                    "jwt_validation": {
+                        "issuer": "https://example.com",
+                        "jwks_endpoint": "https://example.com/.well-known/jwks.json",
+                        "additional_claims": [
+                            {
+                                "format": "string-array",
+                                "name": "claim_name1",
+                                "values": [
+                                    "value1",
+                                    "value2",
+                                ],
+                            },
+                            {
+                                "format": "single-string",
+                                "name": "claim_name2",
+                                "values": ["value1"],
+                            },
+                        ],
+                    },
+                },
+                {
+                    "target_group_arn": test_aws_lb_target_group["id"],
+                    "type": "forward",
+                },
+            ])
+        ```
+
         ### Gateway Load Balancer Listener
 
         ```python
diff --git a/sdk/python/pulumi_aws/alb/listener_rule.py b/sdk/python/pulumi_aws/alb/listener_rule.py
index f267787afd8..418c6a9becd 100644
--- a/sdk/python/pulumi_aws/alb/listener_rule.py
+++ b/sdk/python/pulumi_aws/alb/listener_rule.py
@@ -306,201 +306,6 @@ def __init__(__self__,
 
         > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical.
 
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_aws as aws
-
-        front_end = aws.lb.LoadBalancer("front_end")
-        front_end_listener = aws.lb.Listener("front_end")
-        static = aws.lb.ListenerRule("static",
-            listener_arn=front_end_listener.arn,
-            priority=100,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[
-                {
-                    "path_pattern": {
-                        "values": ["/static/*"],
-                    },
-                },
-                {
-                    "host_header": {
-                        "values": ["example.com"],
-                    },
-                },
-            ])
-        # Forward action
-        host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Weighted Forward action
-        host_based_routing = aws.lb.ListenerRule("host_based_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "forward": {
-                    "target_groups": [
-                        {
-                            "arn": main["arn"],
-                            "weight": 80,
-                        },
-                        {
-                            "arn": canary["arn"],
-                            "weight": 20,
-                        },
-                    ],
-                    "stickiness": {
-                        "enabled": True,
-                        "duration": 600,
-                    },
-                },
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Redirect action
-        redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "redirect",
-                "redirect": {
-                    "port": "443",
-                    "protocol": "HTTPS",
-                    "status_code": "HTTP_301",
-                },
-            }],
-            conditions=[{
-                "http_header": {
-                    "http_header_name": "X-Forwarded-For",
-                    "values": ["192.168.1.*"],
-                },
-            }])
-        # Fixed-response action
-        health_check = aws.lb.ListenerRule("health_check",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "fixed-response",
-                "fixed_response": {
-                    "content_type": "text/plain",
-                    "message_body": "HEALTHY",
-                    "status_code": "200",
-                },
-            }],
-            conditions=[{
-                "query_strings": [
-                    {
-                        "key": "health",
-                        "value": "check",
-                    },
-                    {
-                        "value": "bar",
-                    },
-                ],
-            }])
-        # Authenticate-cognito Action
-        pool = aws.cognito.UserPool("pool")
-        client = aws.cognito.UserPoolClient("client")
-        domain = aws.cognito.UserPoolDomain("domain")
-        admin = aws.lb.ListenerRule("admin",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-cognito",
-                    "authenticate_cognito": {
-                        "user_pool_arn": pool.arn,
-                        "user_pool_client_id": client.id,
-                        "user_pool_domain": domain.domain,
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # Authenticate-oidc Action
-        oidc = aws.lb.ListenerRule("oidc",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-oidc",
-                    "authenticate_oidc": {
-                        "authorization_endpoint": "https://example.com/authorization_endpoint",
-                        "client_id": "client_id",
-                        "client_secret": "client_secret",
-                        "issuer": "https://example.com",
-                        "token_endpoint": "https://example.com/token_endpoint",
-                        "user_info_endpoint": "https://example.com/user_info_endpoint",
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # With transform
-        transform = aws.lb.ListenerRule("transform",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "path_pattern": {
-                    "values": ["*"],
-                },
-            }],
-            transforms=[
-                {
-                    "type": "host-header-rewrite",
-                    "host_header_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^mywebsite-(.+).com$",
-                            "replace": "internal.dev.$1.myweb.com",
-                        },
-                    },
-                },
-                {
-                    "type": "url-rewrite",
-                    "url_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^/dp/([A-Za-z0-9]+)/?$",
-                            "replace": "/product.php?id=$1",
-                        },
-                    },
-                },
-            ])
-        ```
-
-        ## Import
-
-        ### Identity Schema
-
-        #### Required
-
-        - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
-
-        Using `pulumi import`, import rules using their ARN. For example:
-
-        console
-
-        % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
-
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ListenerRuleActionArgs', 'ListenerRuleActionArgsDict']]]] actions: An Action block. Action blocks are documented below.
@@ -522,201 +327,6 @@ def __init__(__self__,
 
         > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical.
 
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_aws as aws
-
-        front_end = aws.lb.LoadBalancer("front_end")
-        front_end_listener = aws.lb.Listener("front_end")
-        static = aws.lb.ListenerRule("static",
-            listener_arn=front_end_listener.arn,
-            priority=100,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[
-                {
-                    "path_pattern": {
-                        "values": ["/static/*"],
-                    },
-                },
-                {
-                    "host_header": {
-                        "values": ["example.com"],
-                    },
-                },
-            ])
-        # Forward action
-        host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Weighted Forward action
-        host_based_routing = aws.lb.ListenerRule("host_based_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "forward": {
-                    "target_groups": [
-                        {
-                            "arn": main["arn"],
-                            "weight": 80,
-                        },
-                        {
-                            "arn": canary["arn"],
-                            "weight": 20,
-                        },
-                    ],
-                    "stickiness": {
-                        "enabled": True,
-                        "duration": 600,
-                    },
-                },
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Redirect action
-        redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "redirect",
-                "redirect": {
-                    "port": "443",
-                    "protocol": "HTTPS",
-                    "status_code": "HTTP_301",
-                },
-            }],
-            conditions=[{
-                "http_header": {
-                    "http_header_name": "X-Forwarded-For",
-                    "values": ["192.168.1.*"],
-                },
-            }])
-        # Fixed-response action
-        health_check = aws.lb.ListenerRule("health_check",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "fixed-response",
-                "fixed_response": {
-                    "content_type": "text/plain",
-                    "message_body": "HEALTHY",
-                    "status_code": "200",
-                },
-            }],
-            conditions=[{
-                "query_strings": [
-                    {
-                        "key": "health",
-                        "value": "check",
-                    },
-                    {
-                        "value": "bar",
-                    },
-                ],
-            }])
-        # Authenticate-cognito Action
-        pool = aws.cognito.UserPool("pool")
-        client = aws.cognito.UserPoolClient("client")
-        domain = aws.cognito.UserPoolDomain("domain")
-        admin = aws.lb.ListenerRule("admin",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-cognito",
-                    "authenticate_cognito": {
-                        "user_pool_arn": pool.arn,
-                        "user_pool_client_id": client.id,
-                        "user_pool_domain": domain.domain,
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # Authenticate-oidc Action
-        oidc = aws.lb.ListenerRule("oidc",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-oidc",
-                    "authenticate_oidc": {
-                        "authorization_endpoint": "https://example.com/authorization_endpoint",
-                        "client_id": "client_id",
-                        "client_secret": "client_secret",
-                        "issuer": "https://example.com",
-                        "token_endpoint": "https://example.com/token_endpoint",
-                        "user_info_endpoint": "https://example.com/user_info_endpoint",
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # With transform
-        transform = aws.lb.ListenerRule("transform",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "path_pattern": {
-                    "values": ["*"],
-                },
-            }],
-            transforms=[
-                {
-                    "type": "host-header-rewrite",
-                    "host_header_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^mywebsite-(.+).com$",
-                            "replace": "internal.dev.$1.myweb.com",
-                        },
-                    },
-                },
-                {
-                    "type": "url-rewrite",
-                    "url_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^/dp/([A-Za-z0-9]+)/?$",
-                            "replace": "/product.php?id=$1",
-                        },
-                    },
-                },
-            ])
-        ```
-
-        ## Import
-
-        ### Identity Schema
-
-        #### Required
-
-        - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
-
-        Using `pulumi import`, import rules using their ARN. For example:
-
-        console
-
-        % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
-
         :param str resource_name: The name of the resource.
         :param ListenerRuleArgs args: The arguments to use to populate this resource's properties.
         :param pulumi.ResourceOptions opts: Options for the resource.
diff --git a/sdk/python/pulumi_aws/alb/outputs.py b/sdk/python/pulumi_aws/alb/outputs.py
index 1462f289067..d96eec44731 100644
--- a/sdk/python/pulumi_aws/alb/outputs.py
+++ b/sdk/python/pulumi_aws/alb/outputs.py
@@ -24,6 +24,8 @@
     'ListenerDefaultActionForward',
     'ListenerDefaultActionForwardStickiness',
     'ListenerDefaultActionForwardTargetGroup',
+    'ListenerDefaultActionJwtValidation',
+    'ListenerDefaultActionJwtValidationAdditionalClaim',
     'ListenerDefaultActionRedirect',
     'ListenerMutualAuthentication',
     'ListenerRuleAction',
@@ -33,6 +35,8 @@
     'ListenerRuleActionForward',
     'ListenerRuleActionForwardStickiness',
     'ListenerRuleActionForwardTargetGroup',
+    'ListenerRuleActionJwtValidation',
+    'ListenerRuleActionJwtValidationAdditionalClaim',
     'ListenerRuleActionRedirect',
     'ListenerRuleCondition',
     'ListenerRuleConditionHostHeader',
@@ -65,6 +69,8 @@
     'GetListenerDefaultActionForwardResult',
     'GetListenerDefaultActionForwardStickinessResult',
     'GetListenerDefaultActionForwardTargetGroupResult',
+    'GetListenerDefaultActionJwtValidationResult',
+    'GetListenerDefaultActionJwtValidationAdditionalClaimResult',
     'GetListenerDefaultActionRedirectResult',
     'GetListenerMutualAuthenticationResult',
     'GetLoadBalancerAccessLogsResult',
@@ -86,6 +92,8 @@ def __key_warning(key: str):
             suggest = "authenticate_oidc"
         elif key == "fixedResponse":
             suggest = "fixed_response"
+        elif key == "jwtValidation":
+            suggest = "jwt_validation"
         elif key == "targetGroupArn":
             suggest = "target_group_arn"
 
@@ -106,17 +114,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional['outputs.ListenerDefaultActionAuthenticateOidc'] = None,
                  fixed_response: Optional['outputs.ListenerDefaultActionFixedResponse'] = None,
                  forward: Optional['outputs.ListenerDefaultActionForward'] = None,
+                 jwt_validation: Optional['outputs.ListenerDefaultActionJwtValidation'] = None,
                  order: Optional[_builtins.int] = None,
                  redirect: Optional['outputs.ListenerDefaultActionRedirect'] = None,
                  target_group_arn: Optional[_builtins.str] = None):
         """
-        :param _builtins.str type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param _builtins.str type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
                
                The following arguments are optional:
         :param 'ListenerDefaultActionAuthenticateCognitoArgs' authenticate_cognito: Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. See below.
         :param 'ListenerDefaultActionAuthenticateOidcArgs' authenticate_oidc: Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. See below.
         :param 'ListenerDefaultActionFixedResponseArgs' fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param 'ListenerDefaultActionForwardArgs' forward: Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
+        :param 'ListenerDefaultActionJwtValidationArgs' jwt_validation: Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param _builtins.int order: Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
         :param 'ListenerDefaultActionRedirectArgs' redirect: Configuration block for creating a redirect action. Required if `type` is `redirect`. See below.
         :param _builtins.str target_group_arn: ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match.
@@ -130,6 +140,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -141,7 +153,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> _builtins.str:
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -179,6 +191,14 @@ def forward(self) -> Optional['outputs.ListenerDefaultActionForward']:
         """
         return pulumi.get(self, "forward")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional['outputs.ListenerDefaultActionJwtValidation']:
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[_builtins.int]:
@@ -693,6 +713,110 @@ def weight(self) -> Optional[_builtins.int]:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class ListenerDefaultActionJwtValidation(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "jwksEndpoint":
+            suggest = "jwks_endpoint"
+        elif key == "additionalClaims":
+            suggest = "additional_claims"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ListenerDefaultActionJwtValidation. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ListenerDefaultActionJwtValidation.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ListenerDefaultActionJwtValidation.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['outputs.ListenerDefaultActionJwtValidationAdditionalClaim']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+               
+               The following arguments are optional:
+        :param Sequence['ListenerDefaultActionJwtValidationAdditionalClaimArgs'] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['outputs.ListenerDefaultActionJwtValidationAdditionalClaim']]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+
+@pulumi.output_type
+class ListenerDefaultActionJwtValidationAdditionalClaim(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param _builtins.str name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param Sequence[_builtins.str] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class ListenerDefaultActionRedirect(dict):
     @staticmethod
@@ -880,6 +1004,8 @@ def __key_warning(key: str):
             suggest = "authenticate_oidc"
         elif key == "fixedResponse":
             suggest = "fixed_response"
+        elif key == "jwtValidation":
+            suggest = "jwt_validation"
         elif key == "targetGroupArn":
             suggest = "target_group_arn"
 
@@ -900,17 +1026,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional['outputs.ListenerRuleActionAuthenticateOidc'] = None,
                  fixed_response: Optional['outputs.ListenerRuleActionFixedResponse'] = None,
                  forward: Optional['outputs.ListenerRuleActionForward'] = None,
+                 jwt_validation: Optional['outputs.ListenerRuleActionJwtValidation'] = None,
                  order: Optional[_builtins.int] = None,
                  redirect: Optional['outputs.ListenerRuleActionRedirect'] = None,
                  target_group_arn: Optional[_builtins.str] = None):
         """
-        :param _builtins.str type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param _builtins.str type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         :param 'ListenerRuleActionAuthenticateCognitoArgs' authenticate_cognito: Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.
         :param 'ListenerRuleActionAuthenticateOidcArgs' authenticate_oidc: Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.
         :param 'ListenerRuleActionFixedResponseArgs' fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param 'ListenerRuleActionForwardArgs' forward: Configuration block for creating an action that distributes requests among one or more target groups.
                Specify only if `type` is `forward`.
                Cannot be specified with `target_group_arn`.
+        :param 'ListenerRuleActionJwtValidationArgs' jwt_validation: Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param _builtins.int order: Order for the action.
                The action with the lowest value for order is performed first.
                Valid values are between `1` and `50000`.
@@ -930,6 +1058,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -941,7 +1071,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> _builtins.str:
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         return pulumi.get(self, "type")
 
@@ -979,6 +1109,14 @@ def forward(self) -> Optional['outputs.ListenerRuleActionForward']:
         """
         return pulumi.get(self, "forward")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional['outputs.ListenerRuleActionJwtValidation']:
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[_builtins.int]:
@@ -1475,6 +1613,106 @@ def weight(self) -> Optional[_builtins.int]:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class ListenerRuleActionJwtValidation(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "jwksEndpoint":
+            suggest = "jwks_endpoint"
+        elif key == "additionalClaims":
+            suggest = "additional_claims"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ListenerRuleActionJwtValidation. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ListenerRuleActionJwtValidation.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ListenerRuleActionJwtValidation.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['outputs.ListenerRuleActionJwtValidationAdditionalClaim']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        :param Sequence['ListenerRuleActionJwtValidationAdditionalClaimArgs'] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['outputs.ListenerRuleActionJwtValidationAdditionalClaim']]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+
+@pulumi.output_type
+class ListenerRuleActionJwtValidationAdditionalClaim(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param _builtins.str name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param Sequence[_builtins.str] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class ListenerRuleActionRedirect(dict):
     @staticmethod
@@ -2778,6 +3016,7 @@ def __init__(__self__, *,
                  authenticate_oidcs: Sequence['outputs.GetListenerDefaultActionAuthenticateOidcResult'],
                  fixed_responses: Sequence['outputs.GetListenerDefaultActionFixedResponseResult'],
                  forwards: Sequence['outputs.GetListenerDefaultActionForwardResult'],
+                 jwt_validations: Sequence['outputs.GetListenerDefaultActionJwtValidationResult'],
                  order: _builtins.int,
                  redirects: Sequence['outputs.GetListenerDefaultActionRedirectResult'],
                  target_group_arn: _builtins.str,
@@ -2786,6 +3025,7 @@ def __init__(__self__, *,
         pulumi.set(__self__, "authenticate_oidcs", authenticate_oidcs)
         pulumi.set(__self__, "fixed_responses", fixed_responses)
         pulumi.set(__self__, "forwards", forwards)
+        pulumi.set(__self__, "jwt_validations", jwt_validations)
         pulumi.set(__self__, "order", order)
         pulumi.set(__self__, "redirects", redirects)
         pulumi.set(__self__, "target_group_arn", target_group_arn)
@@ -2811,6 +3051,11 @@ def fixed_responses(self) -> Sequence['outputs.GetListenerDefaultActionFixedResp
     def forwards(self) -> Sequence['outputs.GetListenerDefaultActionForwardResult']:
         return pulumi.get(self, "forwards")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidations")
+    def jwt_validations(self) -> Sequence['outputs.GetListenerDefaultActionJwtValidationResult']:
+        return pulumi.get(self, "jwt_validations")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> _builtins.int:
@@ -3064,6 +3309,58 @@ def weight(self) -> _builtins.int:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class GetListenerDefaultActionJwtValidationResult(dict):
+    def __init__(__self__, *,
+                 additional_claims: Sequence['outputs.GetListenerDefaultActionJwtValidationAdditionalClaimResult'],
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str):
+        pulumi.set(__self__, "additional_claims", additional_claims)
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Sequence['outputs.GetListenerDefaultActionJwtValidationAdditionalClaimResult']:
+        return pulumi.get(self, "additional_claims")
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        return pulumi.get(self, "jwks_endpoint")
+
+
+@pulumi.output_type
+class GetListenerDefaultActionJwtValidationAdditionalClaimResult(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class GetListenerDefaultActionRedirectResult(dict):
     def __init__(__self__, *,
diff --git a/sdk/python/pulumi_aws/amp/_inputs.py b/sdk/python/pulumi_aws/amp/_inputs.py
index ac39a323503..214357d2033 100644
--- a/sdk/python/pulumi_aws/amp/_inputs.py
+++ b/sdk/python/pulumi_aws/amp/_inputs.py
@@ -105,7 +105,7 @@ def filters(self, value: Optional[pulumi.Input['QueryLoggingConfigurationDestina
     class QueryLoggingConfigurationDestinationCloudwatchLogsArgsDict(TypedDict):
         log_group_arn: pulumi.Input[_builtins.str]
         """
-        The ARN of the CloudWatch log group to which query logs will be sent.
+        The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
         """
 elif False:
     QueryLoggingConfigurationDestinationCloudwatchLogsArgsDict: TypeAlias = Mapping[str, Any]
@@ -115,7 +115,7 @@ class QueryLoggingConfigurationDestinationCloudwatchLogsArgs:
     def __init__(__self__, *,
                  log_group_arn: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] log_group_arn: The ARN of the CloudWatch log group to which query logs will be sent.
+        :param pulumi.Input[_builtins.str] log_group_arn: The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -123,7 +123,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> pulumi.Input[_builtins.str]:
         """
-        The ARN of the CloudWatch log group to which query logs will be sent.
+        The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
@@ -727,7 +727,7 @@ def update(self, value: Optional[pulumi.Input[_builtins.str]]):
     class WorkspaceLoggingConfigurationArgsDict(TypedDict):
         log_group_arn: pulumi.Input[_builtins.str]
         """
-        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
         """
 elif False:
     WorkspaceLoggingConfigurationArgsDict: TypeAlias = Mapping[str, Any]
@@ -737,7 +737,7 @@ class WorkspaceLoggingConfigurationArgs:
     def __init__(__self__, *,
                  log_group_arn: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] log_group_arn: The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+        :param pulumi.Input[_builtins.str] log_group_arn: The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -745,7 +745,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> pulumi.Input[_builtins.str]:
         """
-        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
diff --git a/sdk/python/pulumi_aws/amp/outputs.py b/sdk/python/pulumi_aws/amp/outputs.py
index c274690999d..ca6260db377 100644
--- a/sdk/python/pulumi_aws/amp/outputs.py
+++ b/sdk/python/pulumi_aws/amp/outputs.py
@@ -103,7 +103,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  log_group_arn: _builtins.str):
         """
-        :param _builtins.str log_group_arn: The ARN of the CloudWatch log group to which query logs will be sent.
+        :param _builtins.str log_group_arn: The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -111,7 +111,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> _builtins.str:
         """
-        The ARN of the CloudWatch log group to which query logs will be sent.
+        The ARN of the CloudWatch log group to which query logs will be sent. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
@@ -596,7 +596,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  log_group_arn: _builtins.str):
         """
-        :param _builtins.str log_group_arn: The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+        :param _builtins.str log_group_arn: The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -604,7 +604,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> _builtins.str:
         """
-        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
+        The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
diff --git a/sdk/python/pulumi_aws/backup/logically_air_gapped_vault.py b/sdk/python/pulumi_aws/backup/logically_air_gapped_vault.py
index b9d9bd4293a..a26ee3ba03c 100644
--- a/sdk/python/pulumi_aws/backup/logically_air_gapped_vault.py
+++ b/sdk/python/pulumi_aws/backup/logically_air_gapped_vault.py
@@ -23,6 +23,7 @@ class LogicallyAirGappedVaultArgs:
     def __init__(__self__, *,
                  max_retention_days: pulumi.Input[_builtins.int],
                  min_retention_days: pulumi.Input[_builtins.int],
+                 encryption_key_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
@@ -31,12 +32,15 @@ def __init__(__self__, *,
         The set of arguments for constructing a LogicallyAirGappedVault resource.
         :param pulumi.Input[_builtins.int] max_retention_days: Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.int] min_retention_days: Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points.
+        :param pulumi.Input[_builtins.str] encryption_key_arn: The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
         :param pulumi.Input[_builtins.str] name: Name of the Logically Air Gapped Backup Vault to create.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Metadata that you can assign to help organize the resources that you create. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         """
         pulumi.set(__self__, "max_retention_days", max_retention_days)
         pulumi.set(__self__, "min_retention_days", min_retention_days)
+        if encryption_key_arn is not None:
+            pulumi.set(__self__, "encryption_key_arn", encryption_key_arn)
         if name is not None:
             pulumi.set(__self__, "name", name)
         if region is not None:
@@ -70,6 +74,18 @@ def min_retention_days(self) -> pulumi.Input[_builtins.int]:
     def min_retention_days(self, value: pulumi.Input[_builtins.int]):
         pulumi.set(self, "min_retention_days", value)
 
+    @_builtins.property
+    @pulumi.getter(name="encryptionKeyArn")
+    def encryption_key_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+        """
+        return pulumi.get(self, "encryption_key_arn")
+
+    @encryption_key_arn.setter
+    def encryption_key_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "encryption_key_arn", value)
+
     @_builtins.property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -120,6 +136,7 @@ def timeouts(self, value: Optional[pulumi.Input['LogicallyAirGappedVaultTimeouts
 class _LogicallyAirGappedVaultState:
     def __init__(__self__, *,
                  arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 encryption_key_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  max_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  min_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
@@ -130,6 +147,7 @@ def __init__(__self__, *,
         """
         Input properties used for looking up and filtering LogicallyAirGappedVault resources.
         :param pulumi.Input[_builtins.str] arn: The ARN of the Logically Air Gapped Backup Vault.
+        :param pulumi.Input[_builtins.str] encryption_key_arn: The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
         :param pulumi.Input[_builtins.int] max_retention_days: Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.int] min_retention_days: Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.str] name: Name of the Logically Air Gapped Backup Vault to create.
@@ -139,6 +157,8 @@ def __init__(__self__, *,
         """
         if arn is not None:
             pulumi.set(__self__, "arn", arn)
+        if encryption_key_arn is not None:
+            pulumi.set(__self__, "encryption_key_arn", encryption_key_arn)
         if max_retention_days is not None:
             pulumi.set(__self__, "max_retention_days", max_retention_days)
         if min_retention_days is not None:
@@ -166,6 +186,18 @@ def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
     def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "arn", value)
 
+    @_builtins.property
+    @pulumi.getter(name="encryptionKeyArn")
+    def encryption_key_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+        """
+        return pulumi.get(self, "encryption_key_arn")
+
+    @encryption_key_arn.setter
+    def encryption_key_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "encryption_key_arn", value)
+
     @_builtins.property
     @pulumi.getter(name="maxRetentionDays")
     def max_retention_days(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -254,6 +286,7 @@ class LogicallyAirGappedVault(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
+                 encryption_key_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  max_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  min_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
@@ -288,6 +321,7 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] encryption_key_arn: The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
         :param pulumi.Input[_builtins.int] max_retention_days: Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.int] min_retention_days: Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.str] name: Name of the Logically Air Gapped Backup Vault to create.
@@ -340,6 +374,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
+                 encryption_key_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  max_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  min_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
@@ -355,6 +390,7 @@ def _internal_init(__self__,
                 raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
             __props__ = LogicallyAirGappedVaultArgs.__new__(LogicallyAirGappedVaultArgs)
 
+            __props__.__dict__["encryption_key_arn"] = encryption_key_arn
             if max_retention_days is None and not opts.urn:
                 raise TypeError("Missing required property 'max_retention_days'")
             __props__.__dict__["max_retention_days"] = max_retention_days
@@ -378,6 +414,7 @@ def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             arn: Optional[pulumi.Input[_builtins.str]] = None,
+            encryption_key_arn: Optional[pulumi.Input[_builtins.str]] = None,
             max_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
             min_retention_days: Optional[pulumi.Input[_builtins.int]] = None,
             name: Optional[pulumi.Input[_builtins.str]] = None,
@@ -393,6 +430,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] arn: The ARN of the Logically Air Gapped Backup Vault.
+        :param pulumi.Input[_builtins.str] encryption_key_arn: The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
         :param pulumi.Input[_builtins.int] max_retention_days: Maximum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.int] min_retention_days: Minimum retention period that the Logically Air Gapped Backup Vault retains recovery points.
         :param pulumi.Input[_builtins.str] name: Name of the Logically Air Gapped Backup Vault to create.
@@ -405,6 +443,7 @@ def get(resource_name: str,
         __props__ = _LogicallyAirGappedVaultState.__new__(_LogicallyAirGappedVaultState)
 
         __props__.__dict__["arn"] = arn
+        __props__.__dict__["encryption_key_arn"] = encryption_key_arn
         __props__.__dict__["max_retention_days"] = max_retention_days
         __props__.__dict__["min_retention_days"] = min_retention_days
         __props__.__dict__["name"] = name
@@ -422,6 +461,14 @@ def arn(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "arn")
 
+    @_builtins.property
+    @pulumi.getter(name="encryptionKeyArn")
+    def encryption_key_arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        The AWS KMS key identifier (ARN) used to encrypt the backups in the logically air-gapped vault.
+        """
+        return pulumi.get(self, "encryption_key_arn")
+
     @_builtins.property
     @pulumi.getter(name="maxRetentionDays")
     def max_retention_days(self) -> pulumi.Output[_builtins.int]:
diff --git a/sdk/python/pulumi_aws/bedrock/_inputs.py b/sdk/python/pulumi_aws/bedrock/_inputs.py
index bd8f8f05dca..7cf3913c5ef 100644
--- a/sdk/python/pulumi_aws/bedrock/_inputs.py
+++ b/sdk/python/pulumi_aws/bedrock/_inputs.py
@@ -341,6 +341,12 @@
     'AgentPromptVariantTemplateConfigurationTextInputVariableArgsDict',
     'AgentcoreAgentRuntimeAgentRuntimeArtifactArgs',
     'AgentcoreAgentRuntimeAgentRuntimeArtifactArgsDict',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgsDict',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgsDict',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3ArgsDict',
     'AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs',
     'AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgsDict',
     'AgentcoreAgentRuntimeAuthorizerConfigurationArgs',
@@ -7590,6 +7596,10 @@ class AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgsDict
         """
         Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.
         """
+        custom_metadata_field: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
+        """
 elif False:
     AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMappingArgsDict: TypeAlias = Mapping[str, Any]
 
@@ -7599,17 +7609,21 @@ def __init__(__self__, *,
                  metadata_field: pulumi.Input[_builtins.str],
                  primary_key_field: pulumi.Input[_builtins.str],
                  text_field: pulumi.Input[_builtins.str],
-                 vector_field: pulumi.Input[_builtins.str]):
+                 vector_field: pulumi.Input[_builtins.str],
+                 custom_metadata_field: Optional[pulumi.Input[_builtins.str]] = None):
         """
         :param pulumi.Input[_builtins.str] metadata_field: Name of the field in which Amazon Bedrock stores metadata about the vector store.
         :param pulumi.Input[_builtins.str] primary_key_field: Name of the field in which Amazon Bedrock stores the ID for each entry.
         :param pulumi.Input[_builtins.str] text_field: Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.
         :param pulumi.Input[_builtins.str] vector_field: Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.
+        :param pulumi.Input[_builtins.str] custom_metadata_field: Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
         """
         pulumi.set(__self__, "metadata_field", metadata_field)
         pulumi.set(__self__, "primary_key_field", primary_key_field)
         pulumi.set(__self__, "text_field", text_field)
         pulumi.set(__self__, "vector_field", vector_field)
+        if custom_metadata_field is not None:
+            pulumi.set(__self__, "custom_metadata_field", custom_metadata_field)
 
     @_builtins.property
     @pulumi.getter(name="metadataField")
@@ -7659,6 +7673,18 @@ def vector_field(self) -> pulumi.Input[_builtins.str]:
     def vector_field(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "vector_field", value)
 
+    @_builtins.property
+    @pulumi.getter(name="customMetadataField")
+    def custom_metadata_field(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
+        """
+        return pulumi.get(self, "custom_metadata_field")
+
+    @custom_metadata_field.setter
+    def custom_metadata_field(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "custom_metadata_field", value)
+
 
 if not MYPY:
     class AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfigurationArgsDict(TypedDict):
@@ -9158,9 +9184,13 @@ def name(self, value: pulumi.Input[_builtins.str]):
 
 if not MYPY:
     class AgentcoreAgentRuntimeAgentRuntimeArtifactArgsDict(TypedDict):
+        code_configuration: NotRequired[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgsDict']]
+        """
+        Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `code_configuration` or `container_configuration` must be specified. See `code_configuration` below.
+        """
         container_configuration: NotRequired[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgsDict']]
         """
-        Container configuration block. See `container_configuration` below.
+        Container configuration block for the agent artifact. Exactly one of `code_configuration` or `container_configuration` must be specified. See `container_configuration` below.
         """
 elif False:
     AgentcoreAgentRuntimeAgentRuntimeArtifactArgsDict: TypeAlias = Mapping[str, Any]
@@ -9168,18 +9198,34 @@ class AgentcoreAgentRuntimeAgentRuntimeArtifactArgsDict(TypedDict):
 @pulumi.input_type
 class AgentcoreAgentRuntimeAgentRuntimeArtifactArgs:
     def __init__(__self__, *,
+                 code_configuration: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs']] = None,
                  container_configuration: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs']] = None):
         """
-        :param pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs'] container_configuration: Container configuration block. See `container_configuration` below.
+        :param pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs'] code_configuration: Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `code_configuration` or `container_configuration` must be specified. See `code_configuration` below.
+        :param pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs'] container_configuration: Container configuration block for the agent artifact. Exactly one of `code_configuration` or `container_configuration` must be specified. See `container_configuration` below.
         """
+        if code_configuration is not None:
+            pulumi.set(__self__, "code_configuration", code_configuration)
         if container_configuration is not None:
             pulumi.set(__self__, "container_configuration", container_configuration)
 
+    @_builtins.property
+    @pulumi.getter(name="codeConfiguration")
+    def code_configuration(self) -> Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs']]:
+        """
+        Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `code_configuration` or `container_configuration` must be specified. See `code_configuration` below.
+        """
+        return pulumi.get(self, "code_configuration")
+
+    @code_configuration.setter
+    def code_configuration(self, value: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs']]):
+        pulumi.set(self, "code_configuration", value)
+
     @_builtins.property
     @pulumi.getter(name="containerConfiguration")
     def container_configuration(self) -> Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs']]:
         """
-        Container configuration block. See `container_configuration` below.
+        Container configuration block for the agent artifact. Exactly one of `code_configuration` or `container_configuration` must be specified. See `container_configuration` below.
         """
         return pulumi.get(self, "container_configuration")
 
@@ -9188,6 +9234,178 @@ def container_configuration(self, value: Optional[pulumi.Input['AgentcoreAgentRu
         pulumi.set(self, "container_configuration", value)
 
 
+if not MYPY:
+    class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgsDict(TypedDict):
+        entry_points: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+        """
+        runtime: pulumi.Input[_builtins.str]
+        """
+        Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+        """
+        code: NotRequired[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgsDict']]
+        """
+        Configuration block for the source code location and configuration details. See `code` below.
+        """
+elif False:
+    AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs:
+    def __init__(__self__, *,
+                 entry_points: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
+                 runtime: pulumi.Input[_builtins.str],
+                 code: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs']] = None):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] entry_points: Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+        :param pulumi.Input[_builtins.str] runtime: Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+        :param pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs'] code: Configuration block for the source code location and configuration details. See `code` below.
+        """
+        pulumi.set(__self__, "entry_points", entry_points)
+        pulumi.set(__self__, "runtime", runtime)
+        if code is not None:
+            pulumi.set(__self__, "code", code)
+
+    @_builtins.property
+    @pulumi.getter(name="entryPoints")
+    def entry_points(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+        """
+        return pulumi.get(self, "entry_points")
+
+    @entry_points.setter
+    def entry_points(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "entry_points", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def runtime(self) -> pulumi.Input[_builtins.str]:
+        """
+        Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+        """
+        return pulumi.get(self, "runtime")
+
+    @runtime.setter
+    def runtime(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "runtime", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def code(self) -> Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs']]:
+        """
+        Configuration block for the source code location and configuration details. See `code` below.
+        """
+        return pulumi.get(self, "code")
+
+    @code.setter
+    def code(self, value: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs']]):
+        pulumi.set(self, "code", value)
+
+
+if not MYPY:
+    class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgsDict(TypedDict):
+        s3: NotRequired[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3ArgsDict']]
+        """
+        Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+        """
+elif False:
+    AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs:
+    def __init__(__self__, *,
+                 s3: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args']] = None):
+        """
+        :param pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args'] s3: Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+        """
+        if s3 is not None:
+            pulumi.set(__self__, "s3", s3)
+
+    @_builtins.property
+    @pulumi.getter
+    def s3(self) -> Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args']]:
+        """
+        Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+        """
+        return pulumi.get(self, "s3")
+
+    @s3.setter
+    def s3(self, value: Optional[pulumi.Input['AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args']]):
+        pulumi.set(self, "s3", value)
+
+
+if not MYPY:
+    class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3ArgsDict(TypedDict):
+        bucket: pulumi.Input[_builtins.str]
+        """
+        Name of the Amazon S3 bucket.
+        """
+        prefix: pulumi.Input[_builtins.str]
+        """
+        Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+        """
+        version_id: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+        """
+elif False:
+    AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3ArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args:
+    def __init__(__self__, *,
+                 bucket: pulumi.Input[_builtins.str],
+                 prefix: pulumi.Input[_builtins.str],
+                 version_id: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        :param pulumi.Input[_builtins.str] bucket: Name of the Amazon S3 bucket.
+        :param pulumi.Input[_builtins.str] prefix: Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+        :param pulumi.Input[_builtins.str] version_id: Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+        """
+        pulumi.set(__self__, "bucket", bucket)
+        pulumi.set(__self__, "prefix", prefix)
+        if version_id is not None:
+            pulumi.set(__self__, "version_id", version_id)
+
+    @_builtins.property
+    @pulumi.getter
+    def bucket(self) -> pulumi.Input[_builtins.str]:
+        """
+        Name of the Amazon S3 bucket.
+        """
+        return pulumi.get(self, "bucket")
+
+    @bucket.setter
+    def bucket(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "bucket", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def prefix(self) -> pulumi.Input[_builtins.str]:
+        """
+        Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+        """
+        return pulumi.get(self, "prefix")
+
+    @prefix.setter
+    def prefix(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "prefix", value)
+
+    @_builtins.property
+    @pulumi.getter(name="versionId")
+    def version_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+        """
+        return pulumi.get(self, "version_id")
+
+    @version_id.setter
+    def version_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "version_id", value)
+
+
 if not MYPY:
     class AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgsDict(TypedDict):
         container_uri: pulumi.Input[_builtins.str]
@@ -15717,16 +15935,40 @@ def tier_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Guard
     class GuardrailContentPolicyConfigFiltersConfigArgsDict(TypedDict):
         input_strength: pulumi.Input[_builtins.str]
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         output_strength: pulumi.Input[_builtins.str]
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         type: pulumi.Input[_builtins.str]
         """
         Type of contextual grounding filter.
         """
+        input_action: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        input_enabled: NotRequired[pulumi.Input[_builtins.bool]]
+        """
+        Toggles guardrail evaluation on input.
+        """
+        input_modalities: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+        """
+        output_action: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        output_enabled: NotRequired[pulumi.Input[_builtins.bool]]
+        """
+        Toggles guardrail evaluation on output.
+        """
+        output_modalities: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
+        """
 elif False:
     GuardrailContentPolicyConfigFiltersConfigArgsDict: TypeAlias = Mapping[str, Any]
 
@@ -15735,21 +15977,45 @@ class GuardrailContentPolicyConfigFiltersConfigArgs:
     def __init__(__self__, *,
                  input_strength: pulumi.Input[_builtins.str],
                  output_strength: pulumi.Input[_builtins.str],
-                 type: pulumi.Input[_builtins.str]):
+                 type: pulumi.Input[_builtins.str],
+                 input_action: Optional[pulumi.Input[_builtins.str]] = None,
+                 input_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 input_modalities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 output_action: Optional[pulumi.Input[_builtins.str]] = None,
+                 output_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 output_modalities: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None):
         """
-        :param pulumi.Input[_builtins.str] input_strength: Strength for filters.
-        :param pulumi.Input[_builtins.str] output_strength: Strength for filters.
+        :param pulumi.Input[_builtins.str] input_strength: Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
+        :param pulumi.Input[_builtins.str] output_strength: Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         :param pulumi.Input[_builtins.str] type: Type of contextual grounding filter.
+        :param pulumi.Input[_builtins.str] input_action: Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        :param pulumi.Input[_builtins.bool] input_enabled: Toggles guardrail evaluation on input.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] input_modalities: List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+        :param pulumi.Input[_builtins.str] output_action: Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        :param pulumi.Input[_builtins.bool] output_enabled: Toggles guardrail evaluation on output.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] output_modalities: List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
         """
         pulumi.set(__self__, "input_strength", input_strength)
         pulumi.set(__self__, "output_strength", output_strength)
         pulumi.set(__self__, "type", type)
+        if input_action is not None:
+            pulumi.set(__self__, "input_action", input_action)
+        if input_enabled is not None:
+            pulumi.set(__self__, "input_enabled", input_enabled)
+        if input_modalities is not None:
+            pulumi.set(__self__, "input_modalities", input_modalities)
+        if output_action is not None:
+            pulumi.set(__self__, "output_action", output_action)
+        if output_enabled is not None:
+            pulumi.set(__self__, "output_enabled", output_enabled)
+        if output_modalities is not None:
+            pulumi.set(__self__, "output_modalities", output_modalities)
 
     @_builtins.property
     @pulumi.getter(name="inputStrength")
     def input_strength(self) -> pulumi.Input[_builtins.str]:
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         return pulumi.get(self, "input_strength")
 
@@ -15761,7 +16027,7 @@ def input_strength(self, value: pulumi.Input[_builtins.str]):
     @pulumi.getter(name="outputStrength")
     def output_strength(self) -> pulumi.Input[_builtins.str]:
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         return pulumi.get(self, "output_strength")
 
@@ -15781,6 +16047,78 @@ def type(self) -> pulumi.Input[_builtins.str]:
     def type(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "type", value)
 
+    @_builtins.property
+    @pulumi.getter(name="inputAction")
+    def input_action(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        return pulumi.get(self, "input_action")
+
+    @input_action.setter
+    def input_action(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "input_action", value)
+
+    @_builtins.property
+    @pulumi.getter(name="inputEnabled")
+    def input_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Toggles guardrail evaluation on input.
+        """
+        return pulumi.get(self, "input_enabled")
+
+    @input_enabled.setter
+    def input_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "input_enabled", value)
+
+    @_builtins.property
+    @pulumi.getter(name="inputModalities")
+    def input_modalities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+        """
+        return pulumi.get(self, "input_modalities")
+
+    @input_modalities.setter
+    def input_modalities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "input_modalities", value)
+
+    @_builtins.property
+    @pulumi.getter(name="outputAction")
+    def output_action(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        return pulumi.get(self, "output_action")
+
+    @output_action.setter
+    def output_action(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "output_action", value)
+
+    @_builtins.property
+    @pulumi.getter(name="outputEnabled")
+    def output_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
+        """
+        Toggles guardrail evaluation on output.
+        """
+        return pulumi.get(self, "output_enabled")
+
+    @output_enabled.setter
+    def output_enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
+        pulumi.set(self, "output_enabled", value)
+
+    @_builtins.property
+    @pulumi.getter(name="outputModalities")
+    def output_modalities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
+        """
+        return pulumi.get(self, "output_modalities")
+
+    @output_modalities.setter
+    def output_modalities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "output_modalities", value)
+
 
 if not MYPY:
     class GuardrailContentPolicyConfigTierConfigArgsDict(TypedDict):
diff --git a/sdk/python/pulumi_aws/bedrock/agentcore_agent_runtime.py b/sdk/python/pulumi_aws/bedrock/agentcore_agent_runtime.py
index ca25d88ba12..ce4abcd11fd 100644
--- a/sdk/python/pulumi_aws/bedrock/agentcore_agent_runtime.py
+++ b/sdk/python/pulumi_aws/bedrock/agentcore_agent_runtime.py
@@ -641,6 +641,32 @@ def __init__(__self__,
             })
         ```
 
+        ### Agent runtime artifact from S3 with Code Configuration
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.bedrock.AgentcoreAgentRuntime("example",
+            agent_runtime_name="example_agent_runtime",
+            role_arn=example_aws_iam_role["arn"],
+            agent_runtime_artifact={
+                "code_configuration": {
+                    "entry_points": ["main.py"],
+                    "runtime": "PYTHON_3_13",
+                    "code": {
+                        "s3": {
+                            "bucket": "example-bucket",
+                            "prefix": "example-agent-runtime-code.zip",
+                        },
+                    },
+                },
+            },
+            network_configuration={
+                "network_mode": "PUBLIC",
+            })
+        ```
+
         ## Import
 
         Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example:
@@ -765,6 +791,32 @@ def __init__(__self__,
             })
         ```
 
+        ### Agent runtime artifact from S3 with Code Configuration
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.bedrock.AgentcoreAgentRuntime("example",
+            agent_runtime_name="example_agent_runtime",
+            role_arn=example_aws_iam_role["arn"],
+            agent_runtime_artifact={
+                "code_configuration": {
+                    "entry_points": ["main.py"],
+                    "runtime": "PYTHON_3_13",
+                    "code": {
+                        "s3": {
+                            "bucket": "example-bucket",
+                            "prefix": "example-agent-runtime-code.zip",
+                        },
+                    },
+                },
+            },
+            network_configuration={
+                "network_mode": "PUBLIC",
+            })
+        ```
+
         ## Import
 
         Using `pulumi import`, import Bedrock AgentCore Agent Runtime using `agent_runtime_id`. For example:
diff --git a/sdk/python/pulumi_aws/bedrock/outputs.py b/sdk/python/pulumi_aws/bedrock/outputs.py
index 45778b162d1..36602bead78 100644
--- a/sdk/python/pulumi_aws/bedrock/outputs.py
+++ b/sdk/python/pulumi_aws/bedrock/outputs.py
@@ -179,6 +179,9 @@
     'AgentPromptVariantTemplateConfigurationTextCachePoint',
     'AgentPromptVariantTemplateConfigurationTextInputVariable',
     'AgentcoreAgentRuntimeAgentRuntimeArtifact',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode',
+    'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3',
     'AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration',
     'AgentcoreAgentRuntimeAuthorizerConfiguration',
     'AgentcoreAgentRuntimeAuthorizerConfigurationCustomJwtAuthorizer',
@@ -6051,6 +6054,8 @@ def __key_warning(key: str):
             suggest = "text_field"
         elif key == "vectorField":
             suggest = "vector_field"
+        elif key == "customMetadataField":
+            suggest = "custom_metadata_field"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in AgentKnowledgeBaseStorageConfigurationRdsConfigurationFieldMapping. Access the value via the '{suggest}' property getter instead.")
@@ -6067,17 +6072,21 @@ def __init__(__self__, *,
                  metadata_field: _builtins.str,
                  primary_key_field: _builtins.str,
                  text_field: _builtins.str,
-                 vector_field: _builtins.str):
+                 vector_field: _builtins.str,
+                 custom_metadata_field: Optional[_builtins.str] = None):
         """
         :param _builtins.str metadata_field: Name of the field in which Amazon Bedrock stores metadata about the vector store.
         :param _builtins.str primary_key_field: Name of the field in which Amazon Bedrock stores the ID for each entry.
         :param _builtins.str text_field: Name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.
         :param _builtins.str vector_field: Name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.
+        :param _builtins.str custom_metadata_field: Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
         """
         pulumi.set(__self__, "metadata_field", metadata_field)
         pulumi.set(__self__, "primary_key_field", primary_key_field)
         pulumi.set(__self__, "text_field", text_field)
         pulumi.set(__self__, "vector_field", vector_field)
+        if custom_metadata_field is not None:
+            pulumi.set(__self__, "custom_metadata_field", custom_metadata_field)
 
     @_builtins.property
     @pulumi.getter(name="metadataField")
@@ -6111,6 +6120,14 @@ def vector_field(self) -> _builtins.str:
         """
         return pulumi.get(self, "vector_field")
 
+    @_builtins.property
+    @pulumi.getter(name="customMetadataField")
+    def custom_metadata_field(self) -> Optional[_builtins.str]:
+        """
+        Name for the universal metadata field where Amazon Bedrock will store any custom metadata from your data source.
+        """
+        return pulumi.get(self, "custom_metadata_field")
+
 
 @pulumi.output_type
 class AgentKnowledgeBaseStorageConfigurationRedisEnterpriseCloudConfiguration(dict):
@@ -7232,7 +7249,9 @@ class AgentcoreAgentRuntimeAgentRuntimeArtifact(dict):
     @staticmethod
     def __key_warning(key: str):
         suggest = None
-        if key == "containerConfiguration":
+        if key == "codeConfiguration":
+            suggest = "code_configuration"
+        elif key == "containerConfiguration":
             suggest = "container_configuration"
 
         if suggest:
@@ -7247,22 +7266,169 @@ def get(self, key: str, default = None) -> Any:
         return super().get(key, default)
 
     def __init__(__self__, *,
+                 code_configuration: Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration'] = None,
                  container_configuration: Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration'] = None):
         """
-        :param 'AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs' container_configuration: Container configuration block. See `container_configuration` below.
+        :param 'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationArgs' code_configuration: Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `code_configuration` or `container_configuration` must be specified. See `code_configuration` below.
+        :param 'AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfigurationArgs' container_configuration: Container configuration block for the agent artifact. Exactly one of `code_configuration` or `container_configuration` must be specified. See `container_configuration` below.
         """
+        if code_configuration is not None:
+            pulumi.set(__self__, "code_configuration", code_configuration)
         if container_configuration is not None:
             pulumi.set(__self__, "container_configuration", container_configuration)
 
+    @_builtins.property
+    @pulumi.getter(name="codeConfiguration")
+    def code_configuration(self) -> Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration']:
+        """
+        Code configuration block for the agent runtime artifact, including the source code location and execution settings. Exactly one of `code_configuration` or `container_configuration` must be specified. See `code_configuration` below.
+        """
+        return pulumi.get(self, "code_configuration")
+
     @_builtins.property
     @pulumi.getter(name="containerConfiguration")
     def container_configuration(self) -> Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration']:
         """
-        Container configuration block. See `container_configuration` below.
+        Container configuration block for the agent artifact. Exactly one of `code_configuration` or `container_configuration` must be specified. See `container_configuration` below.
         """
         return pulumi.get(self, "container_configuration")
 
 
+@pulumi.output_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "entryPoints":
+            suggest = "entry_points"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfiguration.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 entry_points: Sequence[_builtins.str],
+                 runtime: _builtins.str,
+                 code: Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode'] = None):
+        """
+        :param Sequence[_builtins.str] entry_points: Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+        :param _builtins.str runtime: Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+        :param 'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeArgs' code: Configuration block for the source code location and configuration details. See `code` below.
+        """
+        pulumi.set(__self__, "entry_points", entry_points)
+        pulumi.set(__self__, "runtime", runtime)
+        if code is not None:
+            pulumi.set(__self__, "code", code)
+
+    @_builtins.property
+    @pulumi.getter(name="entryPoints")
+    def entry_points(self) -> Sequence[_builtins.str]:
+        """
+        Array specifying the entry point for code execution, indicating the function or method to invoke when the code runs. The array must contain 1 or 2 elements. Examples: `["main.py"]`, `["opentelemetry-instrument", "main.py"]`.
+        """
+        return pulumi.get(self, "entry_points")
+
+    @_builtins.property
+    @pulumi.getter
+    def runtime(self) -> _builtins.str:
+        """
+        Runtime environment used to execute the code. Valid values: `PYTHON_3_10`, `PYTHON_3_11`, `PYTHON_3_12`, `PYTHON_3_13`.
+        """
+        return pulumi.get(self, "runtime")
+
+    @_builtins.property
+    @pulumi.getter
+    def code(self) -> Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode']:
+        """
+        Configuration block for the source code location and configuration details. See `code` below.
+        """
+        return pulumi.get(self, "code")
+
+
+@pulumi.output_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCode(dict):
+    def __init__(__self__, *,
+                 s3: Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3'] = None):
+        """
+        :param 'AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3Args' s3: Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+        """
+        if s3 is not None:
+            pulumi.set(__self__, "s3", s3)
+
+    @_builtins.property
+    @pulumi.getter
+    def s3(self) -> Optional['outputs.AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3']:
+        """
+        Configuration block for the Amazon S3 object that contains the source code for the agent runtime. See `s3` below.
+        """
+        return pulumi.get(self, "s3")
+
+
+@pulumi.output_type
+class AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "versionId":
+            suggest = "version_id"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        AgentcoreAgentRuntimeAgentRuntimeArtifactCodeConfigurationCodeS3.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 bucket: _builtins.str,
+                 prefix: _builtins.str,
+                 version_id: Optional[_builtins.str] = None):
+        """
+        :param _builtins.str bucket: Name of the Amazon S3 bucket.
+        :param _builtins.str prefix: Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+        :param _builtins.str version_id: Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+        """
+        pulumi.set(__self__, "bucket", bucket)
+        pulumi.set(__self__, "prefix", prefix)
+        if version_id is not None:
+            pulumi.set(__self__, "version_id", version_id)
+
+    @_builtins.property
+    @pulumi.getter
+    def bucket(self) -> _builtins.str:
+        """
+        Name of the Amazon S3 bucket.
+        """
+        return pulumi.get(self, "bucket")
+
+    @_builtins.property
+    @pulumi.getter
+    def prefix(self) -> _builtins.str:
+        """
+        Key of the object containing the ZIP file of the source code for the agent runtime in the Amazon S3 bucket.
+        """
+        return pulumi.get(self, "prefix")
+
+    @_builtins.property
+    @pulumi.getter(name="versionId")
+    def version_id(self) -> Optional[_builtins.str]:
+        """
+        Version ID of the Amazon S3 object. If not specified, the latest version of the object is used.
+        """
+        return pulumi.get(self, "version_id")
+
+
 @pulumi.output_type
 class AgentcoreAgentRuntimeAgentRuntimeArtifactContainerConfiguration(dict):
     @staticmethod
@@ -12512,6 +12678,18 @@ def __key_warning(key: str):
             suggest = "input_strength"
         elif key == "outputStrength":
             suggest = "output_strength"
+        elif key == "inputAction":
+            suggest = "input_action"
+        elif key == "inputEnabled":
+            suggest = "input_enabled"
+        elif key == "inputModalities":
+            suggest = "input_modalities"
+        elif key == "outputAction":
+            suggest = "output_action"
+        elif key == "outputEnabled":
+            suggest = "output_enabled"
+        elif key == "outputModalities":
+            suggest = "output_modalities"
 
         if suggest:
             pulumi.log.warn(f"Key '{key}' not found in GuardrailContentPolicyConfigFiltersConfig. Access the value via the '{suggest}' property getter instead.")
@@ -12527,21 +12705,45 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  input_strength: _builtins.str,
                  output_strength: _builtins.str,
-                 type: _builtins.str):
+                 type: _builtins.str,
+                 input_action: Optional[_builtins.str] = None,
+                 input_enabled: Optional[_builtins.bool] = None,
+                 input_modalities: Optional[Sequence[_builtins.str]] = None,
+                 output_action: Optional[_builtins.str] = None,
+                 output_enabled: Optional[_builtins.bool] = None,
+                 output_modalities: Optional[Sequence[_builtins.str]] = None):
         """
-        :param _builtins.str input_strength: Strength for filters.
-        :param _builtins.str output_strength: Strength for filters.
+        :param _builtins.str input_strength: Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
+        :param _builtins.str output_strength: Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         :param _builtins.str type: Type of contextual grounding filter.
+        :param _builtins.str input_action: Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        :param _builtins.bool input_enabled: Toggles guardrail evaluation on input.
+        :param Sequence[_builtins.str] input_modalities: List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+        :param _builtins.str output_action: Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        :param _builtins.bool output_enabled: Toggles guardrail evaluation on output.
+        :param Sequence[_builtins.str] output_modalities: List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
         """
         pulumi.set(__self__, "input_strength", input_strength)
         pulumi.set(__self__, "output_strength", output_strength)
         pulumi.set(__self__, "type", type)
+        if input_action is not None:
+            pulumi.set(__self__, "input_action", input_action)
+        if input_enabled is not None:
+            pulumi.set(__self__, "input_enabled", input_enabled)
+        if input_modalities is not None:
+            pulumi.set(__self__, "input_modalities", input_modalities)
+        if output_action is not None:
+            pulumi.set(__self__, "output_action", output_action)
+        if output_enabled is not None:
+            pulumi.set(__self__, "output_enabled", output_enabled)
+        if output_modalities is not None:
+            pulumi.set(__self__, "output_modalities", output_modalities)
 
     @_builtins.property
     @pulumi.getter(name="inputStrength")
     def input_strength(self) -> _builtins.str:
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         return pulumi.get(self, "input_strength")
 
@@ -12549,7 +12751,7 @@ def input_strength(self) -> _builtins.str:
     @pulumi.getter(name="outputStrength")
     def output_strength(self) -> _builtins.str:
         """
-        Strength for filters.
+        Strength for filters. Valid values: `NONE`, `LOW`, `MEDIUM`, `HIGH`.
         """
         return pulumi.get(self, "output_strength")
 
@@ -12561,6 +12763,54 @@ def type(self) -> _builtins.str:
         """
         return pulumi.get(self, "type")
 
+    @_builtins.property
+    @pulumi.getter(name="inputAction")
+    def input_action(self) -> Optional[_builtins.str]:
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        return pulumi.get(self, "input_action")
+
+    @_builtins.property
+    @pulumi.getter(name="inputEnabled")
+    def input_enabled(self) -> Optional[_builtins.bool]:
+        """
+        Toggles guardrail evaluation on input.
+        """
+        return pulumi.get(self, "input_enabled")
+
+    @_builtins.property
+    @pulumi.getter(name="inputModalities")
+    def input_modalities(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        List of selected input modalities. Valid values: `IMAGE`, `TEXT`.
+        """
+        return pulumi.get(self, "input_modalities")
+
+    @_builtins.property
+    @pulumi.getter(name="outputAction")
+    def output_action(self) -> Optional[_builtins.str]:
+        """
+        Action to take when harmful content is detected. Valid values: `BLOCK`, `NONE`.
+        """
+        return pulumi.get(self, "output_action")
+
+    @_builtins.property
+    @pulumi.getter(name="outputEnabled")
+    def output_enabled(self) -> Optional[_builtins.bool]:
+        """
+        Toggles guardrail evaluation on output.
+        """
+        return pulumi.get(self, "output_enabled")
+
+    @_builtins.property
+    @pulumi.getter(name="outputModalities")
+    def output_modalities(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        List of selected output modalities. Valid values: `IMAGE`, `TEXT`.
+        """
+        return pulumi.get(self, "output_modalities")
+
 
 @pulumi.output_type
 class GuardrailContentPolicyConfigTierConfig(dict):
diff --git a/sdk/python/pulumi_aws/billing/__init__.py b/sdk/python/pulumi_aws/billing/__init__.py
index ea0c2410fb3..39ad27c16f8 100644
--- a/sdk/python/pulumi_aws/billing/__init__.py
+++ b/sdk/python/pulumi_aws/billing/__init__.py
@@ -7,4 +7,6 @@
 import typing
 # Export this package's modules as members:
 from .get_views import *
+from .view import *
+from ._inputs import *
 from . import outputs
diff --git a/sdk/python/pulumi_aws/billing/_inputs.py b/sdk/python/pulumi_aws/billing/_inputs.py
new file mode 100644
index 00000000000..e16b06af0e9
--- /dev/null
+++ b/sdk/python/pulumi_aws/billing/_inputs.py
@@ -0,0 +1,318 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = [
+    'ViewDataFilterExpressionArgs',
+    'ViewDataFilterExpressionArgsDict',
+    'ViewDataFilterExpressionDimensionsArgs',
+    'ViewDataFilterExpressionDimensionsArgsDict',
+    'ViewDataFilterExpressionTagArgs',
+    'ViewDataFilterExpressionTagArgsDict',
+    'ViewDataFilterExpressionTimeRangeArgs',
+    'ViewDataFilterExpressionTimeRangeArgsDict',
+    'ViewTimeoutsArgs',
+    'ViewTimeoutsArgsDict',
+]
+
+MYPY = False
+
+if not MYPY:
+    class ViewDataFilterExpressionArgsDict(TypedDict):
+        dimensions: NotRequired[pulumi.Input['ViewDataFilterExpressionDimensionsArgsDict']]
+        """
+        Dimension to use for `expression`. Refer to #dimensions for more details.
+        """
+        tags: NotRequired[pulumi.Input[Sequence[pulumi.Input['ViewDataFilterExpressionTagArgsDict']]]]
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        time_range: NotRequired[pulumi.Input['ViewDataFilterExpressionTimeRangeArgsDict']]
+        """
+        Time range to use for `expression`. Refer to #time-range for more details.
+        """
+elif False:
+    ViewDataFilterExpressionArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ViewDataFilterExpressionArgs:
+    def __init__(__self__, *,
+                 dimensions: Optional[pulumi.Input['ViewDataFilterExpressionDimensionsArgs']] = None,
+                 tags: Optional[pulumi.Input[Sequence[pulumi.Input['ViewDataFilterExpressionTagArgs']]]] = None,
+                 time_range: Optional[pulumi.Input['ViewDataFilterExpressionTimeRangeArgs']] = None):
+        """
+        :param pulumi.Input['ViewDataFilterExpressionDimensionsArgs'] dimensions: Dimension to use for `expression`. Refer to #dimensions for more details.
+        :param pulumi.Input[Sequence[pulumi.Input['ViewDataFilterExpressionTagArgs']]] tags: List of key value map specifying tags associated to the billing view being created.
+        :param pulumi.Input['ViewDataFilterExpressionTimeRangeArgs'] time_range: Time range to use for `expression`. Refer to #time-range for more details.
+        """
+        if dimensions is not None:
+            pulumi.set(__self__, "dimensions", dimensions)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+        if time_range is not None:
+            pulumi.set(__self__, "time_range", time_range)
+
+    @_builtins.property
+    @pulumi.getter
+    def dimensions(self) -> Optional[pulumi.Input['ViewDataFilterExpressionDimensionsArgs']]:
+        """
+        Dimension to use for `expression`. Refer to #dimensions for more details.
+        """
+        return pulumi.get(self, "dimensions")
+
+    @dimensions.setter
+    def dimensions(self, value: Optional[pulumi.Input['ViewDataFilterExpressionDimensionsArgs']]):
+        pulumi.set(self, "dimensions", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ViewDataFilterExpressionTagArgs']]]]:
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        return pulumi.get(self, "tags")
+
+    @tags.setter
+    def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ViewDataFilterExpressionTagArgs']]]]):
+        pulumi.set(self, "tags", value)
+
+    @_builtins.property
+    @pulumi.getter(name="timeRange")
+    def time_range(self) -> Optional[pulumi.Input['ViewDataFilterExpressionTimeRangeArgs']]:
+        """
+        Time range to use for `expression`. Refer to #time-range for more details.
+        """
+        return pulumi.get(self, "time_range")
+
+    @time_range.setter
+    def time_range(self, value: Optional[pulumi.Input['ViewDataFilterExpressionTimeRangeArgs']]):
+        pulumi.set(self, "time_range", value)
+
+
+if not MYPY:
+    class ViewDataFilterExpressionDimensionsArgsDict(TypedDict):
+        key: pulumi.Input[_builtins.str]
+        """
+        Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of metadata values that you can use to filter and group your results.
+        """
+elif False:
+    ViewDataFilterExpressionDimensionsArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ViewDataFilterExpressionDimensionsArgs:
+    def __init__(__self__, *,
+                 key: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] key: Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of metadata values that you can use to filter and group your results.
+        """
+        pulumi.set(__self__, "key", key)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def key(self) -> pulumi.Input[_builtins.str]:
+        """
+        Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+        """
+        return pulumi.get(self, "key")
+
+    @key.setter
+    def key(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "key", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of metadata values that you can use to filter and group your results.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
+if not MYPY:
+    class ViewDataFilterExpressionTagArgsDict(TypedDict):
+        key: pulumi.Input[_builtins.str]
+        """
+        Key of the tag.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of values for the tag.
+        """
+elif False:
+    ViewDataFilterExpressionTagArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ViewDataFilterExpressionTagArgs:
+    def __init__(__self__, *,
+                 key: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] key: Key of the tag.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of values for the tag.
+        """
+        pulumi.set(__self__, "key", key)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def key(self) -> pulumi.Input[_builtins.str]:
+        """
+        Key of the tag.
+        """
+        return pulumi.get(self, "key")
+
+    @key.setter
+    def key(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "key", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of values for the tag.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
+if not MYPY:
+    class ViewDataFilterExpressionTimeRangeArgsDict(TypedDict):
+        begin_date_inclusive: pulumi.Input[_builtins.str]
+        """
+        Inclusive end date of the time range.
+        """
+        end_date_inclusive: pulumi.Input[_builtins.str]
+elif False:
+    ViewDataFilterExpressionTimeRangeArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ViewDataFilterExpressionTimeRangeArgs:
+    def __init__(__self__, *,
+                 begin_date_inclusive: pulumi.Input[_builtins.str],
+                 end_date_inclusive: pulumi.Input[_builtins.str]):
+        """
+        :param pulumi.Input[_builtins.str] begin_date_inclusive: Inclusive end date of the time range.
+        """
+        pulumi.set(__self__, "begin_date_inclusive", begin_date_inclusive)
+        pulumi.set(__self__, "end_date_inclusive", end_date_inclusive)
+
+    @_builtins.property
+    @pulumi.getter(name="beginDateInclusive")
+    def begin_date_inclusive(self) -> pulumi.Input[_builtins.str]:
+        """
+        Inclusive end date of the time range.
+        """
+        return pulumi.get(self, "begin_date_inclusive")
+
+    @begin_date_inclusive.setter
+    def begin_date_inclusive(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "begin_date_inclusive", value)
+
+    @_builtins.property
+    @pulumi.getter(name="endDateInclusive")
+    def end_date_inclusive(self) -> pulumi.Input[_builtins.str]:
+        return pulumi.get(self, "end_date_inclusive")
+
+    @end_date_inclusive.setter
+    def end_date_inclusive(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "end_date_inclusive", value)
+
+
+if not MYPY:
+    class ViewTimeoutsArgsDict(TypedDict):
+        create: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        delete: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+        """
+        update: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+elif False:
+    ViewTimeoutsArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ViewTimeoutsArgs:
+    def __init__(__self__, *,
+                 create: Optional[pulumi.Input[_builtins.str]] = None,
+                 delete: Optional[pulumi.Input[_builtins.str]] = None,
+                 update: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        :param pulumi.Input[_builtins.str] create: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        :param pulumi.Input[_builtins.str] delete: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+        :param pulumi.Input[_builtins.str] update: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        if create is not None:
+            pulumi.set(__self__, "create", create)
+        if delete is not None:
+            pulumi.set(__self__, "delete", delete)
+        if update is not None:
+            pulumi.set(__self__, "update", update)
+
+    @_builtins.property
+    @pulumi.getter
+    def create(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        return pulumi.get(self, "create")
+
+    @create.setter
+    def create(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "create", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def delete(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+        """
+        return pulumi.get(self, "delete")
+
+    @delete.setter
+    def delete(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "delete", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def update(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        return pulumi.get(self, "update")
+
+    @update.setter
+    def update(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "update", value)
+
+
diff --git a/sdk/python/pulumi_aws/billing/outputs.py b/sdk/python/pulumi_aws/billing/outputs.py
index fbc4ba78872..77ea7ed71f4 100644
--- a/sdk/python/pulumi_aws/billing/outputs.py
+++ b/sdk/python/pulumi_aws/billing/outputs.py
@@ -13,11 +13,222 @@
 else:
     from typing_extensions import NotRequired, TypedDict, TypeAlias
 from .. import _utilities
+from . import outputs
 
 __all__ = [
+    'ViewDataFilterExpression',
+    'ViewDataFilterExpressionDimensions',
+    'ViewDataFilterExpressionTag',
+    'ViewDataFilterExpressionTimeRange',
+    'ViewTimeouts',
     'GetViewsBillingViewResult',
 ]
 
+@pulumi.output_type
+class ViewDataFilterExpression(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "timeRange":
+            suggest = "time_range"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ViewDataFilterExpression. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ViewDataFilterExpression.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ViewDataFilterExpression.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 dimensions: Optional['outputs.ViewDataFilterExpressionDimensions'] = None,
+                 tags: Optional[Sequence['outputs.ViewDataFilterExpressionTag']] = None,
+                 time_range: Optional['outputs.ViewDataFilterExpressionTimeRange'] = None):
+        """
+        :param 'ViewDataFilterExpressionDimensionsArgs' dimensions: Dimension to use for `expression`. Refer to #dimensions for more details.
+        :param Sequence['ViewDataFilterExpressionTagArgs'] tags: List of key value map specifying tags associated to the billing view being created.
+        :param 'ViewDataFilterExpressionTimeRangeArgs' time_range: Time range to use for `expression`. Refer to #time-range for more details.
+        """
+        if dimensions is not None:
+            pulumi.set(__self__, "dimensions", dimensions)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+        if time_range is not None:
+            pulumi.set(__self__, "time_range", time_range)
+
+    @_builtins.property
+    @pulumi.getter
+    def dimensions(self) -> Optional['outputs.ViewDataFilterExpressionDimensions']:
+        """
+        Dimension to use for `expression`. Refer to #dimensions for more details.
+        """
+        return pulumi.get(self, "dimensions")
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[Sequence['outputs.ViewDataFilterExpressionTag']]:
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        return pulumi.get(self, "tags")
+
+    @_builtins.property
+    @pulumi.getter(name="timeRange")
+    def time_range(self) -> Optional['outputs.ViewDataFilterExpressionTimeRange']:
+        """
+        Time range to use for `expression`. Refer to #time-range for more details.
+        """
+        return pulumi.get(self, "time_range")
+
+
+@pulumi.output_type
+class ViewDataFilterExpressionDimensions(dict):
+    def __init__(__self__, *,
+                 key: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str key: Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+        :param Sequence[_builtins.str] values: List of metadata values that you can use to filter and group your results.
+        """
+        pulumi.set(__self__, "key", key)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def key(self) -> _builtins.str:
+        """
+        Key of the dimension. Possible values are `LINKED_ACCOUNT`.
+        """
+        return pulumi.get(self, "key")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of metadata values that you can use to filter and group your results.
+        """
+        return pulumi.get(self, "values")
+
+
+@pulumi.output_type
+class ViewDataFilterExpressionTag(dict):
+    def __init__(__self__, *,
+                 key: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str key: Key of the tag.
+        :param Sequence[_builtins.str] values: List of values for the tag.
+        """
+        pulumi.set(__self__, "key", key)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def key(self) -> _builtins.str:
+        """
+        Key of the tag.
+        """
+        return pulumi.get(self, "key")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of values for the tag.
+        """
+        return pulumi.get(self, "values")
+
+
+@pulumi.output_type
+class ViewDataFilterExpressionTimeRange(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "beginDateInclusive":
+            suggest = "begin_date_inclusive"
+        elif key == "endDateInclusive":
+            suggest = "end_date_inclusive"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ViewDataFilterExpressionTimeRange. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ViewDataFilterExpressionTimeRange.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ViewDataFilterExpressionTimeRange.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 begin_date_inclusive: _builtins.str,
+                 end_date_inclusive: _builtins.str):
+        """
+        :param _builtins.str begin_date_inclusive: Inclusive end date of the time range.
+        """
+        pulumi.set(__self__, "begin_date_inclusive", begin_date_inclusive)
+        pulumi.set(__self__, "end_date_inclusive", end_date_inclusive)
+
+    @_builtins.property
+    @pulumi.getter(name="beginDateInclusive")
+    def begin_date_inclusive(self) -> _builtins.str:
+        """
+        Inclusive end date of the time range.
+        """
+        return pulumi.get(self, "begin_date_inclusive")
+
+    @_builtins.property
+    @pulumi.getter(name="endDateInclusive")
+    def end_date_inclusive(self) -> _builtins.str:
+        return pulumi.get(self, "end_date_inclusive")
+
+
+@pulumi.output_type
+class ViewTimeouts(dict):
+    def __init__(__self__, *,
+                 create: Optional[_builtins.str] = None,
+                 delete: Optional[_builtins.str] = None,
+                 update: Optional[_builtins.str] = None):
+        """
+        :param _builtins.str create: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        :param _builtins.str delete: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+        :param _builtins.str update: A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        if create is not None:
+            pulumi.set(__self__, "create", create)
+        if delete is not None:
+            pulumi.set(__self__, "delete", delete)
+        if update is not None:
+            pulumi.set(__self__, "update", update)
+
+    @_builtins.property
+    @pulumi.getter
+    def create(self) -> Optional[_builtins.str]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        return pulumi.get(self, "create")
+
+    @_builtins.property
+    @pulumi.getter
+    def delete(self) -> Optional[_builtins.str]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+        """
+        return pulumi.get(self, "delete")
+
+    @_builtins.property
+    @pulumi.getter
+    def update(self) -> Optional[_builtins.str]:
+        """
+        A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+        """
+        return pulumi.get(self, "update")
+
+
 @pulumi.output_type
 class GetViewsBillingViewResult(dict):
     def __init__(__self__, *,
diff --git a/sdk/python/pulumi_aws/billing/view.py b/sdk/python/pulumi_aws/billing/view.py
new file mode 100644
index 00000000000..dccffffcf39
--- /dev/null
+++ b/sdk/python/pulumi_aws/billing/view.py
@@ -0,0 +1,713 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+from . import outputs
+from ._inputs import *
+
+__all__ = ['ViewArgs', 'View']
+
+@pulumi.input_type
+class ViewArgs:
+    def __init__(__self__, *,
+                 data_filter_expression: Optional[pulumi.Input['ViewDataFilterExpressionArgs']] = None,
+                 description: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 source_views: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 timeouts: Optional[pulumi.Input['ViewTimeoutsArgs']] = None):
+        """
+        The set of arguments for constructing a View resource.
+        :param pulumi.Input['ViewDataFilterExpressionArgs'] data_filter_expression: Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        :param pulumi.Input[_builtins.str] description: Description of the custom billing view.
+        :param pulumi.Input[_builtins.str] name: Name of the custom billing view to be created.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] source_views: List of ARNs of the source data views for the custom billing view.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: List of key value map specifying tags associated to the billing view being created.
+        """
+        if data_filter_expression is not None:
+            pulumi.set(__self__, "data_filter_expression", data_filter_expression)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if source_views is not None:
+            pulumi.set(__self__, "source_views", source_views)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+        if timeouts is not None:
+            pulumi.set(__self__, "timeouts", timeouts)
+
+    @_builtins.property
+    @pulumi.getter(name="dataFilterExpression")
+    def data_filter_expression(self) -> Optional[pulumi.Input['ViewDataFilterExpressionArgs']]:
+        """
+        Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        """
+        return pulumi.get(self, "data_filter_expression")
+
+    @data_filter_expression.setter
+    def data_filter_expression(self, value: Optional[pulumi.Input['ViewDataFilterExpressionArgs']]):
+        pulumi.set(self, "data_filter_expression", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def description(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Description of the custom billing view.
+        """
+        return pulumi.get(self, "description")
+
+    @description.setter
+    def description(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "description", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name of the custom billing view to be created.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="sourceViews")
+    def source_views(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of ARNs of the source data views for the custom billing view.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "source_views")
+
+    @source_views.setter
+    def source_views(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "source_views", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        return pulumi.get(self, "tags")
+
+    @tags.setter
+    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def timeouts(self) -> Optional[pulumi.Input['ViewTimeoutsArgs']]:
+        return pulumi.get(self, "timeouts")
+
+    @timeouts.setter
+    def timeouts(self, value: Optional[pulumi.Input['ViewTimeoutsArgs']]):
+        pulumi.set(self, "timeouts", value)
+
+
+@pulumi.input_type
+class _ViewState:
+    def __init__(__self__, *,
+                 arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 billing_view_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 created_at: Optional[pulumi.Input[_builtins.str]] = None,
+                 data_filter_expression: Optional[pulumi.Input['ViewDataFilterExpressionArgs']] = None,
+                 derived_view_count: Optional[pulumi.Input[_builtins.int]] = None,
+                 description: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 owner_account_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 source_account_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 source_view_count: Optional[pulumi.Input[_builtins.int]] = None,
+                 source_views: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 timeouts: Optional[pulumi.Input['ViewTimeoutsArgs']] = None,
+                 updated_at: Optional[pulumi.Input[_builtins.str]] = None,
+                 view_definition_last_updated_at: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering View resources.
+        :param pulumi.Input[_builtins.str] arn: ARN of the View.
+        :param pulumi.Input[_builtins.str] billing_view_type: Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+        :param pulumi.Input[_builtins.str] created_at: Timestamp when the billing view was created.
+        :param pulumi.Input['ViewDataFilterExpressionArgs'] data_filter_expression: Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        :param pulumi.Input[_builtins.int] derived_view_count: Number of billing views that use this billing view as a source.
+        :param pulumi.Input[_builtins.str] description: Description of the custom billing view.
+        :param pulumi.Input[_builtins.str] name: Name of the custom billing view to be created.
+        :param pulumi.Input[_builtins.str] owner_account_id: Account owner of the billing view.
+        :param pulumi.Input[_builtins.str] source_account_id: AWS account ID that owns the source billing view, if this is a derived billing view.
+        :param pulumi.Input[_builtins.int] source_view_count: Number of source views associated with this billing view.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] source_views: List of ARNs of the source data views for the custom billing view.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: List of key value map specifying tags associated to the billing view being created.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: List of key value map specifying tags associated to the billing view.
+        :param pulumi.Input[_builtins.str] updated_at: Time when the billing view was last updated.
+        :param pulumi.Input[_builtins.str] view_definition_last_updated_at: Timestamp of when the billing view definition was last updated.
+        """
+        if arn is not None:
+            pulumi.set(__self__, "arn", arn)
+        if billing_view_type is not None:
+            pulumi.set(__self__, "billing_view_type", billing_view_type)
+        if created_at is not None:
+            pulumi.set(__self__, "created_at", created_at)
+        if data_filter_expression is not None:
+            pulumi.set(__self__, "data_filter_expression", data_filter_expression)
+        if derived_view_count is not None:
+            pulumi.set(__self__, "derived_view_count", derived_view_count)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+        if owner_account_id is not None:
+            pulumi.set(__self__, "owner_account_id", owner_account_id)
+        if source_account_id is not None:
+            pulumi.set(__self__, "source_account_id", source_account_id)
+        if source_view_count is not None:
+            pulumi.set(__self__, "source_view_count", source_view_count)
+        if source_views is not None:
+            pulumi.set(__self__, "source_views", source_views)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+        if tags_all is not None:
+            pulumi.set(__self__, "tags_all", tags_all)
+        if timeouts is not None:
+            pulumi.set(__self__, "timeouts", timeouts)
+        if updated_at is not None:
+            pulumi.set(__self__, "updated_at", updated_at)
+        if view_definition_last_updated_at is not None:
+            pulumi.set(__self__, "view_definition_last_updated_at", view_definition_last_updated_at)
+
+    @_builtins.property
+    @pulumi.getter
+    def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        ARN of the View.
+        """
+        return pulumi.get(self, "arn")
+
+    @arn.setter
+    def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "arn", value)
+
+    @_builtins.property
+    @pulumi.getter(name="billingViewType")
+    def billing_view_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+        """
+        return pulumi.get(self, "billing_view_type")
+
+    @billing_view_type.setter
+    def billing_view_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "billing_view_type", value)
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Timestamp when the billing view was created.
+        """
+        return pulumi.get(self, "created_at")
+
+    @created_at.setter
+    def created_at(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "created_at", value)
+
+    @_builtins.property
+    @pulumi.getter(name="dataFilterExpression")
+    def data_filter_expression(self) -> Optional[pulumi.Input['ViewDataFilterExpressionArgs']]:
+        """
+        Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        """
+        return pulumi.get(self, "data_filter_expression")
+
+    @data_filter_expression.setter
+    def data_filter_expression(self, value: Optional[pulumi.Input['ViewDataFilterExpressionArgs']]):
+        pulumi.set(self, "data_filter_expression", value)
+
+    @_builtins.property
+    @pulumi.getter(name="derivedViewCount")
+    def derived_view_count(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Number of billing views that use this billing view as a source.
+        """
+        return pulumi.get(self, "derived_view_count")
+
+    @derived_view_count.setter
+    def derived_view_count(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "derived_view_count", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def description(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Description of the custom billing view.
+        """
+        return pulumi.get(self, "description")
+
+    @description.setter
+    def description(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "description", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name of the custom billing view to be created.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="ownerAccountId")
+    def owner_account_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Account owner of the billing view.
+        """
+        return pulumi.get(self, "owner_account_id")
+
+    @owner_account_id.setter
+    def owner_account_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "owner_account_id", value)
+
+    @_builtins.property
+    @pulumi.getter(name="sourceAccountId")
+    def source_account_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        AWS account ID that owns the source billing view, if this is a derived billing view.
+        """
+        return pulumi.get(self, "source_account_id")
+
+    @source_account_id.setter
+    def source_account_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "source_account_id", value)
+
+    @_builtins.property
+    @pulumi.getter(name="sourceViewCount")
+    def source_view_count(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Number of source views associated with this billing view.
+        """
+        return pulumi.get(self, "source_view_count")
+
+    @source_view_count.setter
+    def source_view_count(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "source_view_count", value)
+
+    @_builtins.property
+    @pulumi.getter(name="sourceViews")
+    def source_views(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of ARNs of the source data views for the custom billing view.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "source_views")
+
+    @source_views.setter
+    def source_views(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "source_views", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        return pulumi.get(self, "tags")
+
+    @tags.setter
+    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags", value)
+
+    @_builtins.property
+    @pulumi.getter(name="tagsAll")
+    def tags_all(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        List of key value map specifying tags associated to the billing view.
+        """
+        return pulumi.get(self, "tags_all")
+
+    @tags_all.setter
+    def tags_all(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags_all", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def timeouts(self) -> Optional[pulumi.Input['ViewTimeoutsArgs']]:
+        return pulumi.get(self, "timeouts")
+
+    @timeouts.setter
+    def timeouts(self, value: Optional[pulumi.Input['ViewTimeoutsArgs']]):
+        pulumi.set(self, "timeouts", value)
+
+    @_builtins.property
+    @pulumi.getter(name="updatedAt")
+    def updated_at(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Time when the billing view was last updated.
+        """
+        return pulumi.get(self, "updated_at")
+
+    @updated_at.setter
+    def updated_at(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "updated_at", value)
+
+    @_builtins.property
+    @pulumi.getter(name="viewDefinitionLastUpdatedAt")
+    def view_definition_last_updated_at(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Timestamp of when the billing view definition was last updated.
+        """
+        return pulumi.get(self, "view_definition_last_updated_at")
+
+    @view_definition_last_updated_at.setter
+    def view_definition_last_updated_at(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "view_definition_last_updated_at", value)
+
+
+@pulumi.type_token("aws:billing/view:View")
+class View(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 data_filter_expression: Optional[pulumi.Input[Union['ViewDataFilterExpressionArgs', 'ViewDataFilterExpressionArgsDict']]] = None,
+                 description: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 source_views: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 timeouts: Optional[pulumi.Input[Union['ViewTimeoutsArgs', 'ViewTimeoutsArgsDict']]] = None,
+                 __props__=None):
+        """
+        Manages an AWS Billing View.
+
+        ## Example Usage
+
+        ### Basic Usage
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.billing.View("example",
+            name="example",
+            description="example description",
+            source_views=["arn:aws:billing::123456789012:billingview/example"])
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import Billing View using the `arn`. For example:
+
+        ```sh
+        $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[Union['ViewDataFilterExpressionArgs', 'ViewDataFilterExpressionArgsDict']] data_filter_expression: Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        :param pulumi.Input[_builtins.str] description: Description of the custom billing view.
+        :param pulumi.Input[_builtins.str] name: Name of the custom billing view to be created.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] source_views: List of ARNs of the source data views for the custom billing view.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: List of key value map specifying tags associated to the billing view being created.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: Optional[ViewArgs] = None,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Manages an AWS Billing View.
+
+        ## Example Usage
+
+        ### Basic Usage
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.billing.View("example",
+            name="example",
+            description="example description",
+            source_views=["arn:aws:billing::123456789012:billingview/example"])
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import Billing View using the `arn`. For example:
+
+        ```sh
+        $ pulumi import aws:billing/view:View example arn:aws:billing::123456789012:billing-view/example
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param ViewArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(ViewArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 data_filter_expression: Optional[pulumi.Input[Union['ViewDataFilterExpressionArgs', 'ViewDataFilterExpressionArgsDict']]] = None,
+                 description: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
+                 source_views: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 timeouts: Optional[pulumi.Input[Union['ViewTimeoutsArgs', 'ViewTimeoutsArgsDict']]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = ViewArgs.__new__(ViewArgs)
+
+            __props__.__dict__["data_filter_expression"] = data_filter_expression
+            __props__.__dict__["description"] = description
+            __props__.__dict__["name"] = name
+            __props__.__dict__["source_views"] = source_views
+            __props__.__dict__["tags"] = tags
+            __props__.__dict__["timeouts"] = timeouts
+            __props__.__dict__["arn"] = None
+            __props__.__dict__["billing_view_type"] = None
+            __props__.__dict__["created_at"] = None
+            __props__.__dict__["derived_view_count"] = None
+            __props__.__dict__["owner_account_id"] = None
+            __props__.__dict__["source_account_id"] = None
+            __props__.__dict__["source_view_count"] = None
+            __props__.__dict__["tags_all"] = None
+            __props__.__dict__["updated_at"] = None
+            __props__.__dict__["view_definition_last_updated_at"] = None
+        super(View, __self__).__init__(
+            'aws:billing/view:View',
+            resource_name,
+            __props__,
+            opts)
+
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            arn: Optional[pulumi.Input[_builtins.str]] = None,
+            billing_view_type: Optional[pulumi.Input[_builtins.str]] = None,
+            created_at: Optional[pulumi.Input[_builtins.str]] = None,
+            data_filter_expression: Optional[pulumi.Input[Union['ViewDataFilterExpressionArgs', 'ViewDataFilterExpressionArgsDict']]] = None,
+            derived_view_count: Optional[pulumi.Input[_builtins.int]] = None,
+            description: Optional[pulumi.Input[_builtins.str]] = None,
+            name: Optional[pulumi.Input[_builtins.str]] = None,
+            owner_account_id: Optional[pulumi.Input[_builtins.str]] = None,
+            source_account_id: Optional[pulumi.Input[_builtins.str]] = None,
+            source_view_count: Optional[pulumi.Input[_builtins.int]] = None,
+            source_views: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+            tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+            timeouts: Optional[pulumi.Input[Union['ViewTimeoutsArgs', 'ViewTimeoutsArgsDict']]] = None,
+            updated_at: Optional[pulumi.Input[_builtins.str]] = None,
+            view_definition_last_updated_at: Optional[pulumi.Input[_builtins.str]] = None) -> 'View':
+        """
+        Get an existing View resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] arn: ARN of the View.
+        :param pulumi.Input[_builtins.str] billing_view_type: Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+        :param pulumi.Input[_builtins.str] created_at: Timestamp when the billing view was created.
+        :param pulumi.Input[Union['ViewDataFilterExpressionArgs', 'ViewDataFilterExpressionArgsDict']] data_filter_expression: Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        :param pulumi.Input[_builtins.int] derived_view_count: Number of billing views that use this billing view as a source.
+        :param pulumi.Input[_builtins.str] description: Description of the custom billing view.
+        :param pulumi.Input[_builtins.str] name: Name of the custom billing view to be created.
+        :param pulumi.Input[_builtins.str] owner_account_id: Account owner of the billing view.
+        :param pulumi.Input[_builtins.str] source_account_id: AWS account ID that owns the source billing view, if this is a derived billing view.
+        :param pulumi.Input[_builtins.int] source_view_count: Number of source views associated with this billing view.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] source_views: List of ARNs of the source data views for the custom billing view.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: List of key value map specifying tags associated to the billing view being created.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: List of key value map specifying tags associated to the billing view.
+        :param pulumi.Input[_builtins.str] updated_at: Time when the billing view was last updated.
+        :param pulumi.Input[_builtins.str] view_definition_last_updated_at: Timestamp of when the billing view definition was last updated.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+        __props__ = _ViewState.__new__(_ViewState)
+
+        __props__.__dict__["arn"] = arn
+        __props__.__dict__["billing_view_type"] = billing_view_type
+        __props__.__dict__["created_at"] = created_at
+        __props__.__dict__["data_filter_expression"] = data_filter_expression
+        __props__.__dict__["derived_view_count"] = derived_view_count
+        __props__.__dict__["description"] = description
+        __props__.__dict__["name"] = name
+        __props__.__dict__["owner_account_id"] = owner_account_id
+        __props__.__dict__["source_account_id"] = source_account_id
+        __props__.__dict__["source_view_count"] = source_view_count
+        __props__.__dict__["source_views"] = source_views
+        __props__.__dict__["tags"] = tags
+        __props__.__dict__["tags_all"] = tags_all
+        __props__.__dict__["timeouts"] = timeouts
+        __props__.__dict__["updated_at"] = updated_at
+        __props__.__dict__["view_definition_last_updated_at"] = view_definition_last_updated_at
+        return View(resource_name, opts=opts, __props__=__props__)
+
+    @_builtins.property
+    @pulumi.getter
+    def arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        ARN of the View.
+        """
+        return pulumi.get(self, "arn")
+
+    @_builtins.property
+    @pulumi.getter(name="billingViewType")
+    def billing_view_type(self) -> pulumi.Output[_builtins.str]:
+        """
+        Type of billing group. Valid values are PRIMARY|BILLING_GROUP|CUSTOM.
+        """
+        return pulumi.get(self, "billing_view_type")
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> pulumi.Output[_builtins.str]:
+        """
+        Timestamp when the billing view was created.
+        """
+        return pulumi.get(self, "created_at")
+
+    @_builtins.property
+    @pulumi.getter(name="dataFilterExpression")
+    def data_filter_expression(self) -> pulumi.Output[Optional['outputs.ViewDataFilterExpression']]:
+        """
+        Filter Cost Explorer APIs using the expression. Refer to the data-filter-expression block documentation for more details.
+        """
+        return pulumi.get(self, "data_filter_expression")
+
+    @_builtins.property
+    @pulumi.getter(name="derivedViewCount")
+    def derived_view_count(self) -> pulumi.Output[_builtins.int]:
+        """
+        Number of billing views that use this billing view as a source.
+        """
+        return pulumi.get(self, "derived_view_count")
+
+    @_builtins.property
+    @pulumi.getter
+    def description(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        Description of the custom billing view.
+        """
+        return pulumi.get(self, "description")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Output[_builtins.str]:
+        """
+        Name of the custom billing view to be created.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter(name="ownerAccountId")
+    def owner_account_id(self) -> pulumi.Output[_builtins.str]:
+        """
+        Account owner of the billing view.
+        """
+        return pulumi.get(self, "owner_account_id")
+
+    @_builtins.property
+    @pulumi.getter(name="sourceAccountId")
+    def source_account_id(self) -> pulumi.Output[_builtins.str]:
+        """
+        AWS account ID that owns the source billing view, if this is a derived billing view.
+        """
+        return pulumi.get(self, "source_account_id")
+
+    @_builtins.property
+    @pulumi.getter(name="sourceViewCount")
+    def source_view_count(self) -> pulumi.Output[_builtins.int]:
+        """
+        Number of source views associated with this billing view.
+        """
+        return pulumi.get(self, "source_view_count")
+
+    @_builtins.property
+    @pulumi.getter(name="sourceViews")
+    def source_views(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
+        """
+        List of ARNs of the source data views for the custom billing view.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "source_views")
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> pulumi.Output[Optional[Mapping[str, _builtins.str]]]:
+        """
+        List of key value map specifying tags associated to the billing view being created.
+        """
+        return pulumi.get(self, "tags")
+
+    @_builtins.property
+    @pulumi.getter(name="tagsAll")
+    def tags_all(self) -> pulumi.Output[Mapping[str, _builtins.str]]:
+        """
+        List of key value map specifying tags associated to the billing view.
+        """
+        return pulumi.get(self, "tags_all")
+
+    @_builtins.property
+    @pulumi.getter
+    def timeouts(self) -> pulumi.Output[Optional['outputs.ViewTimeouts']]:
+        return pulumi.get(self, "timeouts")
+
+    @_builtins.property
+    @pulumi.getter(name="updatedAt")
+    def updated_at(self) -> pulumi.Output[_builtins.str]:
+        """
+        Time when the billing view was last updated.
+        """
+        return pulumi.get(self, "updated_at")
+
+    @_builtins.property
+    @pulumi.getter(name="viewDefinitionLastUpdatedAt")
+    def view_definition_last_updated_at(self) -> pulumi.Output[_builtins.str]:
+        """
+        Timestamp of when the billing view definition was last updated.
+        """
+        return pulumi.get(self, "view_definition_last_updated_at")
+
diff --git a/sdk/python/pulumi_aws/codestarnotifications/_inputs.py b/sdk/python/pulumi_aws/codestarnotifications/_inputs.py
index f587e14968a..8db66529fee 100644
--- a/sdk/python/pulumi_aws/codestarnotifications/_inputs.py
+++ b/sdk/python/pulumi_aws/codestarnotifications/_inputs.py
@@ -25,7 +25,7 @@
     class NotificationRuleTargetArgsDict(TypedDict):
         address: pulumi.Input[_builtins.str]
         """
-        The ARN of notification rule target. For example, a SNS Topic ARN.
+        The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
         """
         status: NotRequired[pulumi.Input[_builtins.str]]
         """
@@ -33,7 +33,7 @@ class NotificationRuleTargetArgsDict(TypedDict):
         """
         type: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The type of the notification target. Default value is `SNS`.
+        The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
         """
 elif False:
     NotificationRuleTargetArgsDict: TypeAlias = Mapping[str, Any]
@@ -45,9 +45,9 @@ def __init__(__self__, *,
                  status: Optional[pulumi.Input[_builtins.str]] = None,
                  type: Optional[pulumi.Input[_builtins.str]] = None):
         """
-        :param pulumi.Input[_builtins.str] address: The ARN of notification rule target. For example, a SNS Topic ARN.
+        :param pulumi.Input[_builtins.str] address: The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
         :param pulumi.Input[_builtins.str] status: The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.
-        :param pulumi.Input[_builtins.str] type: The type of the notification target. Default value is `SNS`.
+        :param pulumi.Input[_builtins.str] type: The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
         """
         pulumi.set(__self__, "address", address)
         if status is not None:
@@ -59,7 +59,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def address(self) -> pulumi.Input[_builtins.str]:
         """
-        The ARN of notification rule target. For example, a SNS Topic ARN.
+        The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
         """
         return pulumi.get(self, "address")
 
@@ -83,7 +83,7 @@ def status(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter
     def type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The type of the notification target. Default value is `SNS`.
+        The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
         """
         return pulumi.get(self, "type")
 
diff --git a/sdk/python/pulumi_aws/codestarnotifications/outputs.py b/sdk/python/pulumi_aws/codestarnotifications/outputs.py
index b6f9c3c9504..f58a39eb13d 100644
--- a/sdk/python/pulumi_aws/codestarnotifications/outputs.py
+++ b/sdk/python/pulumi_aws/codestarnotifications/outputs.py
@@ -25,9 +25,9 @@ def __init__(__self__, *,
                  status: Optional[_builtins.str] = None,
                  type: Optional[_builtins.str] = None):
         """
-        :param _builtins.str address: The ARN of notification rule target. For example, a SNS Topic ARN.
+        :param _builtins.str address: The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
         :param _builtins.str status: The status of the notification rule. Possible values are `ENABLED` and `DISABLED`, default is `ENABLED`.
-        :param _builtins.str type: The type of the notification target. Default value is `SNS`.
+        :param _builtins.str type: The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
         """
         pulumi.set(__self__, "address", address)
         if status is not None:
@@ -39,7 +39,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def address(self) -> _builtins.str:
         """
-        The ARN of notification rule target. For example, a SNS Topic ARN.
+        The ARN of the Amazon Q Developer in chat applications topic or Amazon Q Developer in chat applications client.
         """
         return pulumi.get(self, "address")
 
@@ -55,7 +55,7 @@ def status(self) -> Optional[_builtins.str]:
     @pulumi.getter
     def type(self) -> Optional[_builtins.str]:
         """
-        The type of the notification target. Default value is `SNS`.
+        The type of the notification target. Valid values are `SNS`, `AWSChatbotSlack`, and `AWSChatbotMicrosoftTeams`. Default value is `SNS`.
         """
         return pulumi.get(self, "type")
 
diff --git a/sdk/python/pulumi_aws/config/__init__.pyi b/sdk/python/pulumi_aws/config/__init__.pyi
index 8297df08b03..90ec6b73365 100644
--- a/sdk/python/pulumi_aws/config/__init__.pyi
+++ b/sdk/python/pulumi_aws/config/__init__.pyi
@@ -155,6 +155,11 @@ The region where AWS STS operations will take place. Examples
 are us-east-1 and us-west-2.
 """
 
+tagPolicyCompliance: Optional[str]
+"""
+The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+"""
+
 token: Optional[str]
 """
 session token. A session token is only required if you are
diff --git a/sdk/python/pulumi_aws/config/vars.py b/sdk/python/pulumi_aws/config/vars.py
index 36be85f1970..4cc8db9c2e1 100644
--- a/sdk/python/pulumi_aws/config/vars.py
+++ b/sdk/python/pulumi_aws/config/vars.py
@@ -219,6 +219,13 @@ def sts_region(self) -> Optional[str]:
         """
         return __config__.get('stsRegion')
 
+    @_builtins.property
+    def tag_policy_compliance(self) -> Optional[str]:
+        """
+        The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+        """
+        return __config__.get('tagPolicyCompliance')
+
     @_builtins.property
     def token(self) -> Optional[str]:
         """
diff --git a/sdk/python/pulumi_aws/dynamodb/_inputs.py b/sdk/python/pulumi_aws/dynamodb/_inputs.py
index f70125a0fd0..c0cf2d1d429 100644
--- a/sdk/python/pulumi_aws/dynamodb/_inputs.py
+++ b/sdk/python/pulumi_aws/dynamodb/_inputs.py
@@ -27,6 +27,8 @@
     'TableGlobalSecondaryIndexOnDemandThroughputArgsDict',
     'TableGlobalSecondaryIndexWarmThroughputArgs',
     'TableGlobalSecondaryIndexWarmThroughputArgsDict',
+    'TableGlobalTableWitnessArgs',
+    'TableGlobalTableWitnessArgsDict',
     'TableImportTableArgs',
     'TableImportTableArgsDict',
     'TableImportTableInputFormatOptionsArgs',
@@ -478,6 +480,38 @@ def write_units_per_second(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "write_units_per_second", value)
 
 
+if not MYPY:
+    class TableGlobalTableWitnessArgsDict(TypedDict):
+        region_name: NotRequired[pulumi.Input[_builtins.str]]
+        """
+        Name of the AWS Region that serves as a witness for the MRSC global table.
+        """
+elif False:
+    TableGlobalTableWitnessArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class TableGlobalTableWitnessArgs:
+    def __init__(__self__, *,
+                 region_name: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        :param pulumi.Input[_builtins.str] region_name: Name of the AWS Region that serves as a witness for the MRSC global table.
+        """
+        if region_name is not None:
+            pulumi.set(__self__, "region_name", region_name)
+
+    @_builtins.property
+    @pulumi.getter(name="regionName")
+    def region_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name of the AWS Region that serves as a witness for the MRSC global table.
+        """
+        return pulumi.get(self, "region_name")
+
+    @region_name.setter
+    def region_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "region_name", value)
+
+
 if not MYPY:
     class TableImportTableArgsDict(TypedDict):
         input_format: pulumi.Input[_builtins.str]
diff --git a/sdk/python/pulumi_aws/dynamodb/outputs.py b/sdk/python/pulumi_aws/dynamodb/outputs.py
index c05c5b96182..bd81fa96d29 100644
--- a/sdk/python/pulumi_aws/dynamodb/outputs.py
+++ b/sdk/python/pulumi_aws/dynamodb/outputs.py
@@ -22,6 +22,7 @@
     'TableGlobalSecondaryIndex',
     'TableGlobalSecondaryIndexOnDemandThroughput',
     'TableGlobalSecondaryIndexWarmThroughput',
+    'TableGlobalTableWitness',
     'TableImportTable',
     'TableImportTableInputFormatOptions',
     'TableImportTableInputFormatOptionsCsv',
@@ -403,6 +404,42 @@ def write_units_per_second(self) -> Optional[_builtins.int]:
         return pulumi.get(self, "write_units_per_second")
 
 
+@pulumi.output_type
+class TableGlobalTableWitness(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "regionName":
+            suggest = "region_name"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in TableGlobalTableWitness. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        TableGlobalTableWitness.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        TableGlobalTableWitness.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 region_name: Optional[_builtins.str] = None):
+        """
+        :param _builtins.str region_name: Name of the AWS Region that serves as a witness for the MRSC global table.
+        """
+        if region_name is not None:
+            pulumi.set(__self__, "region_name", region_name)
+
+    @_builtins.property
+    @pulumi.getter(name="regionName")
+    def region_name(self) -> Optional[_builtins.str]:
+        """
+        Name of the AWS Region that serves as a witness for the MRSC global table.
+        """
+        return pulumi.get(self, "region_name")
+
+
 @pulumi.output_type
 class TableImportTable(dict):
     @staticmethod
diff --git a/sdk/python/pulumi_aws/dynamodb/table.py b/sdk/python/pulumi_aws/dynamodb/table.py
index 6c0c01a327f..2e652489abc 100644
--- a/sdk/python/pulumi_aws/dynamodb/table.py
+++ b/sdk/python/pulumi_aws/dynamodb/table.py
@@ -25,6 +25,7 @@ def __init__(__self__, *,
                  billing_mode: Optional[pulumi.Input[_builtins.str]] = None,
                  deletion_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  global_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]]] = None,
+                 global_table_witness: Optional[pulumi.Input['TableGlobalTableWitnessArgs']] = None,
                  hash_key: Optional[pulumi.Input[_builtins.str]] = None,
                  import_table: Optional[pulumi.Input['TableImportTableArgs']] = None,
                  local_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input['TableLocalSecondaryIndexArgs']]]] = None,
@@ -53,6 +54,7 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.str] billing_mode: Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.
         :param pulumi.Input[_builtins.bool] deletion_protection_enabled: Enables deletion protection for table. Defaults to `false`.
         :param pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]] global_secondary_indexes: Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
+        :param pulumi.Input['TableGlobalTableWitnessArgs'] global_table_witness: Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
         :param pulumi.Input[_builtins.str] hash_key: Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
         :param pulumi.Input['TableImportTableArgs'] import_table: Import Amazon S3 data into a new table. See below.
         :param pulumi.Input[Sequence[pulumi.Input['TableLocalSecondaryIndexArgs']]] local_secondary_indexes: Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.
@@ -88,6 +90,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "deletion_protection_enabled", deletion_protection_enabled)
         if global_secondary_indexes is not None:
             pulumi.set(__self__, "global_secondary_indexes", global_secondary_indexes)
+        if global_table_witness is not None:
+            pulumi.set(__self__, "global_table_witness", global_table_witness)
         if hash_key is not None:
             pulumi.set(__self__, "hash_key", hash_key)
         if import_table is not None:
@@ -181,6 +185,18 @@ def global_secondary_indexes(self) -> Optional[pulumi.Input[Sequence[pulumi.Inpu
     def global_secondary_indexes(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]]]):
         pulumi.set(self, "global_secondary_indexes", value)
 
+    @_builtins.property
+    @pulumi.getter(name="globalTableWitness")
+    def global_table_witness(self) -> Optional[pulumi.Input['TableGlobalTableWitnessArgs']]:
+        """
+        Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
+        """
+        return pulumi.get(self, "global_table_witness")
+
+    @global_table_witness.setter
+    def global_table_witness(self, value: Optional[pulumi.Input['TableGlobalTableWitnessArgs']]):
+        pulumi.set(self, "global_table_witness", value)
+
     @_builtins.property
     @pulumi.getter(name="hashKey")
     def hash_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -458,6 +474,7 @@ def __init__(__self__, *,
                  billing_mode: Optional[pulumi.Input[_builtins.str]] = None,
                  deletion_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  global_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]]] = None,
+                 global_table_witness: Optional[pulumi.Input['TableGlobalTableWitnessArgs']] = None,
                  hash_key: Optional[pulumi.Input[_builtins.str]] = None,
                  import_table: Optional[pulumi.Input['TableImportTableArgs']] = None,
                  local_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input['TableLocalSecondaryIndexArgs']]]] = None,
@@ -490,6 +507,7 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.str] billing_mode: Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.
         :param pulumi.Input[_builtins.bool] deletion_protection_enabled: Enables deletion protection for table. Defaults to `false`.
         :param pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]] global_secondary_indexes: Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
+        :param pulumi.Input['TableGlobalTableWitnessArgs'] global_table_witness: Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
         :param pulumi.Input[_builtins.str] hash_key: Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
         :param pulumi.Input['TableImportTableArgs'] import_table: Import Amazon S3 data into a new table. See below.
         :param pulumi.Input[Sequence[pulumi.Input['TableLocalSecondaryIndexArgs']]] local_secondary_indexes: Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.
@@ -530,6 +548,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "deletion_protection_enabled", deletion_protection_enabled)
         if global_secondary_indexes is not None:
             pulumi.set(__self__, "global_secondary_indexes", global_secondary_indexes)
+        if global_table_witness is not None:
+            pulumi.set(__self__, "global_table_witness", global_table_witness)
         if hash_key is not None:
             pulumi.set(__self__, "hash_key", hash_key)
         if import_table is not None:
@@ -641,6 +661,18 @@ def global_secondary_indexes(self) -> Optional[pulumi.Input[Sequence[pulumi.Inpu
     def global_secondary_indexes(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['TableGlobalSecondaryIndexArgs']]]]):
         pulumi.set(self, "global_secondary_indexes", value)
 
+    @_builtins.property
+    @pulumi.getter(name="globalTableWitness")
+    def global_table_witness(self) -> Optional[pulumi.Input['TableGlobalTableWitnessArgs']]:
+        """
+        Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
+        """
+        return pulumi.get(self, "global_table_witness")
+
+    @global_table_witness.setter
+    def global_table_witness(self, value: Optional[pulumi.Input['TableGlobalTableWitnessArgs']]):
+        pulumi.set(self, "global_table_witness", value)
+
     @_builtins.property
     @pulumi.getter(name="hashKey")
     def hash_key(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -956,6 +988,7 @@ def __init__(__self__,
                  billing_mode: Optional[pulumi.Input[_builtins.str]] = None,
                  deletion_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  global_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableGlobalSecondaryIndexArgs', 'TableGlobalSecondaryIndexArgsDict']]]]] = None,
+                 global_table_witness: Optional[pulumi.Input[Union['TableGlobalTableWitnessArgs', 'TableGlobalTableWitnessArgsDict']]] = None,
                  hash_key: Optional[pulumi.Input[_builtins.str]] = None,
                  import_table: Optional[pulumi.Input[Union['TableImportTableArgs', 'TableImportTableArgsDict']]] = None,
                  local_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableLocalSecondaryIndexArgs', 'TableLocalSecondaryIndexArgsDict']]]]] = None,
@@ -1079,9 +1112,13 @@ def __init__(__self__,
 
         A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read.
 
+        You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas.
+
         **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html).
 
-        Consistency Mode (`consistency_mode`) is a new argument on the embedded `replica` that allows you to configure consistency mode for Global Tables.
+        Consistency Mode (`consistency_mode`) on the embedded `replica` allows you to configure consistency mode for Global Tables.
+
+        ##### Consistency mode with 3 Replicas
 
         ```python
         import pulumi
@@ -1109,6 +1146,31 @@ def __init__(__self__,
             ])
         ```
 
+        ##### Consistency Mode with 2 Replicas and Witness Region
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.dynamodb.Table("example",
+            name="example",
+            hash_key="TestTableHashKey",
+            billing_mode="PAY_PER_REQUEST",
+            stream_enabled=True,
+            stream_view_type="NEW_AND_OLD_IMAGES",
+            attributes=[{
+                "name": "TestTableHashKey",
+                "type": "S",
+            }],
+            replicas=[{
+                "region_name": "us-east-2",
+                "consistency_mode": "STRONG",
+            }],
+            global_table_witness={
+                "region_name": "us-west-2",
+            })
+        ```
+
         ### Replica Tagging
 
         You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `dynamodb.Tag` resource for the other.
@@ -1166,6 +1228,7 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.str] billing_mode: Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.
         :param pulumi.Input[_builtins.bool] deletion_protection_enabled: Enables deletion protection for table. Defaults to `false`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['TableGlobalSecondaryIndexArgs', 'TableGlobalSecondaryIndexArgsDict']]]] global_secondary_indexes: Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
+        :param pulumi.Input[Union['TableGlobalTableWitnessArgs', 'TableGlobalTableWitnessArgsDict']] global_table_witness: Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
         :param pulumi.Input[_builtins.str] hash_key: Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
         :param pulumi.Input[Union['TableImportTableArgs', 'TableImportTableArgsDict']] import_table: Import Amazon S3 data into a new table. See below.
         :param pulumi.Input[Sequence[pulumi.Input[Union['TableLocalSecondaryIndexArgs', 'TableLocalSecondaryIndexArgsDict']]]] local_secondary_indexes: Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.
@@ -1299,9 +1362,13 @@ def __init__(__self__,
 
         A global table configured for Multi-Region strong consistency (MRSC) provides the ability to perform a strongly consistent read with multi-Region scope. Performing a strongly consistent read on an MRSC table ensures you're always reading the latest version of an item, irrespective of the Region in which you're performing the read.
 
+        You can configure a MRSC global table with three replicas, or with two replicas and one witness. A witness is a component of a MRSC global table that contains data written to global table replicas, and provides an optional alternative to a full replica while supporting MRSC's availability architecture. You cannot perform read or write operations on a witness. A witness is located in a different Region than the two replicas.
+
         **Note** Please see detailed information, restrictions, caveats etc on the [AWS Support Page](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/multi-region-strong-consistency-gt.html).
 
-        Consistency Mode (`consistency_mode`) is a new argument on the embedded `replica` that allows you to configure consistency mode for Global Tables.
+        Consistency Mode (`consistency_mode`) on the embedded `replica` allows you to configure consistency mode for Global Tables.
+
+        ##### Consistency mode with 3 Replicas
 
         ```python
         import pulumi
@@ -1329,6 +1396,31 @@ def __init__(__self__,
             ])
         ```
 
+        ##### Consistency Mode with 2 Replicas and Witness Region
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.dynamodb.Table("example",
+            name="example",
+            hash_key="TestTableHashKey",
+            billing_mode="PAY_PER_REQUEST",
+            stream_enabled=True,
+            stream_view_type="NEW_AND_OLD_IMAGES",
+            attributes=[{
+                "name": "TestTableHashKey",
+                "type": "S",
+            }],
+            replicas=[{
+                "region_name": "us-east-2",
+                "consistency_mode": "STRONG",
+            }],
+            global_table_witness={
+                "region_name": "us-west-2",
+            })
+        ```
+
         ### Replica Tagging
 
         You can manage global table replicas' tags in various ways. This example shows using `replica.*.propagate_tags` for the first replica and the `dynamodb.Tag` resource for the other.
@@ -1399,6 +1491,7 @@ def _internal_init(__self__,
                  billing_mode: Optional[pulumi.Input[_builtins.str]] = None,
                  deletion_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  global_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableGlobalSecondaryIndexArgs', 'TableGlobalSecondaryIndexArgsDict']]]]] = None,
+                 global_table_witness: Optional[pulumi.Input[Union['TableGlobalTableWitnessArgs', 'TableGlobalTableWitnessArgsDict']]] = None,
                  hash_key: Optional[pulumi.Input[_builtins.str]] = None,
                  import_table: Optional[pulumi.Input[Union['TableImportTableArgs', 'TableImportTableArgsDict']]] = None,
                  local_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableLocalSecondaryIndexArgs', 'TableLocalSecondaryIndexArgsDict']]]]] = None,
@@ -1434,6 +1527,7 @@ def _internal_init(__self__,
             __props__.__dict__["billing_mode"] = billing_mode
             __props__.__dict__["deletion_protection_enabled"] = deletion_protection_enabled
             __props__.__dict__["global_secondary_indexes"] = global_secondary_indexes
+            __props__.__dict__["global_table_witness"] = global_table_witness
             __props__.__dict__["hash_key"] = hash_key
             __props__.__dict__["import_table"] = import_table
             __props__.__dict__["local_secondary_indexes"] = local_secondary_indexes
@@ -1475,6 +1569,7 @@ def get(resource_name: str,
             billing_mode: Optional[pulumi.Input[_builtins.str]] = None,
             deletion_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
             global_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableGlobalSecondaryIndexArgs', 'TableGlobalSecondaryIndexArgsDict']]]]] = None,
+            global_table_witness: Optional[pulumi.Input[Union['TableGlobalTableWitnessArgs', 'TableGlobalTableWitnessArgsDict']]] = None,
             hash_key: Optional[pulumi.Input[_builtins.str]] = None,
             import_table: Optional[pulumi.Input[Union['TableImportTableArgs', 'TableImportTableArgsDict']]] = None,
             local_secondary_indexes: Optional[pulumi.Input[Sequence[pulumi.Input[Union['TableLocalSecondaryIndexArgs', 'TableLocalSecondaryIndexArgsDict']]]]] = None,
@@ -1512,6 +1607,7 @@ def get(resource_name: str,
         :param pulumi.Input[_builtins.str] billing_mode: Controls how you are charged for read and write throughput and how you manage capacity. The valid values are `PROVISIONED` and `PAY_PER_REQUEST`. Defaults to `PROVISIONED`.
         :param pulumi.Input[_builtins.bool] deletion_protection_enabled: Enables deletion protection for table. Defaults to `false`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['TableGlobalSecondaryIndexArgs', 'TableGlobalSecondaryIndexArgsDict']]]] global_secondary_indexes: Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. See below.
+        :param pulumi.Input[Union['TableGlobalTableWitnessArgs', 'TableGlobalTableWitnessArgsDict']] global_table_witness: Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
         :param pulumi.Input[_builtins.str] hash_key: Attribute to use as the hash (partition) key. Must also be defined as an `attribute`. See below.
         :param pulumi.Input[Union['TableImportTableArgs', 'TableImportTableArgsDict']] import_table: Import Amazon S3 data into a new table. See below.
         :param pulumi.Input[Sequence[pulumi.Input[Union['TableLocalSecondaryIndexArgs', 'TableLocalSecondaryIndexArgsDict']]]] local_secondary_indexes: Describe an LSI on the table; these can only be allocated _at creation_ so you cannot change this definition after you have created the resource. See below.
@@ -1551,6 +1647,7 @@ def get(resource_name: str,
         __props__.__dict__["billing_mode"] = billing_mode
         __props__.__dict__["deletion_protection_enabled"] = deletion_protection_enabled
         __props__.__dict__["global_secondary_indexes"] = global_secondary_indexes
+        __props__.__dict__["global_table_witness"] = global_table_witness
         __props__.__dict__["hash_key"] = hash_key
         __props__.__dict__["import_table"] = import_table
         __props__.__dict__["local_secondary_indexes"] = local_secondary_indexes
@@ -1618,6 +1715,14 @@ def global_secondary_indexes(self) -> pulumi.Output[Optional[Sequence['outputs.T
         """
         return pulumi.get(self, "global_secondary_indexes")
 
+    @_builtins.property
+    @pulumi.getter(name="globalTableWitness")
+    def global_table_witness(self) -> pulumi.Output['outputs.TableGlobalTableWitness']:
+        """
+        Witness Region in a Multi-Region Strong Consistency deployment. **Note** This must be used alongside a single `replica` with `consistency_mode` set to `STRONG`. Other combinations will fail to provision. See below.
+        """
+        return pulumi.get(self, "global_table_witness")
+
     @_builtins.property
     @pulumi.getter(name="hashKey")
     def hash_key(self) -> pulumi.Output[_builtins.str]:
diff --git a/sdk/python/pulumi_aws/ec2/vpn_connection.py b/sdk/python/pulumi_aws/ec2/vpn_connection.py
index 9680e226a70..4e8a1258658 100644
--- a/sdk/python/pulumi_aws/ec2/vpn_connection.py
+++ b/sdk/python/pulumi_aws/ec2/vpn_connection.py
@@ -75,6 +75,7 @@ def __init__(__self__, *,
                  tunnel2_rekey_margin_time_seconds: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_replay_window_size: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_startup_action: Optional[pulumi.Input[_builtins.str]] = None,
+                 tunnel_bandwidth: Optional[pulumi.Input[_builtins.str]] = None,
                  tunnel_inside_ip_version: Optional[pulumi.Input[_builtins.str]] = None,
                  vpn_gateway_id: Optional[pulumi.Input[_builtins.str]] = None):
         """
@@ -133,6 +134,7 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.int] tunnel2_rekey_margin_time_seconds: The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel2_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel2_phase2_lifetime_seconds`.
         :param pulumi.Input[_builtins.int] tunnel2_replay_window_size: The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.
         :param pulumi.Input[_builtins.str] tunnel2_startup_action: The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.
+        :param pulumi.Input[_builtins.str] tunnel_bandwidth: Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
         :param pulumi.Input[_builtins.str] tunnel_inside_ip_version: Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
         :param pulumi.Input[_builtins.str] vpn_gateway_id: The ID of the Virtual Private Gateway.
         """
@@ -242,6 +244,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "tunnel2_replay_window_size", tunnel2_replay_window_size)
         if tunnel2_startup_action is not None:
             pulumi.set(__self__, "tunnel2_startup_action", tunnel2_startup_action)
+        if tunnel_bandwidth is not None:
+            pulumi.set(__self__, "tunnel_bandwidth", tunnel_bandwidth)
         if tunnel_inside_ip_version is not None:
             pulumi.set(__self__, "tunnel_inside_ip_version", tunnel_inside_ip_version)
         if vpn_gateway_id is not None:
@@ -895,6 +899,18 @@ def tunnel2_startup_action(self) -> Optional[pulumi.Input[_builtins.str]]:
     def tunnel2_startup_action(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "tunnel2_startup_action", value)
 
+    @_builtins.property
+    @pulumi.getter(name="tunnelBandwidth")
+    def tunnel_bandwidth(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
+        """
+        return pulumi.get(self, "tunnel_bandwidth")
+
+    @tunnel_bandwidth.setter
+    def tunnel_bandwidth(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "tunnel_bandwidth", value)
+
     @_builtins.property
     @pulumi.getter(name="tunnelInsideIpVersion")
     def tunnel_inside_ip_version(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -994,6 +1010,7 @@ def __init__(__self__, *,
                  tunnel2_replay_window_size: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_startup_action: Optional[pulumi.Input[_builtins.str]] = None,
                  tunnel2_vgw_inside_address: Optional[pulumi.Input[_builtins.str]] = None,
+                 tunnel_bandwidth: Optional[pulumi.Input[_builtins.str]] = None,
                  tunnel_inside_ip_version: Optional[pulumi.Input[_builtins.str]] = None,
                  type: Optional[pulumi.Input[_builtins.str]] = None,
                  vgw_telemetries: Optional[pulumi.Input[Sequence[pulumi.Input['VpnConnectionVgwTelemetryArgs']]]] = None,
@@ -1071,6 +1088,7 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.int] tunnel2_replay_window_size: The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.
         :param pulumi.Input[_builtins.str] tunnel2_startup_action: The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.
         :param pulumi.Input[_builtins.str] tunnel2_vgw_inside_address: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
+        :param pulumi.Input[_builtins.str] tunnel_bandwidth: Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
         :param pulumi.Input[_builtins.str] tunnel_inside_ip_version: Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
         :param pulumi.Input[_builtins.str] type: The type of VPN connection. The only type AWS supports at this time is "ipsec.1".
         :param pulumi.Input[Sequence[pulumi.Input['VpnConnectionVgwTelemetryArgs']]] vgw_telemetries: Telemetry for the VPN tunnels. Detailed below.
@@ -1218,6 +1236,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "tunnel2_startup_action", tunnel2_startup_action)
         if tunnel2_vgw_inside_address is not None:
             pulumi.set(__self__, "tunnel2_vgw_inside_address", tunnel2_vgw_inside_address)
+        if tunnel_bandwidth is not None:
+            pulumi.set(__self__, "tunnel_bandwidth", tunnel_bandwidth)
         if tunnel_inside_ip_version is not None:
             pulumi.set(__self__, "tunnel_inside_ip_version", tunnel_inside_ip_version)
         if type is not None:
@@ -2079,6 +2099,18 @@ def tunnel2_vgw_inside_address(self) -> Optional[pulumi.Input[_builtins.str]]:
     def tunnel2_vgw_inside_address(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "tunnel2_vgw_inside_address", value)
 
+    @_builtins.property
+    @pulumi.getter(name="tunnelBandwidth")
+    def tunnel_bandwidth(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
+        """
+        return pulumi.get(self, "tunnel_bandwidth")
+
+    @tunnel_bandwidth.setter
+    def tunnel_bandwidth(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "tunnel_bandwidth", value)
+
     @_builtins.property
     @pulumi.getter(name="tunnelInsideIpVersion")
     def tunnel_inside_ip_version(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -2187,6 +2219,7 @@ def __init__(__self__,
                  tunnel2_rekey_margin_time_seconds: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_replay_window_size: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_startup_action: Optional[pulumi.Input[_builtins.str]] = None,
+                 tunnel_bandwidth: Optional[pulumi.Input[_builtins.str]] = None,
                  tunnel_inside_ip_version: Optional[pulumi.Input[_builtins.str]] = None,
                  type: Optional[pulumi.Input[_builtins.str]] = None,
                  vpn_gateway_id: Optional[pulumi.Input[_builtins.str]] = None,
@@ -2336,6 +2369,7 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.int] tunnel2_rekey_margin_time_seconds: The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the second VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for `tunnel2_rekey_fuzz_percentage`. Valid value is between `60` and half of `tunnel2_phase2_lifetime_seconds`.
         :param pulumi.Input[_builtins.int] tunnel2_replay_window_size: The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.
         :param pulumi.Input[_builtins.str] tunnel2_startup_action: The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.
+        :param pulumi.Input[_builtins.str] tunnel_bandwidth: Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
         :param pulumi.Input[_builtins.str] tunnel_inside_ip_version: Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
         :param pulumi.Input[_builtins.str] type: The type of VPN connection. The only type AWS supports at this time is "ipsec.1".
         :param pulumi.Input[_builtins.str] vpn_gateway_id: The ID of the Virtual Private Gateway.
@@ -2504,6 +2538,7 @@ def _internal_init(__self__,
                  tunnel2_rekey_margin_time_seconds: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_replay_window_size: Optional[pulumi.Input[_builtins.int]] = None,
                  tunnel2_startup_action: Optional[pulumi.Input[_builtins.str]] = None,
+                 tunnel_bandwidth: Optional[pulumi.Input[_builtins.str]] = None,
                  tunnel_inside_ip_version: Optional[pulumi.Input[_builtins.str]] = None,
                  type: Optional[pulumi.Input[_builtins.str]] = None,
                  vpn_gateway_id: Optional[pulumi.Input[_builtins.str]] = None,
@@ -2571,6 +2606,7 @@ def _internal_init(__self__,
             __props__.__dict__["tunnel2_rekey_margin_time_seconds"] = tunnel2_rekey_margin_time_seconds
             __props__.__dict__["tunnel2_replay_window_size"] = tunnel2_replay_window_size
             __props__.__dict__["tunnel2_startup_action"] = tunnel2_startup_action
+            __props__.__dict__["tunnel_bandwidth"] = tunnel_bandwidth
             __props__.__dict__["tunnel_inside_ip_version"] = tunnel_inside_ip_version
             if type is None and not opts.urn:
                 raise TypeError("Missing required property 'type'")
@@ -2678,6 +2714,7 @@ def get(resource_name: str,
             tunnel2_replay_window_size: Optional[pulumi.Input[_builtins.int]] = None,
             tunnel2_startup_action: Optional[pulumi.Input[_builtins.str]] = None,
             tunnel2_vgw_inside_address: Optional[pulumi.Input[_builtins.str]] = None,
+            tunnel_bandwidth: Optional[pulumi.Input[_builtins.str]] = None,
             tunnel_inside_ip_version: Optional[pulumi.Input[_builtins.str]] = None,
             type: Optional[pulumi.Input[_builtins.str]] = None,
             vgw_telemetries: Optional[pulumi.Input[Sequence[pulumi.Input[Union['VpnConnectionVgwTelemetryArgs', 'VpnConnectionVgwTelemetryArgsDict']]]]] = None,
@@ -2760,6 +2797,7 @@ def get(resource_name: str,
         :param pulumi.Input[_builtins.int] tunnel2_replay_window_size: The number of packets in an IKE replay window for the second VPN tunnel. Valid value is between `64` and `2048`.
         :param pulumi.Input[_builtins.str] tunnel2_startup_action: The action to take when the establishing the tunnel for the second VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify start for AWS to initiate the IKE negotiation. Valid values are `add | start`.
         :param pulumi.Input[_builtins.str] tunnel2_vgw_inside_address: The RFC 6890 link-local address of the second VPN tunnel (VPN Gateway Side).
+        :param pulumi.Input[_builtins.str] tunnel_bandwidth: Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
         :param pulumi.Input[_builtins.str] tunnel_inside_ip_version: Indicate whether the VPN tunnels process IPv4 or IPv6 traffic. Valid values are `ipv4 | ipv6`. `ipv6` Supports only EC2 Transit Gateway.
         :param pulumi.Input[_builtins.str] type: The type of VPN connection. The only type AWS supports at this time is "ipsec.1".
         :param pulumi.Input[Sequence[pulumi.Input[Union['VpnConnectionVgwTelemetryArgs', 'VpnConnectionVgwTelemetryArgsDict']]]] vgw_telemetries: Telemetry for the VPN tunnels. Detailed below.
@@ -2840,6 +2878,7 @@ def get(resource_name: str,
         __props__.__dict__["tunnel2_replay_window_size"] = tunnel2_replay_window_size
         __props__.__dict__["tunnel2_startup_action"] = tunnel2_startup_action
         __props__.__dict__["tunnel2_vgw_inside_address"] = tunnel2_vgw_inside_address
+        __props__.__dict__["tunnel_bandwidth"] = tunnel_bandwidth
         __props__.__dict__["tunnel_inside_ip_version"] = tunnel_inside_ip_version
         __props__.__dict__["type"] = type
         __props__.__dict__["vgw_telemetries"] = vgw_telemetries
@@ -3414,6 +3453,14 @@ def tunnel2_vgw_inside_address(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "tunnel2_vgw_inside_address")
 
+    @_builtins.property
+    @pulumi.getter(name="tunnelBandwidth")
+    def tunnel_bandwidth(self) -> pulumi.Output[_builtins.str]:
+        """
+        Desired bandwidth specification for the VPN tunnel. Valid values are `standard | large`. `standard` supports up to 1.25 Gbps per tunnel, while `large` supports up to 5 Gbps per tunnel. Not supported when `vpn_gateway_id` is specified, or `enable_acceleration` is `true`.
+        """
+        return pulumi.get(self, "tunnel_bandwidth")
+
     @_builtins.property
     @pulumi.getter(name="tunnelInsideIpVersion")
     def tunnel_inside_ip_version(self) -> pulumi.Output[_builtins.str]:
diff --git a/sdk/python/pulumi_aws/emr/managed_scaling_policy.py b/sdk/python/pulumi_aws/emr/managed_scaling_policy.py
index 5558bcc7573..4b37a6cc6c5 100644
--- a/sdk/python/pulumi_aws/emr/managed_scaling_policy.py
+++ b/sdk/python/pulumi_aws/emr/managed_scaling_policy.py
@@ -23,17 +23,25 @@ class ManagedScalingPolicyArgs:
     def __init__(__self__, *,
                  cluster_id: pulumi.Input[_builtins.str],
                  compute_limits: pulumi.Input[Sequence[pulumi.Input['ManagedScalingPolicyComputeLimitArgs']]],
-                 region: Optional[pulumi.Input[_builtins.str]] = None):
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 scaling_strategy: Optional[pulumi.Input[_builtins.str]] = None,
+                 utilization_performance_index: Optional[pulumi.Input[_builtins.int]] = None):
         """
         The set of arguments for constructing a ManagedScalingPolicy resource.
         :param pulumi.Input[_builtins.str] cluster_id: ID of the EMR cluster
         :param pulumi.Input[Sequence[pulumi.Input['ManagedScalingPolicyComputeLimitArgs']]] compute_limits: Configuration block with compute limit settings. Described below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] scaling_strategy: Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        :param pulumi.Input[_builtins.int] utilization_performance_index: Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
         """
         pulumi.set(__self__, "cluster_id", cluster_id)
         pulumi.set(__self__, "compute_limits", compute_limits)
         if region is not None:
             pulumi.set(__self__, "region", region)
+        if scaling_strategy is not None:
+            pulumi.set(__self__, "scaling_strategy", scaling_strategy)
+        if utilization_performance_index is not None:
+            pulumi.set(__self__, "utilization_performance_index", utilization_performance_index)
 
     @_builtins.property
     @pulumi.getter(name="clusterId")
@@ -71,18 +79,46 @@ def region(self) -> Optional[pulumi.Input[_builtins.str]]:
     def region(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "region", value)
 
+    @_builtins.property
+    @pulumi.getter(name="scalingStrategy")
+    def scaling_strategy(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        """
+        return pulumi.get(self, "scaling_strategy")
+
+    @scaling_strategy.setter
+    def scaling_strategy(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "scaling_strategy", value)
+
+    @_builtins.property
+    @pulumi.getter(name="utilizationPerformanceIndex")
+    def utilization_performance_index(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+        """
+        return pulumi.get(self, "utilization_performance_index")
+
+    @utilization_performance_index.setter
+    def utilization_performance_index(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "utilization_performance_index", value)
+
 
 @pulumi.input_type
 class _ManagedScalingPolicyState:
     def __init__(__self__, *,
                  cluster_id: Optional[pulumi.Input[_builtins.str]] = None,
                  compute_limits: Optional[pulumi.Input[Sequence[pulumi.Input['ManagedScalingPolicyComputeLimitArgs']]]] = None,
-                 region: Optional[pulumi.Input[_builtins.str]] = None):
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 scaling_strategy: Optional[pulumi.Input[_builtins.str]] = None,
+                 utilization_performance_index: Optional[pulumi.Input[_builtins.int]] = None):
         """
         Input properties used for looking up and filtering ManagedScalingPolicy resources.
         :param pulumi.Input[_builtins.str] cluster_id: ID of the EMR cluster
         :param pulumi.Input[Sequence[pulumi.Input['ManagedScalingPolicyComputeLimitArgs']]] compute_limits: Configuration block with compute limit settings. Described below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] scaling_strategy: Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        :param pulumi.Input[_builtins.int] utilization_performance_index: Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
         """
         if cluster_id is not None:
             pulumi.set(__self__, "cluster_id", cluster_id)
@@ -90,6 +126,10 @@ def __init__(__self__, *,
             pulumi.set(__self__, "compute_limits", compute_limits)
         if region is not None:
             pulumi.set(__self__, "region", region)
+        if scaling_strategy is not None:
+            pulumi.set(__self__, "scaling_strategy", scaling_strategy)
+        if utilization_performance_index is not None:
+            pulumi.set(__self__, "utilization_performance_index", utilization_performance_index)
 
     @_builtins.property
     @pulumi.getter(name="clusterId")
@@ -127,6 +167,30 @@ def region(self) -> Optional[pulumi.Input[_builtins.str]]:
     def region(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "region", value)
 
+    @_builtins.property
+    @pulumi.getter(name="scalingStrategy")
+    def scaling_strategy(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        """
+        return pulumi.get(self, "scaling_strategy")
+
+    @scaling_strategy.setter
+    def scaling_strategy(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "scaling_strategy", value)
+
+    @_builtins.property
+    @pulumi.getter(name="utilizationPerformanceIndex")
+    def utilization_performance_index(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+        """
+        return pulumi.get(self, "utilization_performance_index")
+
+    @utilization_performance_index.setter
+    def utilization_performance_index(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "utilization_performance_index", value)
+
 
 @pulumi.type_token("aws:emr/managedScalingPolicy:ManagedScalingPolicy")
 class ManagedScalingPolicy(pulumi.CustomResource):
@@ -137,6 +201,8 @@ def __init__(__self__,
                  cluster_id: Optional[pulumi.Input[_builtins.str]] = None,
                  compute_limits: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ManagedScalingPolicyComputeLimitArgs', 'ManagedScalingPolicyComputeLimitArgsDict']]]]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
+                 scaling_strategy: Optional[pulumi.Input[_builtins.str]] = None,
+                 utilization_performance_index: Optional[pulumi.Input[_builtins.int]] = None,
                  __props__=None):
         """
         Provides a Managed Scaling policy for EMR Cluster. With Amazon EMR versions 5.30.0 and later (except for Amazon EMR 6.0.0), you can enable EMR managed scaling to automatically increase or decrease the number of instances or units in your cluster based on workload. See [Using EMR Managed Scaling in Amazon EMR](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-managed-scaling.html) for more information.
@@ -180,6 +246,8 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.str] cluster_id: ID of the EMR cluster
         :param pulumi.Input[Sequence[pulumi.Input[Union['ManagedScalingPolicyComputeLimitArgs', 'ManagedScalingPolicyComputeLimitArgsDict']]]] compute_limits: Configuration block with compute limit settings. Described below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] scaling_strategy: Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        :param pulumi.Input[_builtins.int] utilization_performance_index: Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
         """
         ...
     @overload
@@ -242,6 +310,8 @@ def _internal_init(__self__,
                  cluster_id: Optional[pulumi.Input[_builtins.str]] = None,
                  compute_limits: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ManagedScalingPolicyComputeLimitArgs', 'ManagedScalingPolicyComputeLimitArgsDict']]]]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
+                 scaling_strategy: Optional[pulumi.Input[_builtins.str]] = None,
+                 utilization_performance_index: Optional[pulumi.Input[_builtins.int]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -258,6 +328,8 @@ def _internal_init(__self__,
                 raise TypeError("Missing required property 'compute_limits'")
             __props__.__dict__["compute_limits"] = compute_limits
             __props__.__dict__["region"] = region
+            __props__.__dict__["scaling_strategy"] = scaling_strategy
+            __props__.__dict__["utilization_performance_index"] = utilization_performance_index
         super(ManagedScalingPolicy, __self__).__init__(
             'aws:emr/managedScalingPolicy:ManagedScalingPolicy',
             resource_name,
@@ -270,7 +342,9 @@ def get(resource_name: str,
             opts: Optional[pulumi.ResourceOptions] = None,
             cluster_id: Optional[pulumi.Input[_builtins.str]] = None,
             compute_limits: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ManagedScalingPolicyComputeLimitArgs', 'ManagedScalingPolicyComputeLimitArgsDict']]]]] = None,
-            region: Optional[pulumi.Input[_builtins.str]] = None) -> 'ManagedScalingPolicy':
+            region: Optional[pulumi.Input[_builtins.str]] = None,
+            scaling_strategy: Optional[pulumi.Input[_builtins.str]] = None,
+            utilization_performance_index: Optional[pulumi.Input[_builtins.int]] = None) -> 'ManagedScalingPolicy':
         """
         Get an existing ManagedScalingPolicy resource's state with the given name, id, and optional extra
         properties used to qualify the lookup.
@@ -281,6 +355,8 @@ def get(resource_name: str,
         :param pulumi.Input[_builtins.str] cluster_id: ID of the EMR cluster
         :param pulumi.Input[Sequence[pulumi.Input[Union['ManagedScalingPolicyComputeLimitArgs', 'ManagedScalingPolicyComputeLimitArgsDict']]]] compute_limits: Configuration block with compute limit settings. Described below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] scaling_strategy: Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        :param pulumi.Input[_builtins.int] utilization_performance_index: Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -289,6 +365,8 @@ def get(resource_name: str,
         __props__.__dict__["cluster_id"] = cluster_id
         __props__.__dict__["compute_limits"] = compute_limits
         __props__.__dict__["region"] = region
+        __props__.__dict__["scaling_strategy"] = scaling_strategy
+        __props__.__dict__["utilization_performance_index"] = utilization_performance_index
         return ManagedScalingPolicy(resource_name, opts=opts, __props__=__props__)
 
     @_builtins.property
@@ -315,3 +393,19 @@ def region(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "region")
 
+    @_builtins.property
+    @pulumi.getter(name="scalingStrategy")
+    def scaling_strategy(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        Specifies the scaling strategy. When set to `ADVANCED`, the `utilization_performance_index` argument can be used to configure an advanced scaling strategy. An advanced scaling strategy requires Amazon EMR on EC2 version 7.0 or later. Valid values: `ADVANCED`, `DEFAULT`.
+        """
+        return pulumi.get(self, "scaling_strategy")
+
+    @_builtins.property
+    @pulumi.getter(name="utilizationPerformanceIndex")
+    def utilization_performance_index(self) -> pulumi.Output[Optional[_builtins.int]]:
+        """
+        Integer value that represents the advanced scaling strategy. Higher values optimize for performance, while lower values optimize for resource conservation. A value of `50` provides a balance between performance and resource conservation. See [the AWS documentation](https://docs.aws.amazon.com/emr/latest/ManagementGuide/managed-scaling-allocation-strategy-optimized.html#managed-scaling-allocation-strategy-optimized-getting-started) for more details. Required when `scaling_strategy` is set to `ADVANCED`. Valid values: `1`, `25`, `50`, `75`, `100`.
+        """
+        return pulumi.get(self, "utilization_performance_index")
+
diff --git a/sdk/python/pulumi_aws/fis/_inputs.py b/sdk/python/pulumi_aws/fis/_inputs.py
index 9c35c7c243b..5f6ed6de380 100644
--- a/sdk/python/pulumi_aws/fis/_inputs.py
+++ b/sdk/python/pulumi_aws/fis/_inputs.py
@@ -241,7 +241,7 @@ def value(self, value: pulumi.Input[_builtins.str]):
     class ExperimentTemplateActionTargetArgsDict(TypedDict):
         key: pulumi.Input[_builtins.str]
         """
-        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
         """
         value: pulumi.Input[_builtins.str]
         """
@@ -256,7 +256,7 @@ def __init__(__self__, *,
                  key: pulumi.Input[_builtins.str],
                  value: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] key: Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+        :param pulumi.Input[_builtins.str] key: Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
         :param pulumi.Input[_builtins.str] value: Target name, referencing a corresponding target.
         """
         pulumi.set(__self__, "key", key)
@@ -266,7 +266,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def key(self) -> pulumi.Input[_builtins.str]:
         """
-        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
         """
         return pulumi.get(self, "key")
 
@@ -653,7 +653,7 @@ def s3_configuration(self, value: Optional[pulumi.Input['ExperimentTemplateLogCo
     class ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgsDict(TypedDict):
         log_group_arn: pulumi.Input[_builtins.str]
         """
-        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
         """
 elif False:
     ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgsDict: TypeAlias = Mapping[str, Any]
@@ -663,7 +663,7 @@ class ExperimentTemplateLogConfigurationCloudwatchLogsConfigurationArgs:
     def __init__(__self__, *,
                  log_group_arn: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] log_group_arn: The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+        :param pulumi.Input[_builtins.str] log_group_arn: The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -671,7 +671,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> pulumi.Input[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
diff --git a/sdk/python/pulumi_aws/fis/outputs.py b/sdk/python/pulumi_aws/fis/outputs.py
index 3148ddb1ebc..24d37ddd142 100644
--- a/sdk/python/pulumi_aws/fis/outputs.py
+++ b/sdk/python/pulumi_aws/fis/outputs.py
@@ -169,7 +169,7 @@ def __init__(__self__, *,
                  key: _builtins.str,
                  value: _builtins.str):
         """
-        :param _builtins.str key: Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+        :param _builtins.str key: Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
         :param _builtins.str value: Target name, referencing a corresponding target.
         """
         pulumi.set(__self__, "key", key)
@@ -179,7 +179,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def key(self) -> _builtins.str:
         """
-        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
+        Target type. Valid values are `AutoScalingGroups` (EC2 Auto Scaling groups), `Buckets` (S3 Buckets), `Cluster` (EKS Cluster), `Clusters` (ECS Clusters), `DBInstances` (RDS DB Instances), `Functions` (Lambda Functions), `Instances` (EC2 Instances), `ManagedResources` (EKS clusters, Application and Network Load Balancers, and EC2 Auto Scaling groups that are enabled for ARC zonal shift), `Nodegroups` (EKS Node groups), `Pods` (EKS Pods), `ReplicationGroups`(ElastiCache Redis Replication Groups), `Roles` (IAM Roles), `SpotInstances` (EC2 Spot Instances), `Subnets` (VPC Subnets), `Tables` (DynamoDB encrypted global tables), `Tasks` (ECS Tasks), `TransitGateways` (Transit gateways), `Volumes` (EBS Volumes). See the [documentation](https://docs.aws.amazon.com/fis/latest/userguide/action-sequence.html#action-targets) for more details.
         """
         return pulumi.get(self, "key")
 
@@ -558,7 +558,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  log_group_arn: _builtins.str):
         """
-        :param _builtins.str log_group_arn: The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+        :param _builtins.str log_group_arn: The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
         """
         pulumi.set(__self__, "log_group_arn", log_group_arn)
 
@@ -566,7 +566,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="logGroupArn")
     def log_group_arn(self) -> _builtins.str:
         """
-        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.
+        The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group. The ARN must end with `:*`
         """
         return pulumi.get(self, "log_group_arn")
 
diff --git a/sdk/python/pulumi_aws/lambda_/invocation.py b/sdk/python/pulumi_aws/lambda_/invocation.py
index f9726e98234..8bf2f629e4f 100644
--- a/sdk/python/pulumi_aws/lambda_/invocation.py
+++ b/sdk/python/pulumi_aws/lambda_/invocation.py
@@ -378,6 +378,16 @@ def __init__(__self__,
 
         When the invocation resource is removed, the final invocation will have:
 
+        ## Import
+
+        Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example:
+
+        ```sh
+        $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09
+        ```
+        Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function.
+        To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function.
+
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] function_name: Name of the Lambda function.
@@ -489,6 +499,16 @@ def __init__(__self__,
 
         When the invocation resource is removed, the final invocation will have:
 
+        ## Import
+
+        Using `pulumi import`, import Lambda Invocation using the `function_name,qualifier,result_hash`. For example:
+
+        ```sh
+        $ pulumi import aws:lambda/invocation:Invocation test_lambda my_test_lambda_function,$LATEST,b326b5062b2f0e69046810717534cb09
+        ```
+        Because it is not possible to retrieve previous invocations, during the next apply `terraform` will update the resource calling again the function.
+        To compute the `result_hash`, it is necessary to hash it with the standard `md5` hash function.
+
         :param str resource_name: The name of the resource.
         :param InvocationArgs args: The arguments to use to populate this resource's properties.
         :param pulumi.ResourceOptions opts: Options for the resource.
diff --git a/sdk/python/pulumi_aws/lb/_inputs.py b/sdk/python/pulumi_aws/lb/_inputs.py
index acb552807fc..4652cd3348e 100644
--- a/sdk/python/pulumi_aws/lb/_inputs.py
+++ b/sdk/python/pulumi_aws/lb/_inputs.py
@@ -29,6 +29,10 @@
     'ListenerDefaultActionForwardStickinessArgsDict',
     'ListenerDefaultActionForwardTargetGroupArgs',
     'ListenerDefaultActionForwardTargetGroupArgsDict',
+    'ListenerDefaultActionJwtValidationArgs',
+    'ListenerDefaultActionJwtValidationArgsDict',
+    'ListenerDefaultActionJwtValidationAdditionalClaimArgs',
+    'ListenerDefaultActionJwtValidationAdditionalClaimArgsDict',
     'ListenerDefaultActionRedirectArgs',
     'ListenerDefaultActionRedirectArgsDict',
     'ListenerMutualAuthenticationArgs',
@@ -47,6 +51,10 @@
     'ListenerRuleActionForwardStickinessArgsDict',
     'ListenerRuleActionForwardTargetGroupArgs',
     'ListenerRuleActionForwardTargetGroupArgsDict',
+    'ListenerRuleActionJwtValidationArgs',
+    'ListenerRuleActionJwtValidationArgsDict',
+    'ListenerRuleActionJwtValidationAdditionalClaimArgs',
+    'ListenerRuleActionJwtValidationAdditionalClaimArgsDict',
     'ListenerRuleActionRedirectArgs',
     'ListenerRuleActionRedirectArgsDict',
     'ListenerRuleConditionArgs',
@@ -111,6 +119,10 @@
     'GetListenerRuleActionForwardStickinessArgsDict',
     'GetListenerRuleActionForwardTargetGroupArgs',
     'GetListenerRuleActionForwardTargetGroupArgsDict',
+    'GetListenerRuleActionJwtValidationArgs',
+    'GetListenerRuleActionJwtValidationArgsDict',
+    'GetListenerRuleActionJwtValidationAdditionalClaimArgs',
+    'GetListenerRuleActionJwtValidationAdditionalClaimArgsDict',
     'GetListenerRuleActionRedirectArgs',
     'GetListenerRuleActionRedirectArgsDict',
     'GetListenerRuleConditionArgs',
@@ -147,7 +159,7 @@
     class ListenerDefaultActionArgsDict(TypedDict):
         type: pulumi.Input[_builtins.str]
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -167,6 +179,10 @@ class ListenerDefaultActionArgsDict(TypedDict):
         """
         Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
         """
+        jwt_validation: NotRequired[pulumi.Input['ListenerDefaultActionJwtValidationArgsDict']]
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
         order: NotRequired[pulumi.Input[_builtins.int]]
         """
         Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
@@ -190,17 +206,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional[pulumi.Input['ListenerDefaultActionAuthenticateOidcArgs']] = None,
                  fixed_response: Optional[pulumi.Input['ListenerDefaultActionFixedResponseArgs']] = None,
                  forward: Optional[pulumi.Input['ListenerDefaultActionForwardArgs']] = None,
+                 jwt_validation: Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']] = None,
                  order: Optional[pulumi.Input[_builtins.int]] = None,
                  redirect: Optional[pulumi.Input['ListenerDefaultActionRedirectArgs']] = None,
                  target_group_arn: Optional[pulumi.Input[_builtins.str]] = None):
         """
-        :param pulumi.Input[_builtins.str] type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param pulumi.Input[_builtins.str] type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
                
                The following arguments are optional:
         :param pulumi.Input['ListenerDefaultActionAuthenticateCognitoArgs'] authenticate_cognito: Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. See below.
         :param pulumi.Input['ListenerDefaultActionAuthenticateOidcArgs'] authenticate_oidc: Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. See below.
         :param pulumi.Input['ListenerDefaultActionFixedResponseArgs'] fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param pulumi.Input['ListenerDefaultActionForwardArgs'] forward: Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
+        :param pulumi.Input['ListenerDefaultActionJwtValidationArgs'] jwt_validation: Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param pulumi.Input[_builtins.int] order: Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
         :param pulumi.Input['ListenerDefaultActionRedirectArgs'] redirect: Configuration block for creating a redirect action. Required if `type` is `redirect`. See below.
         :param pulumi.Input[_builtins.str] target_group_arn: ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match.
@@ -214,6 +232,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -225,7 +245,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> pulumi.Input[_builtins.str]:
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -283,6 +303,18 @@ def forward(self) -> Optional[pulumi.Input['ListenerDefaultActionForwardArgs']]:
     def forward(self, value: Optional[pulumi.Input['ListenerDefaultActionForwardArgs']]):
         pulumi.set(self, "forward", value)
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']]:
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
+    @jwt_validation.setter
+    def jwt_validation(self, value: Optional[pulumi.Input['ListenerDefaultActionJwtValidationArgs']]):
+        pulumi.set(self, "jwt_validation", value)
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -975,6 +1007,151 @@ def weight(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "weight", value)
 
 
+if not MYPY:
+    class ListenerDefaultActionJwtValidationArgsDict(TypedDict):
+        issuer: pulumi.Input[_builtins.str]
+        """
+        Issuer of the JWT.
+        """
+        jwks_endpoint: pulumi.Input[_builtins.str]
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        additional_claims: NotRequired[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgsDict']]]]
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+elif False:
+    ListenerDefaultActionJwtValidationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerDefaultActionJwtValidationArgs:
+    def __init__(__self__, *,
+                 issuer: pulumi.Input[_builtins.str],
+                 jwks_endpoint: pulumi.Input[_builtins.str],
+                 additional_claims: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]] = None):
+        """
+        :param pulumi.Input[_builtins.str] issuer: Issuer of the JWT.
+        :param pulumi.Input[_builtins.str] jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+               
+               The following arguments are optional:
+        :param pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> pulumi.Input[_builtins.str]:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @issuer.setter
+    def issuer(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "issuer", value)
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> pulumi.Input[_builtins.str]:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @jwks_endpoint.setter
+    def jwks_endpoint(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "jwks_endpoint", value)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+    @additional_claims.setter
+    def additional_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerDefaultActionJwtValidationAdditionalClaimArgs']]]]):
+        pulumi.set(self, "additional_claims", value)
+
+
+if not MYPY:
+    class ListenerDefaultActionJwtValidationAdditionalClaimArgsDict(TypedDict):
+        format: pulumi.Input[_builtins.str]
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        name: pulumi.Input[_builtins.str]
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of expected values of the claim.
+        """
+elif False:
+    ListenerDefaultActionJwtValidationAdditionalClaimArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerDefaultActionJwtValidationAdditionalClaimArgs:
+    def __init__(__self__, *,
+                 format: pulumi.Input[_builtins.str],
+                 name: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param pulumi.Input[_builtins.str] name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> pulumi.Input[_builtins.str]:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @format.setter
+    def format(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "format", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
 if not MYPY:
     class ListenerDefaultActionRedirectArgsDict(TypedDict):
         status_code: pulumi.Input[_builtins.str]
@@ -1210,7 +1387,7 @@ def trust_store_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
     class ListenerRuleActionArgsDict(TypedDict):
         type: pulumi.Input[_builtins.str]
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         authenticate_cognito: NotRequired[pulumi.Input['ListenerRuleActionAuthenticateCognitoArgsDict']]
         """
@@ -1230,6 +1407,10 @@ class ListenerRuleActionArgsDict(TypedDict):
         Specify only if `type` is `forward`.
         Cannot be specified with `target_group_arn`.
         """
+        jwt_validation: NotRequired[pulumi.Input['ListenerRuleActionJwtValidationArgsDict']]
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
         order: NotRequired[pulumi.Input[_builtins.int]]
         """
         Order for the action.
@@ -1259,17 +1440,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional[pulumi.Input['ListenerRuleActionAuthenticateOidcArgs']] = None,
                  fixed_response: Optional[pulumi.Input['ListenerRuleActionFixedResponseArgs']] = None,
                  forward: Optional[pulumi.Input['ListenerRuleActionForwardArgs']] = None,
+                 jwt_validation: Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']] = None,
                  order: Optional[pulumi.Input[_builtins.int]] = None,
                  redirect: Optional[pulumi.Input['ListenerRuleActionRedirectArgs']] = None,
                  target_group_arn: Optional[pulumi.Input[_builtins.str]] = None):
         """
-        :param pulumi.Input[_builtins.str] type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param pulumi.Input[_builtins.str] type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         :param pulumi.Input['ListenerRuleActionAuthenticateCognitoArgs'] authenticate_cognito: Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.
         :param pulumi.Input['ListenerRuleActionAuthenticateOidcArgs'] authenticate_oidc: Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.
         :param pulumi.Input['ListenerRuleActionFixedResponseArgs'] fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param pulumi.Input['ListenerRuleActionForwardArgs'] forward: Configuration block for creating an action that distributes requests among one or more target groups.
                Specify only if `type` is `forward`.
                Cannot be specified with `target_group_arn`.
+        :param pulumi.Input['ListenerRuleActionJwtValidationArgs'] jwt_validation: Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param pulumi.Input[_builtins.int] order: Order for the action.
                The action with the lowest value for order is performed first.
                Valid values are between `1` and `50000`.
@@ -1289,6 +1472,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -1300,7 +1485,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> pulumi.Input[_builtins.str]:
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         return pulumi.get(self, "type")
 
@@ -1358,6 +1543,18 @@ def forward(self) -> Optional[pulumi.Input['ListenerRuleActionForwardArgs']]:
     def forward(self, value: Optional[pulumi.Input['ListenerRuleActionForwardArgs']]):
         pulumi.set(self, "forward", value)
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']]:
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
+    @jwt_validation.setter
+    def jwt_validation(self, value: Optional[pulumi.Input['ListenerRuleActionJwtValidationArgs']]):
+        pulumi.set(self, "jwt_validation", value)
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -2020,6 +2217,145 @@ def weight(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "weight", value)
 
 
+if not MYPY:
+    class ListenerRuleActionJwtValidationArgsDict(TypedDict):
+        issuer: pulumi.Input[_builtins.str]
+        """
+        Issuer of the JWT.
+        """
+        jwks_endpoint: pulumi.Input[_builtins.str]
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        additional_claims: NotRequired[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgsDict']]]]
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+elif False:
+    ListenerRuleActionJwtValidationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerRuleActionJwtValidationArgs:
+    def __init__(__self__, *,
+                 issuer: pulumi.Input[_builtins.str],
+                 jwks_endpoint: pulumi.Input[_builtins.str],
+                 additional_claims: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]] = None):
+        """
+        :param pulumi.Input[_builtins.str] issuer: Issuer of the JWT.
+        :param pulumi.Input[_builtins.str] jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        :param pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> pulumi.Input[_builtins.str]:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @issuer.setter
+    def issuer(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "issuer", value)
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> pulumi.Input[_builtins.str]:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @jwks_endpoint.setter
+    def jwks_endpoint(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "jwks_endpoint", value)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+    @additional_claims.setter
+    def additional_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ListenerRuleActionJwtValidationAdditionalClaimArgs']]]]):
+        pulumi.set(self, "additional_claims", value)
+
+
+if not MYPY:
+    class ListenerRuleActionJwtValidationAdditionalClaimArgsDict(TypedDict):
+        format: pulumi.Input[_builtins.str]
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        name: pulumi.Input[_builtins.str]
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of expected values of the claim.
+        """
+elif False:
+    ListenerRuleActionJwtValidationAdditionalClaimArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ListenerRuleActionJwtValidationAdditionalClaimArgs:
+    def __init__(__self__, *,
+                 format: pulumi.Input[_builtins.str],
+                 name: pulumi.Input[_builtins.str],
+                 values: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[_builtins.str] format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param pulumi.Input[_builtins.str] name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> pulumi.Input[_builtins.str]:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @format.setter
+    def format(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "format", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        pulumi.set(self, "values", value)
+
+
 if not MYPY:
     class ListenerRuleActionRedirectArgsDict(TypedDict):
         status_code: pulumi.Input[_builtins.str]
@@ -3714,6 +4050,11 @@ class GetListenerRuleActionArgsDict(TypedDict):
         An action to forward the request.
         Detailed below.
         """
+        jwt_validations: NotRequired[Sequence['GetListenerRuleActionJwtValidationArgsDict']]
+        """
+        An action to validate using JWT.
+        Detailed below.
+        """
         redirects: NotRequired[Sequence['GetListenerRuleActionRedirectArgsDict']]
         """
         An action to redirect the request.
@@ -3731,6 +4072,7 @@ def __init__(__self__, *,
                  authenticate_oidcs: Optional[Sequence['GetListenerRuleActionAuthenticateOidcArgs']] = None,
                  fixed_responses: Optional[Sequence['GetListenerRuleActionFixedResponseArgs']] = None,
                  forwards: Optional[Sequence['GetListenerRuleActionForwardArgs']] = None,
+                 jwt_validations: Optional[Sequence['GetListenerRuleActionJwtValidationArgs']] = None,
                  redirects: Optional[Sequence['GetListenerRuleActionRedirectArgs']] = None):
         """
         :param _builtins.int order: The evaluation order of the action.
@@ -3743,6 +4085,8 @@ def __init__(__self__, *,
                Detailed below.
         :param Sequence['GetListenerRuleActionForwardArgs'] forwards: An action to forward the request.
                Detailed below.
+        :param Sequence['GetListenerRuleActionJwtValidationArgs'] jwt_validations: An action to validate using JWT.
+               Detailed below.
         :param Sequence['GetListenerRuleActionRedirectArgs'] redirects: An action to redirect the request.
                Detailed below.
         """
@@ -3756,6 +4100,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_responses", fixed_responses)
         if forwards is not None:
             pulumi.set(__self__, "forwards", forwards)
+        if jwt_validations is not None:
+            pulumi.set(__self__, "jwt_validations", jwt_validations)
         if redirects is not None:
             pulumi.set(__self__, "redirects", redirects)
 
@@ -3835,6 +4181,19 @@ def forwards(self) -> Optional[Sequence['GetListenerRuleActionForwardArgs']]:
     def forwards(self, value: Optional[Sequence['GetListenerRuleActionForwardArgs']]):
         pulumi.set(self, "forwards", value)
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidations")
+    def jwt_validations(self) -> Optional[Sequence['GetListenerRuleActionJwtValidationArgs']]:
+        """
+        An action to validate using JWT.
+        Detailed below.
+        """
+        return pulumi.get(self, "jwt_validations")
+
+    @jwt_validations.setter
+    def jwt_validations(self, value: Optional[Sequence['GetListenerRuleActionJwtValidationArgs']]):
+        pulumi.set(self, "jwt_validations", value)
+
     @_builtins.property
     @pulumi.getter
     def redirects(self) -> Optional[Sequence['GetListenerRuleActionRedirectArgs']]:
@@ -4033,7 +4392,7 @@ class GetListenerRuleActionAuthenticateOidcArgsDict(TypedDict):
         """
         issuer: _builtins.str
         """
-        OIDC issuer identifier of the IdP.
+        Issuer of the JWT.
         """
         on_unauthenticated_request: _builtins.str
         """
@@ -4080,7 +4439,7 @@ def __init__(__self__, *,
                Detailed below.
         :param _builtins.str authorization_endpoint: The authorization endpoint of the IdP.
         :param _builtins.str client_id: OAuth 2.0 client identifier.
-        :param _builtins.str issuer: OIDC issuer identifier of the IdP.
+        :param _builtins.str issuer: Issuer of the JWT.
         :param _builtins.str on_unauthenticated_request: Behavior when the client is not authenticated.
         :param _builtins.str scope: Set of user claims requested.
         :param _builtins.str session_cookie_name: Name of the cookie used to maintain session information.
@@ -4140,7 +4499,7 @@ def client_id(self, value: _builtins.str):
     @pulumi.getter
     def issuer(self) -> _builtins.str:
         """
-        OIDC issuer identifier of the IdP.
+        Issuer of the JWT.
         """
         return pulumi.get(self, "issuer")
 
@@ -4451,6 +4810,145 @@ def weight(self, value: _builtins.int):
         pulumi.set(self, "weight", value)
 
 
+if not MYPY:
+    class GetListenerRuleActionJwtValidationArgsDict(TypedDict):
+        issuer: _builtins.str
+        """
+        Issuer of the JWT.
+        """
+        jwks_endpoint: _builtins.str
+        """
+        JSON Web Key Set (JWKS) endpoint.
+        """
+        additional_claims: NotRequired[Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgsDict']]
+        """
+        Additional claims to validate.
+        """
+elif False:
+    GetListenerRuleActionJwtValidationArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class GetListenerRuleActionJwtValidationArgs:
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgs']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint.
+        :param Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgs'] additional_claims: Additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @issuer.setter
+    def issuer(self, value: _builtins.str):
+        pulumi.set(self, "issuer", value)
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @jwks_endpoint.setter
+    def jwks_endpoint(self, value: _builtins.str):
+        pulumi.set(self, "jwks_endpoint", value)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgs']]:
+        """
+        Additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+    @additional_claims.setter
+    def additional_claims(self, value: Optional[Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgs']]):
+        pulumi.set(self, "additional_claims", value)
+
+
+if not MYPY:
+    class GetListenerRuleActionJwtValidationAdditionalClaimArgsDict(TypedDict):
+        format: _builtins.str
+        """
+        Format of the claim value.
+        """
+        name: _builtins.str
+        """
+        Name of the claim to validate.
+        """
+        values: Sequence[_builtins.str]
+        """
+        Set of `key`-`value` pairs indicating the query string parameters to match.
+        """
+elif False:
+    GetListenerRuleActionJwtValidationAdditionalClaimArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class GetListenerRuleActionJwtValidationAdditionalClaimArgs:
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value.
+        :param _builtins.str name: Name of the claim to validate.
+        :param Sequence[_builtins.str] values: Set of `key`-`value` pairs indicating the query string parameters to match.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value.
+        """
+        return pulumi.get(self, "format")
+
+    @format.setter
+    def format(self, value: _builtins.str):
+        pulumi.set(self, "format", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: _builtins.str):
+        pulumi.set(self, "name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        Set of `key`-`value` pairs indicating the query string parameters to match.
+        """
+        return pulumi.get(self, "values")
+
+    @values.setter
+    def values(self, value: Sequence[_builtins.str]):
+        pulumi.set(self, "values", value)
+
+
 if not MYPY:
     class GetListenerRuleActionRedirectArgsDict(TypedDict):
         host: _builtins.str
diff --git a/sdk/python/pulumi_aws/lb/listener.py b/sdk/python/pulumi_aws/lb/listener.py
index 769293a4137..8704cfa6580 100644
--- a/sdk/python/pulumi_aws/lb/listener.py
+++ b/sdk/python/pulumi_aws/lb/listener.py
@@ -1259,6 +1259,48 @@ def __init__(__self__,
             ])
         ```
 
+        ### JWT Validation Action
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        test = aws.lb.Listener("test",
+            load_balancer_arn=test_aws_lb["id"],
+            protocol="HTTPS",
+            port=443,
+            ssl_policy="ELBSecurityPolicy-2016-08",
+            certificate_arn=test_aws_iam_server_certificate["arn"],
+            default_actions=[
+                {
+                    "type": "jwt-validation",
+                    "jwt_validation": {
+                        "issuer": "https://example.com",
+                        "jwks_endpoint": "https://example.com/.well-known/jwks.json",
+                        "additional_claims": [
+                            {
+                                "format": "string-array",
+                                "name": "claim_name1",
+                                "values": [
+                                    "value1",
+                                    "value2",
+                                ],
+                            },
+                            {
+                                "format": "single-string",
+                                "name": "claim_name2",
+                                "values": ["value1"],
+                            },
+                        ],
+                    },
+                },
+                {
+                    "target_group_arn": test_aws_lb_target_group["id"],
+                    "type": "forward",
+                },
+            ])
+        ```
+
         ### Gateway Load Balancer Listener
 
         ```python
@@ -1547,6 +1589,48 @@ def __init__(__self__,
             ])
         ```
 
+        ### JWT Validation Action
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        test = aws.lb.Listener("test",
+            load_balancer_arn=test_aws_lb["id"],
+            protocol="HTTPS",
+            port=443,
+            ssl_policy="ELBSecurityPolicy-2016-08",
+            certificate_arn=test_aws_iam_server_certificate["arn"],
+            default_actions=[
+                {
+                    "type": "jwt-validation",
+                    "jwt_validation": {
+                        "issuer": "https://example.com",
+                        "jwks_endpoint": "https://example.com/.well-known/jwks.json",
+                        "additional_claims": [
+                            {
+                                "format": "string-array",
+                                "name": "claim_name1",
+                                "values": [
+                                    "value1",
+                                    "value2",
+                                ],
+                            },
+                            {
+                                "format": "single-string",
+                                "name": "claim_name2",
+                                "values": ["value1"],
+                            },
+                        ],
+                    },
+                },
+                {
+                    "target_group_arn": test_aws_lb_target_group["id"],
+                    "type": "forward",
+                },
+            ])
+        ```
+
         ### Gateway Load Balancer Listener
 
         ```python
diff --git a/sdk/python/pulumi_aws/lb/listener_rule.py b/sdk/python/pulumi_aws/lb/listener_rule.py
index 3f29179c689..640c7f797d0 100644
--- a/sdk/python/pulumi_aws/lb/listener_rule.py
+++ b/sdk/python/pulumi_aws/lb/listener_rule.py
@@ -306,201 +306,6 @@ def __init__(__self__,
 
         > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical.
 
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_aws as aws
-
-        front_end = aws.lb.LoadBalancer("front_end")
-        front_end_listener = aws.lb.Listener("front_end")
-        static = aws.lb.ListenerRule("static",
-            listener_arn=front_end_listener.arn,
-            priority=100,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[
-                {
-                    "path_pattern": {
-                        "values": ["/static/*"],
-                    },
-                },
-                {
-                    "host_header": {
-                        "values": ["example.com"],
-                    },
-                },
-            ])
-        # Forward action
-        host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Weighted Forward action
-        host_based_routing = aws.lb.ListenerRule("host_based_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "forward": {
-                    "target_groups": [
-                        {
-                            "arn": main["arn"],
-                            "weight": 80,
-                        },
-                        {
-                            "arn": canary["arn"],
-                            "weight": 20,
-                        },
-                    ],
-                    "stickiness": {
-                        "enabled": True,
-                        "duration": 600,
-                    },
-                },
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Redirect action
-        redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "redirect",
-                "redirect": {
-                    "port": "443",
-                    "protocol": "HTTPS",
-                    "status_code": "HTTP_301",
-                },
-            }],
-            conditions=[{
-                "http_header": {
-                    "http_header_name": "X-Forwarded-For",
-                    "values": ["192.168.1.*"],
-                },
-            }])
-        # Fixed-response action
-        health_check = aws.lb.ListenerRule("health_check",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "fixed-response",
-                "fixed_response": {
-                    "content_type": "text/plain",
-                    "message_body": "HEALTHY",
-                    "status_code": "200",
-                },
-            }],
-            conditions=[{
-                "query_strings": [
-                    {
-                        "key": "health",
-                        "value": "check",
-                    },
-                    {
-                        "value": "bar",
-                    },
-                ],
-            }])
-        # Authenticate-cognito Action
-        pool = aws.cognito.UserPool("pool")
-        client = aws.cognito.UserPoolClient("client")
-        domain = aws.cognito.UserPoolDomain("domain")
-        admin = aws.lb.ListenerRule("admin",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-cognito",
-                    "authenticate_cognito": {
-                        "user_pool_arn": pool.arn,
-                        "user_pool_client_id": client.id,
-                        "user_pool_domain": domain.domain,
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # Authenticate-oidc Action
-        oidc = aws.lb.ListenerRule("oidc",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-oidc",
-                    "authenticate_oidc": {
-                        "authorization_endpoint": "https://example.com/authorization_endpoint",
-                        "client_id": "client_id",
-                        "client_secret": "client_secret",
-                        "issuer": "https://example.com",
-                        "token_endpoint": "https://example.com/token_endpoint",
-                        "user_info_endpoint": "https://example.com/user_info_endpoint",
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # With transform
-        transform = aws.lb.ListenerRule("transform",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "path_pattern": {
-                    "values": ["*"],
-                },
-            }],
-            transforms=[
-                {
-                    "type": "host-header-rewrite",
-                    "host_header_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^mywebsite-(.+).com$",
-                            "replace": "internal.dev.$1.myweb.com",
-                        },
-                    },
-                },
-                {
-                    "type": "url-rewrite",
-                    "url_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^/dp/([A-Za-z0-9]+)/?$",
-                            "replace": "/product.php?id=$1",
-                        },
-                    },
-                },
-            ])
-        ```
-
-        ## Import
-
-        ### Identity Schema
-
-        #### Required
-
-        - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
-
-        Using `pulumi import`, import rules using their ARN. For example:
-
-        console
-
-        % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
-
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ListenerRuleActionArgs', 'ListenerRuleActionArgsDict']]]] actions: An Action block. Action blocks are documented below.
@@ -522,201 +327,6 @@ def __init__(__self__,
 
         > **Note:** `alb.ListenerRule` is known as `lb.ListenerRule`. The functionality is identical.
 
-        ## Example Usage
-
-        ```python
-        import pulumi
-        import pulumi_aws as aws
-
-        front_end = aws.lb.LoadBalancer("front_end")
-        front_end_listener = aws.lb.Listener("front_end")
-        static = aws.lb.ListenerRule("static",
-            listener_arn=front_end_listener.arn,
-            priority=100,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[
-                {
-                    "path_pattern": {
-                        "values": ["/static/*"],
-                    },
-                },
-                {
-                    "host_header": {
-                        "values": ["example.com"],
-                    },
-                },
-            ])
-        # Forward action
-        host_based_weighted_routing = aws.lb.ListenerRule("host_based_weighted_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Weighted Forward action
-        host_based_routing = aws.lb.ListenerRule("host_based_routing",
-            listener_arn=front_end_listener.arn,
-            priority=99,
-            actions=[{
-                "type": "forward",
-                "forward": {
-                    "target_groups": [
-                        {
-                            "arn": main["arn"],
-                            "weight": 80,
-                        },
-                        {
-                            "arn": canary["arn"],
-                            "weight": 20,
-                        },
-                    ],
-                    "stickiness": {
-                        "enabled": True,
-                        "duration": 600,
-                    },
-                },
-            }],
-            conditions=[{
-                "host_header": {
-                    "values": ["my-service.*.mycompany.io"],
-                },
-            }])
-        # Redirect action
-        redirect_http_to_https = aws.lb.ListenerRule("redirect_http_to_https",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "redirect",
-                "redirect": {
-                    "port": "443",
-                    "protocol": "HTTPS",
-                    "status_code": "HTTP_301",
-                },
-            }],
-            conditions=[{
-                "http_header": {
-                    "http_header_name": "X-Forwarded-For",
-                    "values": ["192.168.1.*"],
-                },
-            }])
-        # Fixed-response action
-        health_check = aws.lb.ListenerRule("health_check",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "fixed-response",
-                "fixed_response": {
-                    "content_type": "text/plain",
-                    "message_body": "HEALTHY",
-                    "status_code": "200",
-                },
-            }],
-            conditions=[{
-                "query_strings": [
-                    {
-                        "key": "health",
-                        "value": "check",
-                    },
-                    {
-                        "value": "bar",
-                    },
-                ],
-            }])
-        # Authenticate-cognito Action
-        pool = aws.cognito.UserPool("pool")
-        client = aws.cognito.UserPoolClient("client")
-        domain = aws.cognito.UserPoolDomain("domain")
-        admin = aws.lb.ListenerRule("admin",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-cognito",
-                    "authenticate_cognito": {
-                        "user_pool_arn": pool.arn,
-                        "user_pool_client_id": client.id,
-                        "user_pool_domain": domain.domain,
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # Authenticate-oidc Action
-        oidc = aws.lb.ListenerRule("oidc",
-            listener_arn=front_end_listener.arn,
-            actions=[
-                {
-                    "type": "authenticate-oidc",
-                    "authenticate_oidc": {
-                        "authorization_endpoint": "https://example.com/authorization_endpoint",
-                        "client_id": "client_id",
-                        "client_secret": "client_secret",
-                        "issuer": "https://example.com",
-                        "token_endpoint": "https://example.com/token_endpoint",
-                        "user_info_endpoint": "https://example.com/user_info_endpoint",
-                    },
-                },
-                {
-                    "type": "forward",
-                    "target_group_arn": static_aws_lb_target_group["arn"],
-                },
-            ])
-        # With transform
-        transform = aws.lb.ListenerRule("transform",
-            listener_arn=front_end_listener.arn,
-            actions=[{
-                "type": "forward",
-                "target_group_arn": static_aws_lb_target_group["arn"],
-            }],
-            conditions=[{
-                "path_pattern": {
-                    "values": ["*"],
-                },
-            }],
-            transforms=[
-                {
-                    "type": "host-header-rewrite",
-                    "host_header_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^mywebsite-(.+).com$",
-                            "replace": "internal.dev.$1.myweb.com",
-                        },
-                    },
-                },
-                {
-                    "type": "url-rewrite",
-                    "url_rewrite_config": {
-                        "rewrite": {
-                            "regex": "^/dp/([A-Za-z0-9]+)/?$",
-                            "replace": "/product.php?id=$1",
-                        },
-                    },
-                },
-            ])
-        ```
-
-        ## Import
-
-        ### Identity Schema
-
-        #### Required
-
-        - `arn` (String) Amazon Resource Name (ARN) of the load balancer listener rule.
-
-        Using `pulumi import`, import rules using their ARN. For example:
-
-        console
-
-        % pulumi import aws_lb_listener_rule.front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:listener-rule/app/test/8e4497da625e2d8a/9ab28ade35828f96/67b3d2d36dd7c26b
-
         :param str resource_name: The name of the resource.
         :param ListenerRuleArgs args: The arguments to use to populate this resource's properties.
         :param pulumi.ResourceOptions opts: Options for the resource.
diff --git a/sdk/python/pulumi_aws/lb/outputs.py b/sdk/python/pulumi_aws/lb/outputs.py
index 38312ef45e7..7ac2dfaa753 100644
--- a/sdk/python/pulumi_aws/lb/outputs.py
+++ b/sdk/python/pulumi_aws/lb/outputs.py
@@ -23,6 +23,8 @@
     'ListenerDefaultActionForward',
     'ListenerDefaultActionForwardStickiness',
     'ListenerDefaultActionForwardTargetGroup',
+    'ListenerDefaultActionJwtValidation',
+    'ListenerDefaultActionJwtValidationAdditionalClaim',
     'ListenerDefaultActionRedirect',
     'ListenerMutualAuthentication',
     'ListenerRuleAction',
@@ -32,6 +34,8 @@
     'ListenerRuleActionForward',
     'ListenerRuleActionForwardStickiness',
     'ListenerRuleActionForwardTargetGroup',
+    'ListenerRuleActionJwtValidation',
+    'ListenerRuleActionJwtValidationAdditionalClaim',
     'ListenerRuleActionRedirect',
     'ListenerRuleCondition',
     'ListenerRuleConditionHostHeader',
@@ -64,6 +68,8 @@
     'GetListenerDefaultActionForwardResult',
     'GetListenerDefaultActionForwardStickinessResult',
     'GetListenerDefaultActionForwardTargetGroupResult',
+    'GetListenerDefaultActionJwtValidationResult',
+    'GetListenerDefaultActionJwtValidationAdditionalClaimResult',
     'GetListenerDefaultActionRedirectResult',
     'GetListenerMutualAuthenticationResult',
     'GetListenerRuleActionResult',
@@ -73,6 +79,8 @@
     'GetListenerRuleActionForwardResult',
     'GetListenerRuleActionForwardStickinessResult',
     'GetListenerRuleActionForwardTargetGroupResult',
+    'GetListenerRuleActionJwtValidationResult',
+    'GetListenerRuleActionJwtValidationAdditionalClaimResult',
     'GetListenerRuleActionRedirectResult',
     'GetListenerRuleConditionResult',
     'GetListenerRuleConditionHostHeaderResult',
@@ -106,6 +114,8 @@ def __key_warning(key: str):
             suggest = "authenticate_oidc"
         elif key == "fixedResponse":
             suggest = "fixed_response"
+        elif key == "jwtValidation":
+            suggest = "jwt_validation"
         elif key == "targetGroupArn":
             suggest = "target_group_arn"
 
@@ -126,17 +136,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional['outputs.ListenerDefaultActionAuthenticateOidc'] = None,
                  fixed_response: Optional['outputs.ListenerDefaultActionFixedResponse'] = None,
                  forward: Optional['outputs.ListenerDefaultActionForward'] = None,
+                 jwt_validation: Optional['outputs.ListenerDefaultActionJwtValidation'] = None,
                  order: Optional[_builtins.int] = None,
                  redirect: Optional['outputs.ListenerDefaultActionRedirect'] = None,
                  target_group_arn: Optional[_builtins.str] = None):
         """
-        :param _builtins.str type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param _builtins.str type: Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
                
                The following arguments are optional:
         :param 'ListenerDefaultActionAuthenticateCognitoArgs' authenticate_cognito: Configuration block for using Amazon Cognito to authenticate users. Specify only when `type` is `authenticate-cognito`. See below.
         :param 'ListenerDefaultActionAuthenticateOidcArgs' authenticate_oidc: Configuration block for an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `type` is `authenticate-oidc`. See below.
         :param 'ListenerDefaultActionFixedResponseArgs' fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param 'ListenerDefaultActionForwardArgs' forward: Configuration block for creating an action that distributes requests among one or more target groups. Specify only if `type` is `forward`. See below.
+        :param 'ListenerDefaultActionJwtValidationArgs' jwt_validation: Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param _builtins.int order: Order for the action. The action with the lowest value for order is performed first. Valid values are between `1` and `50000`. Defaults to the position in the list of actions.
         :param 'ListenerDefaultActionRedirectArgs' redirect: Configuration block for creating a redirect action. Required if `type` is `redirect`. See below.
         :param _builtins.str target_group_arn: ARN of the Target Group to which to route traffic. Specify only if `type` is `forward` and you want to route to a single target group. To route to one or more target groups, use a `forward` block instead. Can be specified with `forward` but ARNs must match.
@@ -150,6 +162,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -161,7 +175,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> _builtins.str:
         """
-        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        Type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
 
         The following arguments are optional:
         """
@@ -199,6 +213,14 @@ def forward(self) -> Optional['outputs.ListenerDefaultActionForward']:
         """
         return pulumi.get(self, "forward")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional['outputs.ListenerDefaultActionJwtValidation']:
+        """
+        Configuration block for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[_builtins.int]:
@@ -713,6 +735,110 @@ def weight(self) -> Optional[_builtins.int]:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class ListenerDefaultActionJwtValidation(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "jwksEndpoint":
+            suggest = "jwks_endpoint"
+        elif key == "additionalClaims":
+            suggest = "additional_claims"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ListenerDefaultActionJwtValidation. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ListenerDefaultActionJwtValidation.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ListenerDefaultActionJwtValidation.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['outputs.ListenerDefaultActionJwtValidationAdditionalClaim']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+               
+               The following arguments are optional:
+        :param Sequence['ListenerDefaultActionJwtValidationAdditionalClaimArgs'] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['outputs.ListenerDefaultActionJwtValidationAdditionalClaim']]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+
+@pulumi.output_type
+class ListenerDefaultActionJwtValidationAdditionalClaim(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param _builtins.str name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param Sequence[_builtins.str] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class ListenerDefaultActionRedirect(dict):
     @staticmethod
@@ -900,6 +1026,8 @@ def __key_warning(key: str):
             suggest = "authenticate_oidc"
         elif key == "fixedResponse":
             suggest = "fixed_response"
+        elif key == "jwtValidation":
+            suggest = "jwt_validation"
         elif key == "targetGroupArn":
             suggest = "target_group_arn"
 
@@ -920,17 +1048,19 @@ def __init__(__self__, *,
                  authenticate_oidc: Optional['outputs.ListenerRuleActionAuthenticateOidc'] = None,
                  fixed_response: Optional['outputs.ListenerRuleActionFixedResponse'] = None,
                  forward: Optional['outputs.ListenerRuleActionForward'] = None,
+                 jwt_validation: Optional['outputs.ListenerRuleActionJwtValidation'] = None,
                  order: Optional[_builtins.int] = None,
                  redirect: Optional['outputs.ListenerRuleActionRedirect'] = None,
                  target_group_arn: Optional[_builtins.str] = None):
         """
-        :param _builtins.str type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        :param _builtins.str type: The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         :param 'ListenerRuleActionAuthenticateCognitoArgs' authenticate_cognito: Information for creating an authenticate action using Cognito. Required if `type` is `authenticate-cognito`.
         :param 'ListenerRuleActionAuthenticateOidcArgs' authenticate_oidc: Information for creating an authenticate action using OIDC. Required if `type` is `authenticate-oidc`.
         :param 'ListenerRuleActionFixedResponseArgs' fixed_response: Information for creating an action that returns a custom HTTP response. Required if `type` is `fixed-response`.
         :param 'ListenerRuleActionForwardArgs' forward: Configuration block for creating an action that distributes requests among one or more target groups.
                Specify only if `type` is `forward`.
                Cannot be specified with `target_group_arn`.
+        :param 'ListenerRuleActionJwtValidationArgs' jwt_validation: Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
         :param _builtins.int order: Order for the action.
                The action with the lowest value for order is performed first.
                Valid values are between `1` and `50000`.
@@ -950,6 +1080,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_response", fixed_response)
         if forward is not None:
             pulumi.set(__self__, "forward", forward)
+        if jwt_validation is not None:
+            pulumi.set(__self__, "jwt_validation", jwt_validation)
         if order is not None:
             pulumi.set(__self__, "order", order)
         if redirect is not None:
@@ -961,7 +1093,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def type(self) -> _builtins.str:
         """
-        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito` and `authenticate-oidc`.
+        The type of routing action. Valid values are `forward`, `redirect`, `fixed-response`, `authenticate-cognito`, `authenticate-oidc` and `jwt-validation`.
         """
         return pulumi.get(self, "type")
 
@@ -999,6 +1131,14 @@ def forward(self) -> Optional['outputs.ListenerRuleActionForward']:
         """
         return pulumi.get(self, "forward")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidation")
+    def jwt_validation(self) -> Optional['outputs.ListenerRuleActionJwtValidation']:
+        """
+        Information for creating a JWT validation action. Required if `type` is `jwt-validation`.
+        """
+        return pulumi.get(self, "jwt_validation")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> Optional[_builtins.int]:
@@ -1495,6 +1635,106 @@ def weight(self) -> Optional[_builtins.int]:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class ListenerRuleActionJwtValidation(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "jwksEndpoint":
+            suggest = "jwks_endpoint"
+        elif key == "additionalClaims":
+            suggest = "additional_claims"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ListenerRuleActionJwtValidation. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ListenerRuleActionJwtValidation.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ListenerRuleActionJwtValidation.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['outputs.ListenerRuleActionJwtValidationAdditionalClaim']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        :param Sequence['ListenerRuleActionJwtValidationAdditionalClaimArgs'] additional_claims: Repeatable configuration block for additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint. This endpoint contains JSON Web Keys (JWK) that are used to validate signatures from the provider. This must be a full URL, including the HTTPS protocol, the domain, and the path.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['outputs.ListenerRuleActionJwtValidationAdditionalClaim']]:
+        """
+        Repeatable configuration block for additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+
+@pulumi.output_type
+class ListenerRuleActionJwtValidationAdditionalClaim(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        :param _builtins.str name: Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        :param Sequence[_builtins.str] values: List of expected values of the claim.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value. Valid values are `single-string`, `string-array` and `space-separated-values`.
+        """
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate. `exp`, `iss`, `nbf`, or `iat` cannot be specified because they are validated by default.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        List of expected values of the claim.
+        """
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class ListenerRuleActionRedirect(dict):
     @staticmethod
@@ -2798,6 +3038,7 @@ def __init__(__self__, *,
                  authenticate_oidcs: Sequence['outputs.GetListenerDefaultActionAuthenticateOidcResult'],
                  fixed_responses: Sequence['outputs.GetListenerDefaultActionFixedResponseResult'],
                  forwards: Sequence['outputs.GetListenerDefaultActionForwardResult'],
+                 jwt_validations: Sequence['outputs.GetListenerDefaultActionJwtValidationResult'],
                  order: _builtins.int,
                  redirects: Sequence['outputs.GetListenerDefaultActionRedirectResult'],
                  target_group_arn: _builtins.str,
@@ -2806,6 +3047,7 @@ def __init__(__self__, *,
         pulumi.set(__self__, "authenticate_oidcs", authenticate_oidcs)
         pulumi.set(__self__, "fixed_responses", fixed_responses)
         pulumi.set(__self__, "forwards", forwards)
+        pulumi.set(__self__, "jwt_validations", jwt_validations)
         pulumi.set(__self__, "order", order)
         pulumi.set(__self__, "redirects", redirects)
         pulumi.set(__self__, "target_group_arn", target_group_arn)
@@ -2831,6 +3073,11 @@ def fixed_responses(self) -> Sequence['outputs.GetListenerDefaultActionFixedResp
     def forwards(self) -> Sequence['outputs.GetListenerDefaultActionForwardResult']:
         return pulumi.get(self, "forwards")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidations")
+    def jwt_validations(self) -> Sequence['outputs.GetListenerDefaultActionJwtValidationResult']:
+        return pulumi.get(self, "jwt_validations")
+
     @_builtins.property
     @pulumi.getter
     def order(self) -> _builtins.int:
@@ -3084,6 +3331,58 @@ def weight(self) -> _builtins.int:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class GetListenerDefaultActionJwtValidationResult(dict):
+    def __init__(__self__, *,
+                 additional_claims: Sequence['outputs.GetListenerDefaultActionJwtValidationAdditionalClaimResult'],
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str):
+        pulumi.set(__self__, "additional_claims", additional_claims)
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Sequence['outputs.GetListenerDefaultActionJwtValidationAdditionalClaimResult']:
+        return pulumi.get(self, "additional_claims")
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        return pulumi.get(self, "jwks_endpoint")
+
+
+@pulumi.output_type
+class GetListenerDefaultActionJwtValidationAdditionalClaimResult(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class GetListenerDefaultActionRedirectResult(dict):
     def __init__(__self__, *,
@@ -3179,6 +3478,7 @@ def __init__(__self__, *,
                  authenticate_oidcs: Optional[Sequence['outputs.GetListenerRuleActionAuthenticateOidcResult']] = None,
                  fixed_responses: Optional[Sequence['outputs.GetListenerRuleActionFixedResponseResult']] = None,
                  forwards: Optional[Sequence['outputs.GetListenerRuleActionForwardResult']] = None,
+                 jwt_validations: Optional[Sequence['outputs.GetListenerRuleActionJwtValidationResult']] = None,
                  redirects: Optional[Sequence['outputs.GetListenerRuleActionRedirectResult']] = None):
         """
         :param _builtins.int order: The evaluation order of the action.
@@ -3191,6 +3491,8 @@ def __init__(__self__, *,
                Detailed below.
         :param Sequence['GetListenerRuleActionForwardArgs'] forwards: An action to forward the request.
                Detailed below.
+        :param Sequence['GetListenerRuleActionJwtValidationArgs'] jwt_validations: An action to validate using JWT.
+               Detailed below.
         :param Sequence['GetListenerRuleActionRedirectArgs'] redirects: An action to redirect the request.
                Detailed below.
         """
@@ -3204,6 +3506,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "fixed_responses", fixed_responses)
         if forwards is not None:
             pulumi.set(__self__, "forwards", forwards)
+        if jwt_validations is not None:
+            pulumi.set(__self__, "jwt_validations", jwt_validations)
         if redirects is not None:
             pulumi.set(__self__, "redirects", redirects)
 
@@ -3259,6 +3563,15 @@ def forwards(self) -> Optional[Sequence['outputs.GetListenerRuleActionForwardRes
         """
         return pulumi.get(self, "forwards")
 
+    @_builtins.property
+    @pulumi.getter(name="jwtValidations")
+    def jwt_validations(self) -> Optional[Sequence['outputs.GetListenerRuleActionJwtValidationResult']]:
+        """
+        An action to validate using JWT.
+        Detailed below.
+        """
+        return pulumi.get(self, "jwt_validations")
+
     @_builtins.property
     @pulumi.getter
     def redirects(self) -> Optional[Sequence['outputs.GetListenerRuleActionRedirectResult']]:
@@ -3384,7 +3697,7 @@ def __init__(__self__, *,
                Detailed below.
         :param _builtins.str authorization_endpoint: The authorization endpoint of the IdP.
         :param _builtins.str client_id: OAuth 2.0 client identifier.
-        :param _builtins.str issuer: OIDC issuer identifier of the IdP.
+        :param _builtins.str issuer: Issuer of the JWT.
         :param _builtins.str on_unauthenticated_request: Behavior when the client is not authenticated.
         :param _builtins.str scope: Set of user claims requested.
         :param _builtins.str session_cookie_name: Name of the cookie used to maintain session information.
@@ -3432,7 +3745,7 @@ def client_id(self) -> _builtins.str:
     @pulumi.getter
     def issuer(self) -> _builtins.str:
         """
-        OIDC issuer identifier of the IdP.
+        Issuer of the JWT.
         """
         return pulumi.get(self, "issuer")
 
@@ -3620,6 +3933,87 @@ def weight(self) -> _builtins.int:
         return pulumi.get(self, "weight")
 
 
+@pulumi.output_type
+class GetListenerRuleActionJwtValidationResult(dict):
+    def __init__(__self__, *,
+                 issuer: _builtins.str,
+                 jwks_endpoint: _builtins.str,
+                 additional_claims: Optional[Sequence['outputs.GetListenerRuleActionJwtValidationAdditionalClaimResult']] = None):
+        """
+        :param _builtins.str issuer: Issuer of the JWT.
+        :param _builtins.str jwks_endpoint: JSON Web Key Set (JWKS) endpoint.
+        :param Sequence['GetListenerRuleActionJwtValidationAdditionalClaimArgs'] additional_claims: Additional claims to validate.
+        """
+        pulumi.set(__self__, "issuer", issuer)
+        pulumi.set(__self__, "jwks_endpoint", jwks_endpoint)
+        if additional_claims is not None:
+            pulumi.set(__self__, "additional_claims", additional_claims)
+
+    @_builtins.property
+    @pulumi.getter
+    def issuer(self) -> _builtins.str:
+        """
+        Issuer of the JWT.
+        """
+        return pulumi.get(self, "issuer")
+
+    @_builtins.property
+    @pulumi.getter(name="jwksEndpoint")
+    def jwks_endpoint(self) -> _builtins.str:
+        """
+        JSON Web Key Set (JWKS) endpoint.
+        """
+        return pulumi.get(self, "jwks_endpoint")
+
+    @_builtins.property
+    @pulumi.getter(name="additionalClaims")
+    def additional_claims(self) -> Optional[Sequence['outputs.GetListenerRuleActionJwtValidationAdditionalClaimResult']]:
+        """
+        Additional claims to validate.
+        """
+        return pulumi.get(self, "additional_claims")
+
+
+@pulumi.output_type
+class GetListenerRuleActionJwtValidationAdditionalClaimResult(dict):
+    def __init__(__self__, *,
+                 format: _builtins.str,
+                 name: _builtins.str,
+                 values: Sequence[_builtins.str]):
+        """
+        :param _builtins.str format: Format of the claim value.
+        :param _builtins.str name: Name of the claim to validate.
+        :param Sequence[_builtins.str] values: Set of `key`-`value` pairs indicating the query string parameters to match.
+        """
+        pulumi.set(__self__, "format", format)
+        pulumi.set(__self__, "name", name)
+        pulumi.set(__self__, "values", values)
+
+    @_builtins.property
+    @pulumi.getter
+    def format(self) -> _builtins.str:
+        """
+        Format of the claim value.
+        """
+        return pulumi.get(self, "format")
+
+    @_builtins.property
+    @pulumi.getter
+    def name(self) -> _builtins.str:
+        """
+        Name of the claim to validate.
+        """
+        return pulumi.get(self, "name")
+
+    @_builtins.property
+    @pulumi.getter
+    def values(self) -> Sequence[_builtins.str]:
+        """
+        Set of `key`-`value` pairs indicating the query string parameters to match.
+        """
+        return pulumi.get(self, "values")
+
+
 @pulumi.output_type
 class GetListenerRuleActionRedirectResult(dict):
     def __init__(__self__, *,
diff --git a/sdk/python/pulumi_aws/notifications/channel_association.py b/sdk/python/pulumi_aws/notifications/channel_association.py
index 19e675d6f17..341185d7d41 100644
--- a/sdk/python/pulumi_aws/notifications/channel_association.py
+++ b/sdk/python/pulumi_aws/notifications/channel_association.py
@@ -23,7 +23,7 @@ def __init__(__self__, *,
                  notification_configuration_arn: pulumi.Input[_builtins.str]):
         """
         The set of arguments for constructing a ChannelAssociation resource.
-        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         :param pulumi.Input[_builtins.str] notification_configuration_arn: ARN of the notification configuration to associate the channel with.
         """
         pulumi.set(__self__, "arn", arn)
@@ -33,7 +33,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def arn(self) -> pulumi.Input[_builtins.str]:
         """
-        ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         """
         return pulumi.get(self, "arn")
 
@@ -61,7 +61,7 @@ def __init__(__self__, *,
                  notification_configuration_arn: Optional[pulumi.Input[_builtins.str]] = None):
         """
         Input properties used for looking up and filtering ChannelAssociation resources.
-        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         :param pulumi.Input[_builtins.str] notification_configuration_arn: ARN of the notification configuration to associate the channel with.
         """
         if arn is not None:
@@ -73,7 +73,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         """
         return pulumi.get(self, "arn")
 
@@ -135,7 +135,7 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         :param pulumi.Input[_builtins.str] notification_configuration_arn: ARN of the notification configuration to associate the channel with.
         """
         ...
@@ -225,7 +225,7 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        :param pulumi.Input[_builtins.str] arn: ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         :param pulumi.Input[_builtins.str] notification_configuration_arn: ARN of the notification configuration to associate the channel with.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -240,7 +240,7 @@ def get(resource_name: str,
     @pulumi.getter
     def arn(self) -> pulumi.Output[_builtins.str]:
         """
-        ARN of the channel to associate with the notification configuration. This can be an email contact ARN.
+        ARN of the channel to associate with the notification configuration. Must match pattern `^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$`.
         """
         return pulumi.get(self, "arn")
 
diff --git a/sdk/python/pulumi_aws/odb/cloud_vm_cluster.py b/sdk/python/pulumi_aws/odb/cloud_vm_cluster.py
index 0d4c36eac12..67eb1c2f1fe 100644
--- a/sdk/python/pulumi_aws/odb/cloud_vm_cluster.py
+++ b/sdk/python/pulumi_aws/odb/cloud_vm_cluster.py
@@ -21,15 +21,15 @@
 @pulumi.input_type
 class CloudVmClusterArgs:
     def __init__(__self__, *,
-                 cloud_exadata_infrastructure_id: pulumi.Input[_builtins.str],
                  cpu_core_count: pulumi.Input[_builtins.int],
                  data_storage_size_in_tbs: pulumi.Input[_builtins.float],
                  db_servers: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
                  display_name: pulumi.Input[_builtins.str],
                  gi_version: pulumi.Input[_builtins.str],
                  hostname_prefix: pulumi.Input[_builtins.str],
-                 odb_network_id: pulumi.Input[_builtins.str],
                  ssh_public_keys: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
+                 cloud_exadata_infrastructure_arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 cloud_exadata_infrastructure_id: Optional[pulumi.Input[_builtins.str]] = None,
                  cluster_name: Optional[pulumi.Input[_builtins.str]] = None,
                  data_collection_options: Optional[pulumi.Input['CloudVmClusterDataCollectionOptionsArgs']] = None,
                  db_node_storage_size_in_gbs: Optional[pulumi.Input[_builtins.int]] = None,
@@ -37,6 +37,8 @@ def __init__(__self__, *,
                  is_sparse_diskgroup_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  license_model: Optional[pulumi.Input[_builtins.str]] = None,
                  memory_size_in_gbs: Optional[pulumi.Input[_builtins.int]] = None,
+                 odb_network_arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 odb_network_id: Optional[pulumi.Input[_builtins.str]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
                  scan_listener_port_tcp: Optional[pulumi.Input[_builtins.int]] = None,
                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
@@ -44,7 +46,6 @@ def __init__(__self__, *,
                  timezone: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a CloudVmCluster resource.
-        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.int] cpu_core_count: The number of CPU cores to enable on the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.float] data_storage_size_in_tbs: The size of the data disk group, in terabytes (TBs), to allocate for the VM cluster. Changing this will create a new resource.
                
@@ -53,8 +54,9 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.str] display_name: A user-friendly name for the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] gi_version: A valid software version of Oracle Grid Infrastructure (GI). To get the list of valid values, use the ListGiVersions operation and specify the shape of the Exadata infrastructure. Example: 19.0.0.0 Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] hostname_prefix: The host name prefix for the VM cluster. Constraints: - Can't be "localhost" or "hostname". - Can't contain "-version". - The maximum length of the combined hostname and domain is 63 characters. - The hostname must be unique within the subnet. Changing this will create a new resource.
-        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] ssh_public_keys: The public key portion of one or more key pairs used for SSH access to the VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_arn: The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] cluster_name: The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource.
         :param pulumi.Input['CloudVmClusterDataCollectionOptionsArgs'] data_collection_options: The set of preferences for the various diagnostic collection options for the VM cluster.
         :param pulumi.Input[_builtins.int] db_node_storage_size_in_gbs: The amount of local node storage, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource.
@@ -62,20 +64,24 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.bool] is_sparse_diskgroup_enabled: Specifies whether to create a sparse disk group for the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] license_model: The Oracle license model to apply to the VM cluster. Default: LICENSE_INCLUDED. Changing this will create a new resource.
         :param pulumi.Input[_builtins.int] memory_size_in_gbs: The amount of memory, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] odb_network_arn: The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.int] scan_listener_port_tcp: The port number for TCP connections to the single client access name (SCAN) listener. Valid values: 1024–8999, except 2484, 6100, 6200, 7060, 7070, 7085, and 7879. Default: 1521. Changing this will create a new resource.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: A map of tags to assign to the exadata infrastructure. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[_builtins.str] timezone: The configured time zone of the VM cluster. Changing this will create a new resource.
         """
-        pulumi.set(__self__, "cloud_exadata_infrastructure_id", cloud_exadata_infrastructure_id)
         pulumi.set(__self__, "cpu_core_count", cpu_core_count)
         pulumi.set(__self__, "data_storage_size_in_tbs", data_storage_size_in_tbs)
         pulumi.set(__self__, "db_servers", db_servers)
         pulumi.set(__self__, "display_name", display_name)
         pulumi.set(__self__, "gi_version", gi_version)
         pulumi.set(__self__, "hostname_prefix", hostname_prefix)
-        pulumi.set(__self__, "odb_network_id", odb_network_id)
         pulumi.set(__self__, "ssh_public_keys", ssh_public_keys)
+        if cloud_exadata_infrastructure_arn is not None:
+            pulumi.set(__self__, "cloud_exadata_infrastructure_arn", cloud_exadata_infrastructure_arn)
+        if cloud_exadata_infrastructure_id is not None:
+            pulumi.set(__self__, "cloud_exadata_infrastructure_id", cloud_exadata_infrastructure_id)
         if cluster_name is not None:
             pulumi.set(__self__, "cluster_name", cluster_name)
         if data_collection_options is not None:
@@ -90,6 +96,10 @@ def __init__(__self__, *,
             pulumi.set(__self__, "license_model", license_model)
         if memory_size_in_gbs is not None:
             pulumi.set(__self__, "memory_size_in_gbs", memory_size_in_gbs)
+        if odb_network_arn is not None:
+            pulumi.set(__self__, "odb_network_arn", odb_network_arn)
+        if odb_network_id is not None:
+            pulumi.set(__self__, "odb_network_id", odb_network_id)
         if region is not None:
             pulumi.set(__self__, "region", region)
         if scan_listener_port_tcp is not None:
@@ -101,18 +111,6 @@ def __init__(__self__, *,
         if timezone is not None:
             pulumi.set(__self__, "timezone", timezone)
 
-    @_builtins.property
-    @pulumi.getter(name="cloudExadataInfrastructureId")
-    def cloud_exadata_infrastructure_id(self) -> pulumi.Input[_builtins.str]:
-        """
-        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
-        """
-        return pulumi.get(self, "cloud_exadata_infrastructure_id")
-
-    @cloud_exadata_infrastructure_id.setter
-    def cloud_exadata_infrastructure_id(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "cloud_exadata_infrastructure_id", value)
-
     @_builtins.property
     @pulumi.getter(name="cpuCoreCount")
     def cpu_core_count(self) -> pulumi.Input[_builtins.int]:
@@ -187,18 +185,6 @@ def hostname_prefix(self) -> pulumi.Input[_builtins.str]:
     def hostname_prefix(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "hostname_prefix", value)
 
-    @_builtins.property
-    @pulumi.getter(name="odbNetworkId")
-    def odb_network_id(self) -> pulumi.Input[_builtins.str]:
-        """
-        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
-        """
-        return pulumi.get(self, "odb_network_id")
-
-    @odb_network_id.setter
-    def odb_network_id(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "odb_network_id", value)
-
     @_builtins.property
     @pulumi.getter(name="sshPublicKeys")
     def ssh_public_keys(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
@@ -211,6 +197,30 @@ def ssh_public_keys(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
     def ssh_public_keys(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
         pulumi.set(self, "ssh_public_keys", value)
 
+    @_builtins.property
+    @pulumi.getter(name="cloudExadataInfrastructureArn")
+    def cloud_exadata_infrastructure_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "cloud_exadata_infrastructure_arn")
+
+    @cloud_exadata_infrastructure_arn.setter
+    def cloud_exadata_infrastructure_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "cloud_exadata_infrastructure_arn", value)
+
+    @_builtins.property
+    @pulumi.getter(name="cloudExadataInfrastructureId")
+    def cloud_exadata_infrastructure_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "cloud_exadata_infrastructure_id")
+
+    @cloud_exadata_infrastructure_id.setter
+    def cloud_exadata_infrastructure_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "cloud_exadata_infrastructure_id", value)
+
     @_builtins.property
     @pulumi.getter(name="clusterName")
     def cluster_name(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -295,6 +305,30 @@ def memory_size_in_gbs(self) -> Optional[pulumi.Input[_builtins.int]]:
     def memory_size_in_gbs(self, value: Optional[pulumi.Input[_builtins.int]]):
         pulumi.set(self, "memory_size_in_gbs", value)
 
+    @_builtins.property
+    @pulumi.getter(name="odbNetworkArn")
+    def odb_network_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "odb_network_arn")
+
+    @odb_network_arn.setter
+    def odb_network_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "odb_network_arn", value)
+
+    @_builtins.property
+    @pulumi.getter(name="odbNetworkId")
+    def odb_network_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "odb_network_id")
+
+    @odb_network_id.setter
+    def odb_network_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "odb_network_id", value)
+
     @_builtins.property
     @pulumi.getter
     def region(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -357,6 +391,7 @@ def timezone(self, value: Optional[pulumi.Input[_builtins.str]]):
 class _CloudVmClusterState:
     def __init__(__self__, *,
                  arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 cloud_exadata_infrastructure_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  cloud_exadata_infrastructure_id: Optional[pulumi.Input[_builtins.str]] = None,
                  cluster_name: Optional[pulumi.Input[_builtins.str]] = None,
                  compute_model: Optional[pulumi.Input[_builtins.str]] = None,
@@ -384,6 +419,7 @@ def __init__(__self__, *,
                  oci_resource_anchor_name: Optional[pulumi.Input[_builtins.str]] = None,
                  oci_url: Optional[pulumi.Input[_builtins.str]] = None,
                  ocid: Optional[pulumi.Input[_builtins.str]] = None,
+                 odb_network_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  odb_network_id: Optional[pulumi.Input[_builtins.str]] = None,
                  percent_progress: Optional[pulumi.Input[_builtins.float]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
@@ -405,7 +441,8 @@ def __init__(__self__, *,
         """
         Input properties used for looking up and filtering CloudVmCluster resources.
         :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) for the cloud vm cluster.
-        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_arn: The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] cluster_name: The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] compute_model: The compute model used when the instance is created or cloned — either ECPU or OCPU. ECPU is a virtualized compute unit; OCPU is a physical processor core with hyper-threading.
         :param pulumi.Input[_builtins.int] cpu_core_count: The number of CPU cores to enable on the VM cluster. Changing this will create a new resource.
@@ -435,7 +472,8 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.str] oci_resource_anchor_name: The name of the OCI resource anchor associated with the VM cluster.
         :param pulumi.Input[_builtins.str] oci_url: The HTTPS link to the VM cluster resource in OCI.
         :param pulumi.Input[_builtins.str] ocid: The OCID (Oracle Cloud Identifier) of the VM cluster.
-        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] odb_network_arn: The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.float] percent_progress: The percentage of progress made on the current operation for the VM cluster.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.str] scan_dns_name: The fully qualified domain name (FQDN) for the SCAN IP addresses associated with the VM cluster.
@@ -455,6 +493,8 @@ def __init__(__self__, *,
         """
         if arn is not None:
             pulumi.set(__self__, "arn", arn)
+        if cloud_exadata_infrastructure_arn is not None:
+            pulumi.set(__self__, "cloud_exadata_infrastructure_arn", cloud_exadata_infrastructure_arn)
         if cloud_exadata_infrastructure_id is not None:
             pulumi.set(__self__, "cloud_exadata_infrastructure_id", cloud_exadata_infrastructure_id)
         if cluster_name is not None:
@@ -509,6 +549,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "oci_url", oci_url)
         if ocid is not None:
             pulumi.set(__self__, "ocid", ocid)
+        if odb_network_arn is not None:
+            pulumi.set(__self__, "odb_network_arn", odb_network_arn)
         if odb_network_id is not None:
             pulumi.set(__self__, "odb_network_id", odb_network_id)
         if percent_progress is not None:
@@ -558,11 +600,23 @@ def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
     def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "arn", value)
 
+    @_builtins.property
+    @pulumi.getter(name="cloudExadataInfrastructureArn")
+    def cloud_exadata_infrastructure_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "cloud_exadata_infrastructure_arn")
+
+    @cloud_exadata_infrastructure_arn.setter
+    def cloud_exadata_infrastructure_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "cloud_exadata_infrastructure_arn", value)
+
     @_builtins.property
     @pulumi.getter(name="cloudExadataInfrastructureId")
     def cloud_exadata_infrastructure_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         """
         return pulumi.get(self, "cloud_exadata_infrastructure_id")
 
@@ -885,11 +939,23 @@ def ocid(self) -> Optional[pulumi.Input[_builtins.str]]:
     def ocid(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "ocid", value)
 
+    @_builtins.property
+    @pulumi.getter(name="odbNetworkArn")
+    def odb_network_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "odb_network_arn")
+
+    @odb_network_arn.setter
+    def odb_network_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "odb_network_arn", value)
+
     @_builtins.property
     @pulumi.getter(name="odbNetworkId")
     def odb_network_id(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         """
         return pulumi.get(self, "odb_network_id")
 
@@ -1105,6 +1171,7 @@ class CloudVmCluster(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
+                 cloud_exadata_infrastructure_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  cloud_exadata_infrastructure_id: Optional[pulumi.Input[_builtins.str]] = None,
                  cluster_name: Optional[pulumi.Input[_builtins.str]] = None,
                  cpu_core_count: Optional[pulumi.Input[_builtins.int]] = None,
@@ -1119,6 +1186,7 @@ def __init__(__self__,
                  is_sparse_diskgroup_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  license_model: Optional[pulumi.Input[_builtins.str]] = None,
                  memory_size_in_gbs: Optional[pulumi.Input[_builtins.int]] = None,
+                 odb_network_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  odb_network_id: Optional[pulumi.Input[_builtins.str]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
                  scan_listener_port_tcp: Optional[pulumi.Input[_builtins.int]] = None,
@@ -1200,7 +1268,8 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_arn: The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] cluster_name: The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.int] cpu_core_count: The number of CPU cores to enable on the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[Union['CloudVmClusterDataCollectionOptionsArgs', 'CloudVmClusterDataCollectionOptionsArgsDict']] data_collection_options: The set of preferences for the various diagnostic collection options for the VM cluster.
@@ -1216,7 +1285,8 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.bool] is_sparse_diskgroup_enabled: Specifies whether to create a sparse disk group for the VM cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] license_model: The Oracle license model to apply to the VM cluster. Default: LICENSE_INCLUDED. Changing this will create a new resource.
         :param pulumi.Input[_builtins.int] memory_size_in_gbs: The amount of memory, in gigabytes (GBs), to allocate for the VM cluster. Changing this will create a new resource.
-        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] odb_network_arn: The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.int] scan_listener_port_tcp: The port number for TCP connections to the single client access name (SCAN) listener. Valid values: 1024–8999, except 2484, 6100, 6200, 7060, 7070, 7085, and 7879. Default: 1521. Changing this will create a new resource.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] ssh_public_keys: The public key portion of one or more key pairs used for SSH access to the VM cluster. Changing this will create a new resource.
@@ -1315,6 +1385,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
+                 cloud_exadata_infrastructure_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  cloud_exadata_infrastructure_id: Optional[pulumi.Input[_builtins.str]] = None,
                  cluster_name: Optional[pulumi.Input[_builtins.str]] = None,
                  cpu_core_count: Optional[pulumi.Input[_builtins.int]] = None,
@@ -1329,6 +1400,7 @@ def _internal_init(__self__,
                  is_sparse_diskgroup_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  license_model: Optional[pulumi.Input[_builtins.str]] = None,
                  memory_size_in_gbs: Optional[pulumi.Input[_builtins.int]] = None,
+                 odb_network_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  odb_network_id: Optional[pulumi.Input[_builtins.str]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
                  scan_listener_port_tcp: Optional[pulumi.Input[_builtins.int]] = None,
@@ -1345,8 +1417,7 @@ def _internal_init(__self__,
                 raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
             __props__ = CloudVmClusterArgs.__new__(CloudVmClusterArgs)
 
-            if cloud_exadata_infrastructure_id is None and not opts.urn:
-                raise TypeError("Missing required property 'cloud_exadata_infrastructure_id'")
+            __props__.__dict__["cloud_exadata_infrastructure_arn"] = cloud_exadata_infrastructure_arn
             __props__.__dict__["cloud_exadata_infrastructure_id"] = cloud_exadata_infrastructure_id
             __props__.__dict__["cluster_name"] = cluster_name
             if cpu_core_count is None and not opts.urn:
@@ -1373,8 +1444,7 @@ def _internal_init(__self__,
             __props__.__dict__["is_sparse_diskgroup_enabled"] = is_sparse_diskgroup_enabled
             __props__.__dict__["license_model"] = license_model
             __props__.__dict__["memory_size_in_gbs"] = memory_size_in_gbs
-            if odb_network_id is None and not opts.urn:
-                raise TypeError("Missing required property 'odb_network_id'")
+            __props__.__dict__["odb_network_arn"] = odb_network_arn
             __props__.__dict__["odb_network_id"] = odb_network_id
             __props__.__dict__["region"] = region
             __props__.__dict__["scan_listener_port_tcp"] = scan_listener_port_tcp
@@ -1420,6 +1490,7 @@ def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
             arn: Optional[pulumi.Input[_builtins.str]] = None,
+            cloud_exadata_infrastructure_arn: Optional[pulumi.Input[_builtins.str]] = None,
             cloud_exadata_infrastructure_id: Optional[pulumi.Input[_builtins.str]] = None,
             cluster_name: Optional[pulumi.Input[_builtins.str]] = None,
             compute_model: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1447,6 +1518,7 @@ def get(resource_name: str,
             oci_resource_anchor_name: Optional[pulumi.Input[_builtins.str]] = None,
             oci_url: Optional[pulumi.Input[_builtins.str]] = None,
             ocid: Optional[pulumi.Input[_builtins.str]] = None,
+            odb_network_arn: Optional[pulumi.Input[_builtins.str]] = None,
             odb_network_id: Optional[pulumi.Input[_builtins.str]] = None,
             percent_progress: Optional[pulumi.Input[_builtins.float]] = None,
             region: Optional[pulumi.Input[_builtins.str]] = None,
@@ -1473,7 +1545,8 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) for the cloud vm cluster.
-        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_arn: The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] cloud_exadata_infrastructure_id: The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.str] cluster_name: The name of the Grid Infrastructure (GI) cluster. Changing this will create a new resource.
         :param pulumi.Input[_builtins.str] compute_model: The compute model used when the instance is created or cloned — either ECPU or OCPU. ECPU is a virtualized compute unit; OCPU is a physical processor core with hyper-threading.
         :param pulumi.Input[_builtins.int] cpu_core_count: The number of CPU cores to enable on the VM cluster. Changing this will create a new resource.
@@ -1503,7 +1576,8 @@ def get(resource_name: str,
         :param pulumi.Input[_builtins.str] oci_resource_anchor_name: The name of the OCI resource anchor associated with the VM cluster.
         :param pulumi.Input[_builtins.str] oci_url: The HTTPS link to the VM cluster resource in OCI.
         :param pulumi.Input[_builtins.str] ocid: The OCID (Oracle Cloud Identifier) of the VM cluster.
-        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+        :param pulumi.Input[_builtins.str] odb_network_arn: The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        :param pulumi.Input[_builtins.str] odb_network_id: The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         :param pulumi.Input[_builtins.float] percent_progress: The percentage of progress made on the current operation for the VM cluster.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.str] scan_dns_name: The fully qualified domain name (FQDN) for the SCAN IP addresses associated with the VM cluster.
@@ -1526,6 +1600,7 @@ def get(resource_name: str,
         __props__ = _CloudVmClusterState.__new__(_CloudVmClusterState)
 
         __props__.__dict__["arn"] = arn
+        __props__.__dict__["cloud_exadata_infrastructure_arn"] = cloud_exadata_infrastructure_arn
         __props__.__dict__["cloud_exadata_infrastructure_id"] = cloud_exadata_infrastructure_id
         __props__.__dict__["cluster_name"] = cluster_name
         __props__.__dict__["compute_model"] = compute_model
@@ -1553,6 +1628,7 @@ def get(resource_name: str,
         __props__.__dict__["oci_resource_anchor_name"] = oci_resource_anchor_name
         __props__.__dict__["oci_url"] = oci_url
         __props__.__dict__["ocid"] = ocid
+        __props__.__dict__["odb_network_arn"] = odb_network_arn
         __props__.__dict__["odb_network_id"] = odb_network_id
         __props__.__dict__["percent_progress"] = percent_progress
         __props__.__dict__["region"] = region
@@ -1581,11 +1657,19 @@ def arn(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "arn")
 
+    @_builtins.property
+    @pulumi.getter(name="cloudExadataInfrastructureArn")
+    def cloud_exadata_infrastructure_arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        The ARN of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "cloud_exadata_infrastructure_arn")
+
     @_builtins.property
     @pulumi.getter(name="cloudExadataInfrastructureId")
     def cloud_exadata_infrastructure_id(self) -> pulumi.Output[_builtins.str]:
         """
-        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource.
+        The unique identifier of the Exadata infrastructure for this VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         """
         return pulumi.get(self, "cloud_exadata_infrastructure_id")
 
@@ -1800,11 +1884,19 @@ def ocid(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "ocid")
 
+    @_builtins.property
+    @pulumi.getter(name="odbNetworkArn")
+    def odb_network_arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        The ARN of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
+        """
+        return pulumi.get(self, "odb_network_arn")
+
     @_builtins.property
     @pulumi.getter(name="odbNetworkId")
     def odb_network_id(self) -> pulumi.Output[_builtins.str]:
         """
-        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource.
+        The unique identifier of the ODB network for the VM cluster. Changing this will create a new resource. Either the combination of cloud_exadata_infrastructure_id and odb_network_id or cloud_exadata_infrastructure_arn and odb_network_arn must be used.
         """
         return pulumi.get(self, "odb_network_id")
 
diff --git a/sdk/python/pulumi_aws/odb/outputs.py b/sdk/python/pulumi_aws/odb/outputs.py
index 55081f68323..04209964591 100644
--- a/sdk/python/pulumi_aws/odb/outputs.py
+++ b/sdk/python/pulumi_aws/odb/outputs.py
@@ -1886,6 +1886,7 @@ def __init__(__self__, *,
         :param Sequence['GetDbServersDbServerDbServerPatchingDetailArgs'] db_server_patching_details: The scheduling details for the quarterly maintenance window. Patching and system updates take place during the maintenance window.
         :param _builtins.str display_name: The user-friendly name of the database server. The name doesn't need to be unique.
         :param _builtins.str exadata_infrastructure_id: The ID of the Exadata infrastructure that hosts the database server.
+        :param _builtins.str id: The unique identifier of the database server.
         :param _builtins.int max_cpu_count: The total number of CPU cores available on the database server.
         :param _builtins.int max_db_node_storage_in_gbs: The total amount of local node storage, in gigabytes (GB), that's available on the database server.
         :param _builtins.int max_memory_in_gbs: The total amount of memory, in gigabytes (GB), that's available on the database server.
@@ -1993,6 +1994,9 @@ def exadata_infrastructure_id(self) -> _builtins.str:
     @_builtins.property
     @pulumi.getter
     def id(self) -> _builtins.str:
+        """
+        The unique identifier of the database server.
+        """
         return pulumi.get(self, "id")
 
     @_builtins.property
diff --git a/sdk/python/pulumi_aws/organizations/organization.py b/sdk/python/pulumi_aws/organizations/organization.py
index 9c42f345897..618d4643e20 100644
--- a/sdk/python/pulumi_aws/organizations/organization.py
+++ b/sdk/python/pulumi_aws/organizations/organization.py
@@ -27,7 +27,7 @@ def __init__(__self__, *,
         """
         The set of arguments for constructing a Organization resource.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] aws_service_access_principals: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         :param pulumi.Input[_builtins.str] feature_set: Specify `ALL` (default) or `CONSOLIDATED_BILLING`.
         """
         if aws_service_access_principals is not None:
@@ -53,7 +53,7 @@ def aws_service_access_principals(self, value: Optional[pulumi.Input[Sequence[pu
     @pulumi.getter(name="enabledPolicyTypes")
     def enabled_policy_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
-        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         """
         return pulumi.get(self, "enabled_policy_types")
 
@@ -93,7 +93,7 @@ def __init__(__self__, *,
         :param pulumi.Input[Sequence[pulumi.Input['OrganizationAccountArgs']]] accounts: List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:
         :param pulumi.Input[_builtins.str] arn: ARN of the root.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] aws_service_access_principals: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         :param pulumi.Input[_builtins.str] feature_set: Specify `ALL` (default) or `CONSOLIDATED_BILLING`.
         :param pulumi.Input[_builtins.str] master_account_arn: ARN of the master account.
         :param pulumi.Input[_builtins.str] master_account_email: Email address of the master account.
@@ -165,7 +165,7 @@ def aws_service_access_principals(self, value: Optional[pulumi.Input[Sequence[pu
     @pulumi.getter(name="enabledPolicyTypes")
     def enabled_policy_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
-        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         """
         return pulumi.get(self, "enabled_policy_types")
 
@@ -310,7 +310,7 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] aws_service_access_principals: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         :param pulumi.Input[_builtins.str] feature_set: Specify `ALL` (default) or `CONSOLIDATED_BILLING`.
         """
         ...
@@ -427,7 +427,7 @@ def get(resource_name: str,
         :param pulumi.Input[Sequence[pulumi.Input[Union['OrganizationAccountArgs', 'OrganizationAccountArgsDict']]]] accounts: List of organization accounts including the master account. For a list excluding the master account, see the `non_master_accounts` attribute. All elements have these attributes:
         :param pulumi.Input[_builtins.str] arn: ARN of the root.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] aws_service_access_principals: List of AWS service principal names for which you want to enable integration with your organization. This is typically in the form of a URL, such as service-abbreviation.amazonaws.com. Organization must have `feature_set` set to `ALL`. Some services do not support enablement via this endpoint, see [warning in aws docs](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html).
-        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] enabled_policy_types: List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         :param pulumi.Input[_builtins.str] feature_set: Specify `ALL` (default) or `CONSOLIDATED_BILLING`.
         :param pulumi.Input[_builtins.str] master_account_arn: ARN of the master account.
         :param pulumi.Input[_builtins.str] master_account_email: Email address of the master account.
@@ -481,7 +481,7 @@ def aws_service_access_principals(self) -> pulumi.Output[Optional[Sequence[_buil
     @pulumi.getter(name="enabledPolicyTypes")
     def enabled_policy_types(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
-        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html).
+        List of Organizations policy types to enable in the Organization Root. Organization must have `feature_set` set to `ALL`. For additional information about valid policy types (e.g., `AISERVICES_OPT_OUT_POLICY`, `BACKUP_POLICY`, `CHATBOT_POLICY`, `DECLARATIVE_POLICY_EC2`, `RESOURCE_CONTROL_POLICY`, `SECURITYHUB_POLICY`, `SERVICE_CONTROL_POLICY`, and `TAG_POLICY`), see the [AWS Organizations API Reference](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html). To enable `SECURITYHUB_POLICY`, `aws_service_access_principals` must include `securityhub.amazonaws.com`.
         """
         return pulumi.get(self, "enabled_policy_types")
 
diff --git a/sdk/python/pulumi_aws/provider.py b/sdk/python/pulumi_aws/provider.py
index 8f07e6bc5b9..a61ab337b2e 100644
--- a/sdk/python/pulumi_aws/provider.py
+++ b/sdk/python/pulumi_aws/provider.py
@@ -49,6 +49,7 @@ def __init__(__self__, *,
                  skip_region_validation: Optional[pulumi.Input[_builtins.bool]] = None,
                  skip_requesting_account_id: Optional[pulumi.Input[_builtins.bool]] = None,
                  sts_region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tag_policy_compliance: Optional[pulumi.Input[_builtins.str]] = None,
                  token: Optional[pulumi.Input[_builtins.str]] = None,
                  token_bucket_rate_limiter_capacity: Optional[pulumi.Input[_builtins.int]] = None,
                  use_dualstack_endpoint: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -89,6 +90,7 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.bool] skip_requesting_account_id: Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
         :param pulumi.Input[_builtins.str] sts_region: The region where AWS STS operations will take place. Examples
                are us-east-1 and us-west-2.
+        :param pulumi.Input[_builtins.str] tag_policy_compliance: The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
         :param pulumi.Input[_builtins.str] token: session token. A session token is only required if you are
                using temporary security credentials.
         :param pulumi.Input[_builtins.int] token_bucket_rate_limiter_capacity: The capacity of the AWS SDK's token bucket rate limiter.
@@ -159,6 +161,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "skip_requesting_account_id", skip_requesting_account_id)
         if sts_region is not None:
             pulumi.set(__self__, "sts_region", sts_region)
+        if tag_policy_compliance is not None:
+            pulumi.set(__self__, "tag_policy_compliance", tag_policy_compliance)
         if token is not None:
             pulumi.set(__self__, "token", token)
         if token_bucket_rate_limiter_capacity is not None:
@@ -511,6 +515,18 @@ def sts_region(self) -> Optional[pulumi.Input[_builtins.str]]:
     def sts_region(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "sts_region", value)
 
+    @_builtins.property
+    @pulumi.getter(name="tagPolicyCompliance")
+    def tag_policy_compliance(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+        """
+        return pulumi.get(self, "tag_policy_compliance")
+
+    @tag_policy_compliance.setter
+    def tag_policy_compliance(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "tag_policy_compliance", value)
+
     @_builtins.property
     @pulumi.getter
     def token(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -596,6 +612,7 @@ def __init__(__self__,
                  skip_region_validation: Optional[pulumi.Input[_builtins.bool]] = None,
                  skip_requesting_account_id: Optional[pulumi.Input[_builtins.bool]] = None,
                  sts_region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tag_policy_compliance: Optional[pulumi.Input[_builtins.str]] = None,
                  token: Optional[pulumi.Input[_builtins.str]] = None,
                  token_bucket_rate_limiter_capacity: Optional[pulumi.Input[_builtins.int]] = None,
                  use_dualstack_endpoint: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -643,6 +660,7 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.bool] skip_requesting_account_id: Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
         :param pulumi.Input[_builtins.str] sts_region: The region where AWS STS operations will take place. Examples
                are us-east-1 and us-west-2.
+        :param pulumi.Input[_builtins.str] tag_policy_compliance: The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
         :param pulumi.Input[_builtins.str] token: session token. A session token is only required if you are
                using temporary security credentials.
         :param pulumi.Input[_builtins.int] token_bucket_rate_limiter_capacity: The capacity of the AWS SDK's token bucket rate limiter.
@@ -705,6 +723,7 @@ def _internal_init(__self__,
                  skip_region_validation: Optional[pulumi.Input[_builtins.bool]] = None,
                  skip_requesting_account_id: Optional[pulumi.Input[_builtins.bool]] = None,
                  sts_region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tag_policy_compliance: Optional[pulumi.Input[_builtins.str]] = None,
                  token: Optional[pulumi.Input[_builtins.str]] = None,
                  token_bucket_rate_limiter_capacity: Optional[pulumi.Input[_builtins.int]] = None,
                  use_dualstack_endpoint: Optional[pulumi.Input[_builtins.bool]] = None,
@@ -753,6 +772,7 @@ def _internal_init(__self__,
             __props__.__dict__["skip_region_validation"] = pulumi.Output.from_input(skip_region_validation).apply(pulumi.runtime.to_json) if skip_region_validation is not None else None
             __props__.__dict__["skip_requesting_account_id"] = pulumi.Output.from_input(skip_requesting_account_id).apply(pulumi.runtime.to_json) if skip_requesting_account_id is not None else None
             __props__.__dict__["sts_region"] = sts_region
+            __props__.__dict__["tag_policy_compliance"] = tag_policy_compliance
             __props__.__dict__["token"] = None if token is None else pulumi.Output.secret(token)
             __props__.__dict__["token_bucket_rate_limiter_capacity"] = pulumi.Output.from_input(token_bucket_rate_limiter_capacity).apply(pulumi.runtime.to_json) if token_bucket_rate_limiter_capacity is not None else None
             __props__.__dict__["use_dualstack_endpoint"] = pulumi.Output.from_input(use_dualstack_endpoint).apply(pulumi.runtime.to_json) if use_dualstack_endpoint is not None else None
@@ -874,6 +894,14 @@ def sts_region(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         return pulumi.get(self, "sts_region")
 
+    @_builtins.property
+    @pulumi.getter(name="tagPolicyCompliance")
+    def tag_policy_compliance(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        The severity with which to enforce organizational tagging policies on resources managed by this provider instance. At this time this only includes compliance with required tag keys by resource type. Valid values are "error", "warning", and "disabled". When unset or "disabled", tag policy compliance will not be enforced by the provider. Can also be configured with the TF_AWS_TAG_POLICY_COMPLIANCE environment variable.
+        """
+        return pulumi.get(self, "tag_policy_compliance")
+
     @_builtins.property
     @pulumi.getter
     def token(self) -> pulumi.Output[Optional[_builtins.str]]:
diff --git a/sdk/python/pulumi_aws/quicksight/account_settings.py b/sdk/python/pulumi_aws/quicksight/account_settings.py
index 3a895bf212e..db7aab292d4 100644
--- a/sdk/python/pulumi_aws/quicksight/account_settings.py
+++ b/sdk/python/pulumi_aws/quicksight/account_settings.py
@@ -23,17 +23,21 @@ class AccountSettingsArgs:
     def __init__(__self__, *,
                  aws_account_id: Optional[pulumi.Input[_builtins.str]] = None,
                  default_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
                  termination_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  timeouts: Optional[pulumi.Input['AccountSettingsTimeoutsArgs']] = None):
         """
         The set of arguments for constructing a AccountSettings resource.
         :param pulumi.Input[_builtins.str] default_namespace: The default namespace for this Amazon Web Services account. Currently, the default is `default`.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.bool] termination_protection_enabled: A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
         """
         if aws_account_id is not None:
             pulumi.set(__self__, "aws_account_id", aws_account_id)
         if default_namespace is not None:
             pulumi.set(__self__, "default_namespace", default_namespace)
+        if region is not None:
+            pulumi.set(__self__, "region", region)
         if termination_protection_enabled is not None:
             pulumi.set(__self__, "termination_protection_enabled", termination_protection_enabled)
         if timeouts is not None:
@@ -60,6 +64,18 @@ def default_namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
     def default_namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "default_namespace", value)
 
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
+    @region.setter
+    def region(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "region", value)
+
     @_builtins.property
     @pulumi.getter(name="terminationProtectionEnabled")
     def termination_protection_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
@@ -87,17 +103,21 @@ class _AccountSettingsState:
     def __init__(__self__, *,
                  aws_account_id: Optional[pulumi.Input[_builtins.str]] = None,
                  default_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
                  termination_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  timeouts: Optional[pulumi.Input['AccountSettingsTimeoutsArgs']] = None):
         """
         Input properties used for looking up and filtering AccountSettings resources.
         :param pulumi.Input[_builtins.str] default_namespace: The default namespace for this Amazon Web Services account. Currently, the default is `default`.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.bool] termination_protection_enabled: A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
         """
         if aws_account_id is not None:
             pulumi.set(__self__, "aws_account_id", aws_account_id)
         if default_namespace is not None:
             pulumi.set(__self__, "default_namespace", default_namespace)
+        if region is not None:
+            pulumi.set(__self__, "region", region)
         if termination_protection_enabled is not None:
             pulumi.set(__self__, "termination_protection_enabled", termination_protection_enabled)
         if timeouts is not None:
@@ -124,6 +144,18 @@ def default_namespace(self) -> Optional[pulumi.Input[_builtins.str]]:
     def default_namespace(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "default_namespace", value)
 
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
+    @region.setter
+    def region(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "region", value)
+
     @_builtins.property
     @pulumi.getter(name="terminationProtectionEnabled")
     def termination_protection_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
@@ -154,6 +186,7 @@ def __init__(__self__,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  aws_account_id: Optional[pulumi.Input[_builtins.str]] = None,
                  default_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
                  termination_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  timeouts: Optional[pulumi.Input[Union['AccountSettingsTimeoutsArgs', 'AccountSettingsTimeoutsArgsDict']]] = None,
                  __props__=None):
@@ -188,6 +221,7 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] default_namespace: The default namespace for this Amazon Web Services account. Currently, the default is `default`.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.bool] termination_protection_enabled: A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
         """
         ...
@@ -241,6 +275,7 @@ def _internal_init(__self__,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  aws_account_id: Optional[pulumi.Input[_builtins.str]] = None,
                  default_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
                  termination_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
                  timeouts: Optional[pulumi.Input[Union['AccountSettingsTimeoutsArgs', 'AccountSettingsTimeoutsArgsDict']]] = None,
                  __props__=None):
@@ -254,6 +289,7 @@ def _internal_init(__self__,
 
             __props__.__dict__["aws_account_id"] = aws_account_id
             __props__.__dict__["default_namespace"] = default_namespace
+            __props__.__dict__["region"] = region
             __props__.__dict__["termination_protection_enabled"] = termination_protection_enabled
             __props__.__dict__["timeouts"] = timeouts
         super(AccountSettings, __self__).__init__(
@@ -268,6 +304,7 @@ def get(resource_name: str,
             opts: Optional[pulumi.ResourceOptions] = None,
             aws_account_id: Optional[pulumi.Input[_builtins.str]] = None,
             default_namespace: Optional[pulumi.Input[_builtins.str]] = None,
+            region: Optional[pulumi.Input[_builtins.str]] = None,
             termination_protection_enabled: Optional[pulumi.Input[_builtins.bool]] = None,
             timeouts: Optional[pulumi.Input[Union['AccountSettingsTimeoutsArgs', 'AccountSettingsTimeoutsArgsDict']]] = None) -> 'AccountSettings':
         """
@@ -278,6 +315,7 @@ def get(resource_name: str,
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.str] default_namespace: The default namespace for this Amazon Web Services account. Currently, the default is `default`.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.bool] termination_protection_enabled: A boolean value that determines whether or not an Amazon QuickSight account can be deleted. If `true`, it does not allow the account to be deleted and results in an error message if a user tries to make a DeleteAccountSubscription request. If `false`, it will allow the account to be deleted.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -286,6 +324,7 @@ def get(resource_name: str,
 
         __props__.__dict__["aws_account_id"] = aws_account_id
         __props__.__dict__["default_namespace"] = default_namespace
+        __props__.__dict__["region"] = region
         __props__.__dict__["termination_protection_enabled"] = termination_protection_enabled
         __props__.__dict__["timeouts"] = timeouts
         return AccountSettings(resource_name, opts=opts, __props__=__props__)
@@ -303,6 +342,14 @@ def default_namespace(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "default_namespace")
 
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> pulumi.Output[_builtins.str]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
     @_builtins.property
     @pulumi.getter(name="terminationProtectionEnabled")
     def termination_protection_enabled(self) -> pulumi.Output[_builtins.bool]:
diff --git a/sdk/python/pulumi_aws/route53/get_zone.py b/sdk/python/pulumi_aws/route53/get_zone.py
index 63025591026..6ab2430997a 100644
--- a/sdk/python/pulumi_aws/route53/get_zone.py
+++ b/sdk/python/pulumi_aws/route53/get_zone.py
@@ -168,7 +168,7 @@ def tags(self) -> Mapping[str, _builtins.str]:
 
     @_builtins.property
     @pulumi.getter(name="vpcId")
-    def vpc_id(self) -> _builtins.str:
+    def vpc_id(self) -> Optional[_builtins.str]:
         return pulumi.get(self, "vpc_id")
 
     @_builtins.property
@@ -231,16 +231,19 @@ def get_zone(name: Optional[_builtins.str] = None,
         records=["10.0.0.1"])
     ```
 
+    The following example shows how to get a Hosted Zone from a unique combination of its tags:
 
-    :param _builtins.str name: Hosted Zone name of the desired Hosted Zone.
-    :param _builtins.bool private_zone: Used with `name` field to get a private Hosted Zone.
-    :param Mapping[str, _builtins.str] tags: Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+
+    :param _builtins.str name: Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `private_zone`, `vpc_id` and `tags`.
+    :param _builtins.bool private_zone: Filter to only private Hosted Zones.
+    :param Mapping[str, _builtins.str] tags: A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+           
+           The arguments of this data source act as filters for querying the available Hosted Zone.
            
-           The arguments of this data source act as filters for querying the available
-           Hosted Zone. You have to use `zone_id` or `name`, not both of them. The given filter must match exactly one
-           Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `private_zone` field to `true`.
-    :param _builtins.str vpc_id: Used with `name` field to get a private Hosted Zone associated with the vpc_id (in this case, private_zone is not mandatory).
-    :param _builtins.str zone_id: Hosted Zone id of the desired Hosted Zone.
+           - The given filter must match exactly one Hosted Zone.
+    :param _builtins.str vpc_id: Filter to private Hosted Zones associated with the specified `vpc_id`.
+    :param _builtins.str zone_id: and `name` are mutually exclusive.
+           - If you use the `name` argument for a private Hosted Zone, you need to set the `private_zone` argument to `true`.
     """
     __args__ = dict()
     __args__['name'] = name
@@ -295,16 +298,19 @@ def get_zone_output(name: Optional[pulumi.Input[Optional[_builtins.str]]] = None
         records=["10.0.0.1"])
     ```
 
+    The following example shows how to get a Hosted Zone from a unique combination of its tags:
 
-    :param _builtins.str name: Hosted Zone name of the desired Hosted Zone.
-    :param _builtins.bool private_zone: Used with `name` field to get a private Hosted Zone.
-    :param Mapping[str, _builtins.str] tags: Used with `name` field. A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+
+    :param _builtins.str name: Hosted Zone name of the desired Hosted Zone. If blank, then accept any name, filtering on only `private_zone`, `vpc_id` and `tags`.
+    :param _builtins.bool private_zone: Filter to only private Hosted Zones.
+    :param Mapping[str, _builtins.str] tags: A map of tags, each pair of which must exactly match a pair on the desired Hosted Zone.
+           
+           The arguments of this data source act as filters for querying the available Hosted Zone.
            
-           The arguments of this data source act as filters for querying the available
-           Hosted Zone. You have to use `zone_id` or `name`, not both of them. The given filter must match exactly one
-           Hosted Zone. If you use `name` field for private Hosted Zone, you need to add `private_zone` field to `true`.
-    :param _builtins.str vpc_id: Used with `name` field to get a private Hosted Zone associated with the vpc_id (in this case, private_zone is not mandatory).
-    :param _builtins.str zone_id: Hosted Zone id of the desired Hosted Zone.
+           - The given filter must match exactly one Hosted Zone.
+    :param _builtins.str vpc_id: Filter to private Hosted Zones associated with the specified `vpc_id`.
+    :param _builtins.str zone_id: and `name` are mutually exclusive.
+           - If you use the `name` argument for a private Hosted Zone, you need to set the `private_zone` argument to `true`.
     """
     __args__ = dict()
     __args__['name'] = name
diff --git a/sdk/python/pulumi_aws/s3/_inputs.py b/sdk/python/pulumi_aws/s3/_inputs.py
index d492ed08050..e94c04ac729 100644
--- a/sdk/python/pulumi_aws/s3/_inputs.py
+++ b/sdk/python/pulumi_aws/s3/_inputs.py
@@ -7310,6 +7310,10 @@ class BucketServerSideEncryptionConfigurationRuleArgsDict(TypedDict):
         """
         Single object for setting server-side encryption by default. See below.
         """
+        blocked_encryption_types: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
         bucket_key_enabled: NotRequired[pulumi.Input[_builtins.bool]]
         """
         Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
@@ -7321,13 +7325,17 @@ class BucketServerSideEncryptionConfigurationRuleArgsDict(TypedDict):
 class BucketServerSideEncryptionConfigurationRuleArgs:
     def __init__(__self__, *,
                  apply_server_side_encryption_by_default: Optional[pulumi.Input['BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs']] = None,
+                 blocked_encryption_types: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  bucket_key_enabled: Optional[pulumi.Input[_builtins.bool]] = None):
         """
         :param pulumi.Input['BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs'] apply_server_side_encryption_by_default: Single object for setting server-side encryption by default. See below.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_encryption_types: List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
         :param pulumi.Input[_builtins.bool] bucket_key_enabled: Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
         """
         if apply_server_side_encryption_by_default is not None:
             pulumi.set(__self__, "apply_server_side_encryption_by_default", apply_server_side_encryption_by_default)
+        if blocked_encryption_types is not None:
+            pulumi.set(__self__, "blocked_encryption_types", blocked_encryption_types)
         if bucket_key_enabled is not None:
             pulumi.set(__self__, "bucket_key_enabled", bucket_key_enabled)
 
@@ -7343,6 +7351,18 @@ def apply_server_side_encryption_by_default(self) -> Optional[pulumi.Input['Buck
     def apply_server_side_encryption_by_default(self, value: Optional[pulumi.Input['BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs']]):
         pulumi.set(self, "apply_server_side_encryption_by_default", value)
 
+    @_builtins.property
+    @pulumi.getter(name="blockedEncryptionTypes")
+    def blocked_encryption_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
+        return pulumi.get(self, "blocked_encryption_types")
+
+    @blocked_encryption_types.setter
+    def blocked_encryption_types(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "blocked_encryption_types", value)
+
     @_builtins.property
     @pulumi.getter(name="bucketKeyEnabled")
     def bucket_key_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
@@ -7413,6 +7433,10 @@ class BucketServerSideEncryptionConfigurationV2RuleArgsDict(TypedDict):
         """
         Single object for setting server-side encryption by default. See below.
         """
+        blocked_encryption_types: NotRequired[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
         bucket_key_enabled: NotRequired[pulumi.Input[_builtins.bool]]
         """
         Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
@@ -7424,13 +7448,17 @@ class BucketServerSideEncryptionConfigurationV2RuleArgsDict(TypedDict):
 class BucketServerSideEncryptionConfigurationV2RuleArgs:
     def __init__(__self__, *,
                  apply_server_side_encryption_by_default: Optional[pulumi.Input['BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs']] = None,
+                 blocked_encryption_types: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  bucket_key_enabled: Optional[pulumi.Input[_builtins.bool]] = None):
         """
         :param pulumi.Input['BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs'] apply_server_side_encryption_by_default: Single object for setting server-side encryption by default. See below.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] blocked_encryption_types: List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
         :param pulumi.Input[_builtins.bool] bucket_key_enabled: Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
         """
         if apply_server_side_encryption_by_default is not None:
             pulumi.set(__self__, "apply_server_side_encryption_by_default", apply_server_side_encryption_by_default)
+        if blocked_encryption_types is not None:
+            pulumi.set(__self__, "blocked_encryption_types", blocked_encryption_types)
         if bucket_key_enabled is not None:
             pulumi.set(__self__, "bucket_key_enabled", bucket_key_enabled)
 
@@ -7446,6 +7474,18 @@ def apply_server_side_encryption_by_default(self) -> Optional[pulumi.Input['Buck
     def apply_server_side_encryption_by_default(self, value: Optional[pulumi.Input['BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs']]):
         pulumi.set(self, "apply_server_side_encryption_by_default", value)
 
+    @_builtins.property
+    @pulumi.getter(name="blockedEncryptionTypes")
+    def blocked_encryption_types(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
+        return pulumi.get(self, "blocked_encryption_types")
+
+    @blocked_encryption_types.setter
+    def blocked_encryption_types(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "blocked_encryption_types", value)
+
     @_builtins.property
     @pulumi.getter(name="bucketKeyEnabled")
     def bucket_key_enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
diff --git a/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration.py b/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration.py
index b36f88d31dc..ea8f3c44f75 100644
--- a/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration.py
+++ b/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration.py
@@ -176,6 +176,8 @@ def __init__(__self__,
 
         > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
 
+        > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blocked_encryption_types` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+
         ## Example Usage
 
         ```python
@@ -196,6 +198,28 @@ def __init__(__self__,
             }])
         ```
 
+        ### Blocking SSE-C Uploads
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        mykey = aws.kms.Key("mykey",
+            description="This key is used to encrypt bucket objects",
+            deletion_window_in_days=10)
+        mybucket = aws.s3.Bucket("mybucket", bucket="mybucket")
+        example = aws.s3.BucketServerSideEncryptionConfiguration("example",
+            bucket=mybucket.id,
+            rules=[{
+                "apply_server_side_encryption_by_default": {
+                    "kms_master_key_id": mykey.arn,
+                    "sse_algorithm": "aws:kms",
+                },
+                "bucket_key_enabled": True,
+                "blocked_encryption_types": ["SSE-C"],
+            }])
+        ```
+
         ## Import
 
         ### Identity Schema
@@ -256,6 +280,8 @@ def __init__(__self__,
 
         > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
 
+        > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blocked_encryption_types` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+
         ## Example Usage
 
         ```python
@@ -276,6 +302,28 @@ def __init__(__self__,
             }])
         ```
 
+        ### Blocking SSE-C Uploads
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        mykey = aws.kms.Key("mykey",
+            description="This key is used to encrypt bucket objects",
+            deletion_window_in_days=10)
+        mybucket = aws.s3.Bucket("mybucket", bucket="mybucket")
+        example = aws.s3.BucketServerSideEncryptionConfiguration("example",
+            bucket=mybucket.id,
+            rules=[{
+                "apply_server_side_encryption_by_default": {
+                    "kms_master_key_id": mykey.arn,
+                    "sse_algorithm": "aws:kms",
+                },
+                "bucket_key_enabled": True,
+                "blocked_encryption_types": ["SSE-C"],
+            }])
+        ```
+
         ## Import
 
         ### Identity Schema
diff --git a/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration_v2.py b/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration_v2.py
index bfe2f13cd5b..3a37c20b17b 100644
--- a/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration_v2.py
+++ b/sdk/python/pulumi_aws/s3/bucket_server_side_encryption_configuration_v2.py
@@ -181,6 +181,8 @@ def __init__(__self__,
 
         > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
 
+        > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blocked_encryption_types` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+
         ## Example Usage
 
         ```python
@@ -201,6 +203,28 @@ def __init__(__self__,
             }])
         ```
 
+        ### Blocking SSE-C Uploads
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        mykey = aws.kms.Key("mykey",
+            description="This key is used to encrypt bucket objects",
+            deletion_window_in_days=10)
+        mybucket = aws.s3.Bucket("mybucket", bucket="mybucket")
+        example = aws.s3.BucketServerSideEncryptionConfiguration("example",
+            bucket=mybucket.id,
+            rules=[{
+                "apply_server_side_encryption_by_default": {
+                    "kms_master_key_id": mykey.arn,
+                    "sse_algorithm": "aws:kms",
+                },
+                "bucket_key_enabled": True,
+                "blocked_encryption_types": ["SSE-C"],
+            }])
+        ```
+
         ## Import
 
         ### Identity Schema
@@ -261,6 +285,8 @@ def __init__(__self__,
 
         > **NOTE:** Destroying an `s3.BucketServerSideEncryptionConfiguration` resource resets the bucket to [Amazon S3 bucket default encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html).
 
+        > **NOTE:** Starting in March 2026, Amazon S3 will automatically block server-side encryption with customer-provided keys (SSE-C) for all new buckets. Use the `blocked_encryption_types` argument to manage this behavior. For more information, see the [SSE-C changes FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-s3-c-encryption-setting-faq.html).
+
         ## Example Usage
 
         ```python
@@ -281,6 +307,28 @@ def __init__(__self__,
             }])
         ```
 
+        ### Blocking SSE-C Uploads
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        mykey = aws.kms.Key("mykey",
+            description="This key is used to encrypt bucket objects",
+            deletion_window_in_days=10)
+        mybucket = aws.s3.Bucket("mybucket", bucket="mybucket")
+        example = aws.s3.BucketServerSideEncryptionConfiguration("example",
+            bucket=mybucket.id,
+            rules=[{
+                "apply_server_side_encryption_by_default": {
+                    "kms_master_key_id": mykey.arn,
+                    "sse_algorithm": "aws:kms",
+                },
+                "bucket_key_enabled": True,
+                "blocked_encryption_types": ["SSE-C"],
+            }])
+        ```
+
         ## Import
 
         ### Identity Schema
diff --git a/sdk/python/pulumi_aws/s3/outputs.py b/sdk/python/pulumi_aws/s3/outputs.py
index a85c7ed23f0..10ed0f64c09 100644
--- a/sdk/python/pulumi_aws/s3/outputs.py
+++ b/sdk/python/pulumi_aws/s3/outputs.py
@@ -5538,6 +5538,8 @@ def __key_warning(key: str):
         suggest = None
         if key == "applyServerSideEncryptionByDefault":
             suggest = "apply_server_side_encryption_by_default"
+        elif key == "blockedEncryptionTypes":
+            suggest = "blocked_encryption_types"
         elif key == "bucketKeyEnabled":
             suggest = "bucket_key_enabled"
 
@@ -5554,13 +5556,17 @@ def get(self, key: str, default = None) -> Any:
 
     def __init__(__self__, *,
                  apply_server_side_encryption_by_default: Optional['outputs.BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault'] = None,
+                 blocked_encryption_types: Optional[Sequence[_builtins.str]] = None,
                  bucket_key_enabled: Optional[_builtins.bool] = None):
         """
         :param 'BucketServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefaultArgs' apply_server_side_encryption_by_default: Single object for setting server-side encryption by default. See below.
+        :param Sequence[_builtins.str] blocked_encryption_types: List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
         :param _builtins.bool bucket_key_enabled: Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
         """
         if apply_server_side_encryption_by_default is not None:
             pulumi.set(__self__, "apply_server_side_encryption_by_default", apply_server_side_encryption_by_default)
+        if blocked_encryption_types is not None:
+            pulumi.set(__self__, "blocked_encryption_types", blocked_encryption_types)
         if bucket_key_enabled is not None:
             pulumi.set(__self__, "bucket_key_enabled", bucket_key_enabled)
 
@@ -5572,6 +5578,14 @@ def apply_server_side_encryption_by_default(self) -> Optional['outputs.BucketSer
         """
         return pulumi.get(self, "apply_server_side_encryption_by_default")
 
+    @_builtins.property
+    @pulumi.getter(name="blockedEncryptionTypes")
+    def blocked_encryption_types(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
+        return pulumi.get(self, "blocked_encryption_types")
+
     @_builtins.property
     @pulumi.getter(name="bucketKeyEnabled")
     def bucket_key_enabled(self) -> Optional[_builtins.bool]:
@@ -5637,6 +5651,8 @@ def __key_warning(key: str):
         suggest = None
         if key == "applyServerSideEncryptionByDefault":
             suggest = "apply_server_side_encryption_by_default"
+        elif key == "blockedEncryptionTypes":
+            suggest = "blocked_encryption_types"
         elif key == "bucketKeyEnabled":
             suggest = "bucket_key_enabled"
 
@@ -5653,13 +5669,17 @@ def get(self, key: str, default = None) -> Any:
 
     def __init__(__self__, *,
                  apply_server_side_encryption_by_default: Optional['outputs.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefault'] = None,
+                 blocked_encryption_types: Optional[Sequence[_builtins.str]] = None,
                  bucket_key_enabled: Optional[_builtins.bool] = None):
         """
         :param 'BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs' apply_server_side_encryption_by_default: Single object for setting server-side encryption by default. See below.
+        :param Sequence[_builtins.str] blocked_encryption_types: List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
         :param _builtins.bool bucket_key_enabled: Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
         """
         if apply_server_side_encryption_by_default is not None:
             pulumi.set(__self__, "apply_server_side_encryption_by_default", apply_server_side_encryption_by_default)
+        if blocked_encryption_types is not None:
+            pulumi.set(__self__, "blocked_encryption_types", blocked_encryption_types)
         if bucket_key_enabled is not None:
             pulumi.set(__self__, "bucket_key_enabled", bucket_key_enabled)
 
@@ -5671,6 +5691,14 @@ def apply_server_side_encryption_by_default(self) -> Optional['outputs.BucketSer
         """
         return pulumi.get(self, "apply_server_side_encryption_by_default")
 
+    @_builtins.property
+    @pulumi.getter(name="blockedEncryptionTypes")
+    def blocked_encryption_types(self) -> Optional[Sequence[_builtins.str]]:
+        """
+        List of server-side encryption types to block for object uploads. Valid values are `SSE-C` (blocks uploads using server-side encryption with customer-provided keys) and `NONE` (unblocks all encryption types). Starting in March 2026, Amazon S3 will automatically block SSE-C uploads for all new buckets.
+        """
+        return pulumi.get(self, "blocked_encryption_types")
+
     @_builtins.property
     @pulumi.getter(name="bucketKeyEnabled")
     def bucket_key_enabled(self) -> Optional[_builtins.bool]:
diff --git a/sdk/python/pulumi_aws/sagemaker/_inputs.py b/sdk/python/pulumi_aws/sagemaker/_inputs.py
index 5ecb65b0b5d..4c04b2633f1 100644
--- a/sdk/python/pulumi_aws/sagemaker/_inputs.py
+++ b/sdk/python/pulumi_aws/sagemaker/_inputs.py
@@ -301,6 +301,12 @@
     'HumanTaskUIUiTemplateArgsDict',
     'ModelContainerArgs',
     'ModelContainerArgsDict',
+    'ModelContainerAdditionalModelDataSourceArgs',
+    'ModelContainerAdditionalModelDataSourceArgsDict',
+    'ModelContainerAdditionalModelDataSourceS3DataSourceArgs',
+    'ModelContainerAdditionalModelDataSourceS3DataSourceArgsDict',
+    'ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs',
+    'ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict',
     'ModelContainerImageConfigArgs',
     'ModelContainerImageConfigArgsDict',
     'ModelContainerImageConfigRepositoryAuthConfigArgs',
@@ -317,6 +323,12 @@
     'ModelInferenceExecutionConfigArgsDict',
     'ModelPrimaryContainerArgs',
     'ModelPrimaryContainerArgsDict',
+    'ModelPrimaryContainerAdditionalModelDataSourceArgs',
+    'ModelPrimaryContainerAdditionalModelDataSourceArgsDict',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgsDict',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict',
     'ModelPrimaryContainerImageConfigArgs',
     'ModelPrimaryContainerImageConfigArgsDict',
     'ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs',
@@ -10514,18 +10526,21 @@ def url(self, value: Optional[pulumi.Input[_builtins.str]]):
 
 if not MYPY:
     class ModelContainerArgsDict(TypedDict):
+        additional_model_data_sources: NotRequired[pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceArgsDict']]]]
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
         container_hostname: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         environment: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         image: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         image_config: NotRequired[pulumi.Input['ModelContainerImageConfigArgsDict']]
         """
@@ -10533,23 +10548,24 @@ class ModelContainerArgsDict(TypedDict):
         """
         inference_specification_name: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         mode: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
         """
         model_data_source: NotRequired[pulumi.Input['ModelContainerModelDataSourceArgsDict']]
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         model_data_url: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         model_package_name: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         multi_model_config: NotRequired[pulumi.Input['ModelContainerMultiModelConfigArgsDict']]
         """
@@ -10561,6 +10577,7 @@ class ModelContainerArgsDict(TypedDict):
 @pulumi.input_type
 class ModelContainerArgs:
     def __init__(__self__, *,
+                 additional_model_data_sources: Optional[pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceArgs']]]] = None,
                  container_hostname: Optional[pulumi.Input[_builtins.str]] = None,
                  environment: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
                  image: Optional[pulumi.Input[_builtins.str]] = None,
@@ -10572,18 +10589,21 @@ def __init__(__self__, *,
                  model_package_name: Optional[pulumi.Input[_builtins.str]] = None,
                  multi_model_config: Optional[pulumi.Input['ModelContainerMultiModelConfigArgs']] = None):
         """
-        :param pulumi.Input[_builtins.str] container_hostname: The DNS host name for the container.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceArgs']]] additional_model_data_sources: Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        :param pulumi.Input[_builtins.str] container_hostname: DNS host name for the container.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] environment: Environment variables for the Docker container.
-               A list of key value pairs.
-        :param pulumi.Input[_builtins.str] image: The registry path where the inference code image is stored in Amazon ECR.
+        :param pulumi.Input[_builtins.str] image: Registry path where the inference code image is stored in Amazon ECR.
         :param pulumi.Input['ModelContainerImageConfigArgs'] image_config: Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.
-        :param pulumi.Input[_builtins.str] inference_specification_name: The inference specification name in the model package version.
-        :param pulumi.Input[_builtins.str] mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        :param pulumi.Input['ModelContainerModelDataSourceArgs'] model_data_source: The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
-        :param pulumi.Input[_builtins.str] model_data_url: The URL for the S3 location where model artifacts are stored.
-        :param pulumi.Input[_builtins.str] model_package_name: The Amazon Resource Name (ARN) of the model package to use to create the model.
+        :param pulumi.Input[_builtins.str] inference_specification_name: Inference specification name in the model package version.
+        :param pulumi.Input[_builtins.str] mode: Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
+        :param pulumi.Input['ModelContainerModelDataSourceArgs'] model_data_source: Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        :param pulumi.Input[_builtins.str] model_data_url: URL for the S3 location where model artifacts are stored.
+        :param pulumi.Input[_builtins.str] model_package_name: Amazon Resource Name (ARN) of the model package to use to create the model.
+               A list of key value pairs.
         :param pulumi.Input['ModelContainerMultiModelConfigArgs'] multi_model_config: Specifies additional configuration for multi-model endpoints. see Multi Model Config.
         """
+        if additional_model_data_sources is not None:
+            pulumi.set(__self__, "additional_model_data_sources", additional_model_data_sources)
         if container_hostname is not None:
             pulumi.set(__self__, "container_hostname", container_hostname)
         if environment is not None:
@@ -10605,11 +10625,23 @@ def __init__(__self__, *,
         if multi_model_config is not None:
             pulumi.set(__self__, "multi_model_config", multi_model_config)
 
+    @_builtins.property
+    @pulumi.getter(name="additionalModelDataSources")
+    def additional_model_data_sources(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceArgs']]]]:
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
+        return pulumi.get(self, "additional_model_data_sources")
+
+    @additional_model_data_sources.setter
+    def additional_model_data_sources(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceArgs']]]]):
+        pulumi.set(self, "additional_model_data_sources", value)
+
     @_builtins.property
     @pulumi.getter(name="containerHostname")
     def container_hostname(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         return pulumi.get(self, "container_hostname")
 
@@ -10622,7 +10654,6 @@ def container_hostname(self, value: Optional[pulumi.Input[_builtins.str]]):
     def environment(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         return pulumi.get(self, "environment")
 
@@ -10634,7 +10665,7 @@ def environment(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_bu
     @pulumi.getter
     def image(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         return pulumi.get(self, "image")
 
@@ -10658,7 +10689,7 @@ def image_config(self, value: Optional[pulumi.Input['ModelContainerImageConfigAr
     @pulumi.getter(name="inferenceSpecificationName")
     def inference_specification_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         return pulumi.get(self, "inference_specification_name")
 
@@ -10670,7 +10701,7 @@ def inference_specification_name(self, value: Optional[pulumi.Input[_builtins.st
     @pulumi.getter
     def mode(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
         """
         return pulumi.get(self, "mode")
 
@@ -10682,7 +10713,7 @@ def mode(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="modelDataSource")
     def model_data_source(self) -> Optional[pulumi.Input['ModelContainerModelDataSourceArgs']]:
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         return pulumi.get(self, "model_data_source")
 
@@ -10694,7 +10725,7 @@ def model_data_source(self, value: Optional[pulumi.Input['ModelContainerModelDat
     @pulumi.getter(name="modelDataUrl")
     def model_data_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         return pulumi.get(self, "model_data_url")
 
@@ -10706,7 +10737,8 @@ def model_data_url(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="modelPackageName")
     def model_package_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         return pulumi.get(self, "model_package_name")
 
@@ -10727,6 +10759,176 @@ def multi_model_config(self, value: Optional[pulumi.Input['ModelContainerMultiMo
         pulumi.set(self, "multi_model_config", value)
 
 
+if not MYPY:
+    class ModelContainerAdditionalModelDataSourceArgsDict(TypedDict):
+        channel_name: pulumi.Input[_builtins.str]
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceArgsDict']]]
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+elif False:
+    ModelContainerAdditionalModelDataSourceArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelContainerAdditionalModelDataSourceArgs:
+    def __init__(__self__, *,
+                 channel_name: pulumi.Input[_builtins.str],
+                 s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceArgs']]]):
+        """
+        :param pulumi.Input[_builtins.str] channel_name: Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceArgs']]] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
+        """
+        pulumi.set(__self__, "channel_name", channel_name)
+        pulumi.set(__self__, "s3_data_sources", s3_data_sources)
+
+    @_builtins.property
+    @pulumi.getter(name="channelName")
+    def channel_name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        return pulumi.get(self, "channel_name")
+
+    @channel_name.setter
+    def channel_name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "channel_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataSources")
+    def s3_data_sources(self) -> pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceArgs']]]:
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+        return pulumi.get(self, "s3_data_sources")
+
+    @s3_data_sources.setter
+    def s3_data_sources(self, value: pulumi.Input[Sequence[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceArgs']]]):
+        pulumi.set(self, "s3_data_sources", value)
+
+
+if not MYPY:
+    class ModelContainerAdditionalModelDataSourceS3DataSourceArgsDict(TypedDict):
+        compression_type: pulumi.Input[_builtins.str]
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        s3_data_type: pulumi.Input[_builtins.str]
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        s3_uri: pulumi.Input[_builtins.str]
+        """
+        The S3 path of model data to deploy.
+        """
+        model_access_config: NotRequired[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict']]
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+elif False:
+    ModelContainerAdditionalModelDataSourceS3DataSourceArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelContainerAdditionalModelDataSourceS3DataSourceArgs:
+    def __init__(__self__, *,
+                 compression_type: pulumi.Input[_builtins.str],
+                 s3_data_type: pulumi.Input[_builtins.str],
+                 s3_uri: pulumi.Input[_builtins.str],
+                 model_access_config: Optional[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']] = None):
+        """
+        :param pulumi.Input[_builtins.str] compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        :param pulumi.Input[_builtins.str] s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param pulumi.Input[_builtins.str] s3_uri: The S3 path of model data to deploy.
+        :param pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        pulumi.set(__self__, "compression_type", compression_type)
+        pulumi.set(__self__, "s3_data_type", s3_data_type)
+        pulumi.set(__self__, "s3_uri", s3_uri)
+        if model_access_config is not None:
+            pulumi.set(__self__, "model_access_config", model_access_config)
+
+    @_builtins.property
+    @pulumi.getter(name="compressionType")
+    def compression_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        return pulumi.get(self, "compression_type")
+
+    @compression_type.setter
+    def compression_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "compression_type", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataType")
+    def s3_data_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        return pulumi.get(self, "s3_data_type")
+
+    @s3_data_type.setter
+    def s3_data_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "s3_data_type", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3Uri")
+    def s3_uri(self) -> pulumi.Input[_builtins.str]:
+        """
+        The S3 path of model data to deploy.
+        """
+        return pulumi.get(self, "s3_uri")
+
+    @s3_uri.setter
+    def s3_uri(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "s3_uri", value)
+
+    @_builtins.property
+    @pulumi.getter(name="modelAccessConfig")
+    def model_access_config(self) -> Optional[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']]:
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        return pulumi.get(self, "model_access_config")
+
+    @model_access_config.setter
+    def model_access_config(self, value: Optional[pulumi.Input['ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']]):
+        pulumi.set(self, "model_access_config", value)
+
+
+if not MYPY:
+    class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict(TypedDict):
+        accept_eula: pulumi.Input[_builtins.bool]
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+elif False:
+    ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs:
+    def __init__(__self__, *,
+                 accept_eula: pulumi.Input[_builtins.bool]):
+        """
+        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        pulumi.set(__self__, "accept_eula", accept_eula)
+
+    @_builtins.property
+    @pulumi.getter(name="acceptEula")
+    def accept_eula(self) -> pulumi.Input[_builtins.bool]:
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        return pulumi.get(self, "accept_eula")
+
+    @accept_eula.setter
+    def accept_eula(self, value: pulumi.Input[_builtins.bool]):
+        pulumi.set(self, "accept_eula", value)
+
+
 if not MYPY:
     class ModelContainerImageConfigArgsDict(TypedDict):
         repository_access_mode: pulumi.Input[_builtins.str]
@@ -10782,7 +10984,7 @@ def repository_auth_config(self, value: Optional[pulumi.Input['ModelContainerIma
     class ModelContainerImageConfigRepositoryAuthConfigArgsDict(TypedDict):
         repository_credentials_provider_arn: pulumi.Input[_builtins.str]
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
 elif False:
     ModelContainerImageConfigRepositoryAuthConfigArgsDict: TypeAlias = Mapping[str, Any]
@@ -10792,7 +10994,7 @@ class ModelContainerImageConfigRepositoryAuthConfigArgs:
     def __init__(__self__, *,
                  repository_credentials_provider_arn: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] repository_credentials_provider_arn: The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        :param pulumi.Input[_builtins.str] repository_credentials_provider_arn: Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         pulumi.set(__self__, "repository_credentials_provider_arn", repository_credentials_provider_arn)
 
@@ -10800,7 +11002,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="repositoryCredentialsProviderArn")
     def repository_credentials_provider_arn(self) -> pulumi.Input[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         return pulumi.get(self, "repository_credentials_provider_arn")
 
@@ -10813,7 +11015,7 @@ def repository_credentials_provider_arn(self, value: pulumi.Input[_builtins.str]
     class ModelContainerModelDataSourceArgsDict(TypedDict):
         s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelContainerModelDataSourceS3DataSourceArgsDict']]]
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
 elif False:
     ModelContainerModelDataSourceArgsDict: TypeAlias = Mapping[str, Any]
@@ -10823,7 +11025,7 @@ class ModelContainerModelDataSourceArgs:
     def __init__(__self__, *,
                  s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelContainerModelDataSourceS3DataSourceArgs']]]):
         """
-        :param pulumi.Input[Sequence[pulumi.Input['ModelContainerModelDataSourceS3DataSourceArgs']]] s3_data_sources: The S3 location of model data to deploy.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelContainerModelDataSourceS3DataSourceArgs']]] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
         """
         pulumi.set(__self__, "s3_data_sources", s3_data_sources)
 
@@ -10831,7 +11033,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="s3DataSources")
     def s3_data_sources(self) -> pulumi.Input[Sequence[pulumi.Input['ModelContainerModelDataSourceS3DataSourceArgs']]]:
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
         return pulumi.get(self, "s3_data_sources")
 
@@ -10848,7 +11050,7 @@ class ModelContainerModelDataSourceS3DataSourceArgsDict(TypedDict):
         """
         s3_data_type: pulumi.Input[_builtins.str]
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         s3_uri: pulumi.Input[_builtins.str]
         """
@@ -10856,7 +11058,7 @@ class ModelContainerModelDataSourceS3DataSourceArgsDict(TypedDict):
         """
         model_access_config: NotRequired[pulumi.Input['ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict']]
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
 elif False:
     ModelContainerModelDataSourceS3DataSourceArgsDict: TypeAlias = Mapping[str, Any]
@@ -10870,9 +11072,9 @@ def __init__(__self__, *,
                  model_access_config: Optional[pulumi.Input['ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs']] = None):
         """
         :param pulumi.Input[_builtins.str] compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
-        :param pulumi.Input[_builtins.str] s3_data_type: The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param pulumi.Input[_builtins.str] s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         :param pulumi.Input[_builtins.str] s3_uri: The S3 path of model data to deploy.
-        :param pulumi.Input['ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        :param pulumi.Input['ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         pulumi.set(__self__, "compression_type", compression_type)
         pulumi.set(__self__, "s3_data_type", s3_data_type)
@@ -10896,7 +11098,7 @@ def compression_type(self, value: pulumi.Input[_builtins.str]):
     @pulumi.getter(name="s3DataType")
     def s3_data_type(self) -> pulumi.Input[_builtins.str]:
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         return pulumi.get(self, "s3_data_type")
 
@@ -10920,7 +11122,7 @@ def s3_uri(self, value: pulumi.Input[_builtins.str]):
     @pulumi.getter(name="modelAccessConfig")
     def model_access_config(self) -> Optional[pulumi.Input['ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs']]:
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         return pulumi.get(self, "model_access_config")
 
@@ -10933,7 +11135,7 @@ def model_access_config(self, value: Optional[pulumi.Input['ModelContainerModelD
     class ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict(TypedDict):
         accept_eula: pulumi.Input[_builtins.bool]
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
 elif False:
     ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict: TypeAlias = Mapping[str, Any]
@@ -10943,7 +11145,7 @@ class ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs:
     def __init__(__self__, *,
                  accept_eula: pulumi.Input[_builtins.bool]):
         """
-        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         pulumi.set(__self__, "accept_eula", accept_eula)
 
@@ -10951,7 +11153,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="acceptEula")
     def accept_eula(self) -> pulumi.Input[_builtins.bool]:
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         return pulumi.get(self, "accept_eula")
 
@@ -10996,7 +11198,7 @@ def model_cache_setting(self, value: Optional[pulumi.Input[_builtins.str]]):
     class ModelInferenceExecutionConfigArgsDict(TypedDict):
         mode: pulumi.Input[_builtins.str]
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
         """
 elif False:
     ModelInferenceExecutionConfigArgsDict: TypeAlias = Mapping[str, Any]
@@ -11006,7 +11208,7 @@ class ModelInferenceExecutionConfigArgs:
     def __init__(__self__, *,
                  mode: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        :param pulumi.Input[_builtins.str] mode: How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
         """
         pulumi.set(__self__, "mode", mode)
 
@@ -11014,7 +11216,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def mode(self) -> pulumi.Input[_builtins.str]:
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
         """
         return pulumi.get(self, "mode")
 
@@ -11025,18 +11227,21 @@ def mode(self, value: pulumi.Input[_builtins.str]):
 
 if not MYPY:
     class ModelPrimaryContainerArgsDict(TypedDict):
+        additional_model_data_sources: NotRequired[pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceArgsDict']]]]
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
         container_hostname: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         environment: NotRequired[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         image: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         image_config: NotRequired[pulumi.Input['ModelPrimaryContainerImageConfigArgsDict']]
         """
@@ -11044,23 +11249,21 @@ class ModelPrimaryContainerArgsDict(TypedDict):
         """
         inference_specification_name: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         mode: NotRequired[pulumi.Input[_builtins.str]]
-        """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        """
         model_data_source: NotRequired[pulumi.Input['ModelPrimaryContainerModelDataSourceArgsDict']]
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         model_data_url: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         model_package_name: NotRequired[pulumi.Input[_builtins.str]]
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         multi_model_config: NotRequired[pulumi.Input['ModelPrimaryContainerMultiModelConfigArgsDict']]
         """
@@ -11072,6 +11275,7 @@ class ModelPrimaryContainerArgsDict(TypedDict):
 @pulumi.input_type
 class ModelPrimaryContainerArgs:
     def __init__(__self__, *,
+                 additional_model_data_sources: Optional[pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceArgs']]]] = None,
                  container_hostname: Optional[pulumi.Input[_builtins.str]] = None,
                  environment: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
                  image: Optional[pulumi.Input[_builtins.str]] = None,
@@ -11083,18 +11287,20 @@ def __init__(__self__, *,
                  model_package_name: Optional[pulumi.Input[_builtins.str]] = None,
                  multi_model_config: Optional[pulumi.Input['ModelPrimaryContainerMultiModelConfigArgs']] = None):
         """
-        :param pulumi.Input[_builtins.str] container_hostname: The DNS host name for the container.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceArgs']]] additional_model_data_sources: Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        :param pulumi.Input[_builtins.str] container_hostname: DNS host name for the container.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] environment: Environment variables for the Docker container.
-               A list of key value pairs.
-        :param pulumi.Input[_builtins.str] image: The registry path where the inference code image is stored in Amazon ECR.
+        :param pulumi.Input[_builtins.str] image: Registry path where the inference code image is stored in Amazon ECR.
         :param pulumi.Input['ModelPrimaryContainerImageConfigArgs'] image_config: Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.
-        :param pulumi.Input[_builtins.str] inference_specification_name: The inference specification name in the model package version.
-        :param pulumi.Input[_builtins.str] mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        :param pulumi.Input['ModelPrimaryContainerModelDataSourceArgs'] model_data_source: The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
-        :param pulumi.Input[_builtins.str] model_data_url: The URL for the S3 location where model artifacts are stored.
-        :param pulumi.Input[_builtins.str] model_package_name: The Amazon Resource Name (ARN) of the model package to use to create the model.
+        :param pulumi.Input[_builtins.str] inference_specification_name: Inference specification name in the model package version.
+        :param pulumi.Input['ModelPrimaryContainerModelDataSourceArgs'] model_data_source: Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        :param pulumi.Input[_builtins.str] model_data_url: URL for the S3 location where model artifacts are stored.
+        :param pulumi.Input[_builtins.str] model_package_name: Amazon Resource Name (ARN) of the model package to use to create the model.
+               A list of key value pairs.
         :param pulumi.Input['ModelPrimaryContainerMultiModelConfigArgs'] multi_model_config: Specifies additional configuration for multi-model endpoints. see Multi Model Config.
         """
+        if additional_model_data_sources is not None:
+            pulumi.set(__self__, "additional_model_data_sources", additional_model_data_sources)
         if container_hostname is not None:
             pulumi.set(__self__, "container_hostname", container_hostname)
         if environment is not None:
@@ -11116,11 +11322,23 @@ def __init__(__self__, *,
         if multi_model_config is not None:
             pulumi.set(__self__, "multi_model_config", multi_model_config)
 
+    @_builtins.property
+    @pulumi.getter(name="additionalModelDataSources")
+    def additional_model_data_sources(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceArgs']]]]:
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
+        return pulumi.get(self, "additional_model_data_sources")
+
+    @additional_model_data_sources.setter
+    def additional_model_data_sources(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceArgs']]]]):
+        pulumi.set(self, "additional_model_data_sources", value)
+
     @_builtins.property
     @pulumi.getter(name="containerHostname")
     def container_hostname(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         return pulumi.get(self, "container_hostname")
 
@@ -11133,7 +11351,6 @@ def container_hostname(self, value: Optional[pulumi.Input[_builtins.str]]):
     def environment(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         return pulumi.get(self, "environment")
 
@@ -11145,7 +11362,7 @@ def environment(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_bu
     @pulumi.getter
     def image(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         return pulumi.get(self, "image")
 
@@ -11169,7 +11386,7 @@ def image_config(self, value: Optional[pulumi.Input['ModelPrimaryContainerImageC
     @pulumi.getter(name="inferenceSpecificationName")
     def inference_specification_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         return pulumi.get(self, "inference_specification_name")
 
@@ -11180,9 +11397,6 @@ def inference_specification_name(self, value: Optional[pulumi.Input[_builtins.st
     @_builtins.property
     @pulumi.getter
     def mode(self) -> Optional[pulumi.Input[_builtins.str]]:
-        """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        """
         return pulumi.get(self, "mode")
 
     @mode.setter
@@ -11193,7 +11407,7 @@ def mode(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="modelDataSource")
     def model_data_source(self) -> Optional[pulumi.Input['ModelPrimaryContainerModelDataSourceArgs']]:
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         return pulumi.get(self, "model_data_source")
 
@@ -11205,7 +11419,7 @@ def model_data_source(self, value: Optional[pulumi.Input['ModelPrimaryContainerM
     @pulumi.getter(name="modelDataUrl")
     def model_data_url(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         return pulumi.get(self, "model_data_url")
 
@@ -11217,7 +11431,8 @@ def model_data_url(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="modelPackageName")
     def model_package_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         return pulumi.get(self, "model_package_name")
 
@@ -11238,6 +11453,176 @@ def multi_model_config(self, value: Optional[pulumi.Input['ModelPrimaryContainer
         pulumi.set(self, "multi_model_config", value)
 
 
+if not MYPY:
+    class ModelPrimaryContainerAdditionalModelDataSourceArgsDict(TypedDict):
+        channel_name: pulumi.Input[_builtins.str]
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgsDict']]]
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+elif False:
+    ModelPrimaryContainerAdditionalModelDataSourceArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelPrimaryContainerAdditionalModelDataSourceArgs:
+    def __init__(__self__, *,
+                 channel_name: pulumi.Input[_builtins.str],
+                 s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs']]]):
+        """
+        :param pulumi.Input[_builtins.str] channel_name: Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs']]] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
+        """
+        pulumi.set(__self__, "channel_name", channel_name)
+        pulumi.set(__self__, "s3_data_sources", s3_data_sources)
+
+    @_builtins.property
+    @pulumi.getter(name="channelName")
+    def channel_name(self) -> pulumi.Input[_builtins.str]:
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        return pulumi.get(self, "channel_name")
+
+    @channel_name.setter
+    def channel_name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "channel_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataSources")
+    def s3_data_sources(self) -> pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs']]]:
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+        return pulumi.get(self, "s3_data_sources")
+
+    @s3_data_sources.setter
+    def s3_data_sources(self, value: pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs']]]):
+        pulumi.set(self, "s3_data_sources", value)
+
+
+if not MYPY:
+    class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgsDict(TypedDict):
+        compression_type: pulumi.Input[_builtins.str]
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        s3_data_type: pulumi.Input[_builtins.str]
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        s3_uri: pulumi.Input[_builtins.str]
+        """
+        The S3 path of model data to deploy.
+        """
+        model_access_config: NotRequired[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict']]
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+elif False:
+    ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs:
+    def __init__(__self__, *,
+                 compression_type: pulumi.Input[_builtins.str],
+                 s3_data_type: pulumi.Input[_builtins.str],
+                 s3_uri: pulumi.Input[_builtins.str],
+                 model_access_config: Optional[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']] = None):
+        """
+        :param pulumi.Input[_builtins.str] compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        :param pulumi.Input[_builtins.str] s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param pulumi.Input[_builtins.str] s3_uri: The S3 path of model data to deploy.
+        :param pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        pulumi.set(__self__, "compression_type", compression_type)
+        pulumi.set(__self__, "s3_data_type", s3_data_type)
+        pulumi.set(__self__, "s3_uri", s3_uri)
+        if model_access_config is not None:
+            pulumi.set(__self__, "model_access_config", model_access_config)
+
+    @_builtins.property
+    @pulumi.getter(name="compressionType")
+    def compression_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        return pulumi.get(self, "compression_type")
+
+    @compression_type.setter
+    def compression_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "compression_type", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataType")
+    def s3_data_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        return pulumi.get(self, "s3_data_type")
+
+    @s3_data_type.setter
+    def s3_data_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "s3_data_type", value)
+
+    @_builtins.property
+    @pulumi.getter(name="s3Uri")
+    def s3_uri(self) -> pulumi.Input[_builtins.str]:
+        """
+        The S3 path of model data to deploy.
+        """
+        return pulumi.get(self, "s3_uri")
+
+    @s3_uri.setter
+    def s3_uri(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "s3_uri", value)
+
+    @_builtins.property
+    @pulumi.getter(name="modelAccessConfig")
+    def model_access_config(self) -> Optional[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']]:
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        return pulumi.get(self, "model_access_config")
+
+    @model_access_config.setter
+    def model_access_config(self, value: Optional[pulumi.Input['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs']]):
+        pulumi.set(self, "model_access_config", value)
+
+
+if not MYPY:
+    class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict(TypedDict):
+        accept_eula: pulumi.Input[_builtins.bool]
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+elif False:
+    ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs:
+    def __init__(__self__, *,
+                 accept_eula: pulumi.Input[_builtins.bool]):
+        """
+        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        pulumi.set(__self__, "accept_eula", accept_eula)
+
+    @_builtins.property
+    @pulumi.getter(name="acceptEula")
+    def accept_eula(self) -> pulumi.Input[_builtins.bool]:
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        return pulumi.get(self, "accept_eula")
+
+    @accept_eula.setter
+    def accept_eula(self, value: pulumi.Input[_builtins.bool]):
+        pulumi.set(self, "accept_eula", value)
+
+
 if not MYPY:
     class ModelPrimaryContainerImageConfigArgsDict(TypedDict):
         repository_access_mode: pulumi.Input[_builtins.str]
@@ -11293,7 +11678,7 @@ def repository_auth_config(self, value: Optional[pulumi.Input['ModelPrimaryConta
     class ModelPrimaryContainerImageConfigRepositoryAuthConfigArgsDict(TypedDict):
         repository_credentials_provider_arn: pulumi.Input[_builtins.str]
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
 elif False:
     ModelPrimaryContainerImageConfigRepositoryAuthConfigArgsDict: TypeAlias = Mapping[str, Any]
@@ -11303,7 +11688,7 @@ class ModelPrimaryContainerImageConfigRepositoryAuthConfigArgs:
     def __init__(__self__, *,
                  repository_credentials_provider_arn: pulumi.Input[_builtins.str]):
         """
-        :param pulumi.Input[_builtins.str] repository_credentials_provider_arn: The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        :param pulumi.Input[_builtins.str] repository_credentials_provider_arn: Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         pulumi.set(__self__, "repository_credentials_provider_arn", repository_credentials_provider_arn)
 
@@ -11311,7 +11696,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="repositoryCredentialsProviderArn")
     def repository_credentials_provider_arn(self) -> pulumi.Input[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         return pulumi.get(self, "repository_credentials_provider_arn")
 
@@ -11324,7 +11709,7 @@ def repository_credentials_provider_arn(self, value: pulumi.Input[_builtins.str]
     class ModelPrimaryContainerModelDataSourceArgsDict(TypedDict):
         s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceArgsDict']]]
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
 elif False:
     ModelPrimaryContainerModelDataSourceArgsDict: TypeAlias = Mapping[str, Any]
@@ -11334,7 +11719,7 @@ class ModelPrimaryContainerModelDataSourceArgs:
     def __init__(__self__, *,
                  s3_data_sources: pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceArgs']]]):
         """
-        :param pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceArgs']]] s3_data_sources: The S3 location of model data to deploy.
+        :param pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceArgs']]] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
         """
         pulumi.set(__self__, "s3_data_sources", s3_data_sources)
 
@@ -11342,7 +11727,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="s3DataSources")
     def s3_data_sources(self) -> pulumi.Input[Sequence[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceArgs']]]:
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
         return pulumi.get(self, "s3_data_sources")
 
@@ -11359,7 +11744,7 @@ class ModelPrimaryContainerModelDataSourceS3DataSourceArgsDict(TypedDict):
         """
         s3_data_type: pulumi.Input[_builtins.str]
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         s3_uri: pulumi.Input[_builtins.str]
         """
@@ -11367,7 +11752,7 @@ class ModelPrimaryContainerModelDataSourceS3DataSourceArgsDict(TypedDict):
         """
         model_access_config: NotRequired[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict']]
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
 elif False:
     ModelPrimaryContainerModelDataSourceS3DataSourceArgsDict: TypeAlias = Mapping[str, Any]
@@ -11381,9 +11766,9 @@ def __init__(__self__, *,
                  model_access_config: Optional[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs']] = None):
         """
         :param pulumi.Input[_builtins.str] compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
-        :param pulumi.Input[_builtins.str] s3_data_type: The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param pulumi.Input[_builtins.str] s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         :param pulumi.Input[_builtins.str] s3_uri: The S3 path of model data to deploy.
-        :param pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        :param pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs'] model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         pulumi.set(__self__, "compression_type", compression_type)
         pulumi.set(__self__, "s3_data_type", s3_data_type)
@@ -11407,7 +11792,7 @@ def compression_type(self, value: pulumi.Input[_builtins.str]):
     @pulumi.getter(name="s3DataType")
     def s3_data_type(self) -> pulumi.Input[_builtins.str]:
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         return pulumi.get(self, "s3_data_type")
 
@@ -11431,7 +11816,7 @@ def s3_uri(self, value: pulumi.Input[_builtins.str]):
     @pulumi.getter(name="modelAccessConfig")
     def model_access_config(self) -> Optional[pulumi.Input['ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs']]:
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         return pulumi.get(self, "model_access_config")
 
@@ -11444,7 +11829,7 @@ def model_access_config(self, value: Optional[pulumi.Input['ModelPrimaryContaine
     class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict(TypedDict):
         accept_eula: pulumi.Input[_builtins.bool]
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
 elif False:
     ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgsDict: TypeAlias = Mapping[str, Any]
@@ -11454,7 +11839,7 @@ class ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs:
     def __init__(__self__, *,
                  accept_eula: pulumi.Input[_builtins.bool]):
         """
-        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        :param pulumi.Input[_builtins.bool] accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         pulumi.set(__self__, "accept_eula", accept_eula)
 
@@ -11462,7 +11847,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="acceptEula")
     def accept_eula(self) -> pulumi.Input[_builtins.bool]:
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         return pulumi.get(self, "accept_eula")
 
@@ -11506,7 +11891,13 @@ def model_cache_setting(self, value: Optional[pulumi.Input[_builtins.str]]):
 if not MYPY:
     class ModelVpcConfigArgsDict(TypedDict):
         security_group_ids: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+        """
         subnets: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]
+        """
+        List of subnet IDs in the VPC to which you want to connect your training job or model.
+        """
 elif False:
     ModelVpcConfigArgsDict: TypeAlias = Mapping[str, Any]
 
@@ -11515,12 +11906,19 @@ class ModelVpcConfigArgs:
     def __init__(__self__, *,
                  security_group_ids: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
                  subnets: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
+        """
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] security_group_ids: List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] subnets: List of subnet IDs in the VPC to which you want to connect your training job or model.
+        """
         pulumi.set(__self__, "security_group_ids", security_group_ids)
         pulumi.set(__self__, "subnets", subnets)
 
     @_builtins.property
     @pulumi.getter(name="securityGroupIds")
     def security_group_ids(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+        """
         return pulumi.get(self, "security_group_ids")
 
     @security_group_ids.setter
@@ -11530,6 +11928,9 @@ def security_group_ids(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins
     @_builtins.property
     @pulumi.getter
     def subnets(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
+        """
+        List of subnet IDs in the VPC to which you want to connect your training job or model.
+        """
         return pulumi.get(self, "subnets")
 
     @subnets.setter
diff --git a/sdk/python/pulumi_aws/sagemaker/model.py b/sdk/python/pulumi_aws/sagemaker/model.py
index 24f7d258d83..f98691b142a 100644
--- a/sdk/python/pulumi_aws/sagemaker/model.py
+++ b/sdk/python/pulumi_aws/sagemaker/model.py
@@ -36,8 +36,8 @@ def __init__(__self__, *,
         :param pulumi.Input[Sequence[pulumi.Input['ModelContainerArgs']]] containers: Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.bool] enable_network_isolation: Isolates the model container. No inbound or outbound network calls can be made to or from the model container.
         :param pulumi.Input['ModelInferenceExecutionConfigArgs'] inference_execution_config: Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config.
-        :param pulumi.Input[_builtins.str] name: The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
-        :param pulumi.Input['ModelPrimaryContainerArgs'] primary_container: The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        :param pulumi.Input[_builtins.str] name: Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
+        :param pulumi.Input['ModelPrimaryContainerArgs'] primary_container: Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input['ModelVpcConfigArgs'] vpc_config: Specifies the VPC that you want your model to connect to. This configuration is used in hosting services and in batch transform. See VPC Config.
@@ -112,7 +112,7 @@ def inference_execution_config(self, value: Optional[pulumi.Input['ModelInferenc
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+        Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
         """
         return pulumi.get(self, "name")
 
@@ -124,7 +124,7 @@ def name(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="primaryContainer")
     def primary_container(self) -> Optional[pulumi.Input['ModelPrimaryContainerArgs']]:
         """
-        The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         """
         return pulumi.get(self, "primary_container")
 
@@ -185,13 +185,13 @@ def __init__(__self__, *,
                  vpc_config: Optional[pulumi.Input['ModelVpcConfigArgs']] = None):
         """
         Input properties used for looking up and filtering Model resources.
-        :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) assigned by AWS to this model.
+        :param pulumi.Input[_builtins.str] arn: Amazon Resource Name (ARN) assigned by AWS to this model.
         :param pulumi.Input[Sequence[pulumi.Input['ModelContainerArgs']]] containers: Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.bool] enable_network_isolation: Isolates the model container. No inbound or outbound network calls can be made to or from the model container.
         :param pulumi.Input[_builtins.str] execution_role_arn: A role that SageMaker AI can assume to access model artifacts and docker images for deployment.
         :param pulumi.Input['ModelInferenceExecutionConfigArgs'] inference_execution_config: Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config.
-        :param pulumi.Input[_builtins.str] name: The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
-        :param pulumi.Input['ModelPrimaryContainerArgs'] primary_container: The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        :param pulumi.Input[_builtins.str] name: Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
+        :param pulumi.Input['ModelPrimaryContainerArgs'] primary_container: Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
@@ -224,7 +224,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The Amazon Resource Name (ARN) assigned by AWS to this model.
+        Amazon Resource Name (ARN) assigned by AWS to this model.
         """
         return pulumi.get(self, "arn")
 
@@ -284,7 +284,7 @@ def inference_execution_config(self, value: Optional[pulumi.Input['ModelInferenc
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+        Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
         """
         return pulumi.get(self, "name")
 
@@ -296,7 +296,7 @@ def name(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="primaryContainer")
     def primary_container(self) -> Optional[pulumi.Input['ModelPrimaryContainerArgs']]:
         """
-        The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         """
         return pulumi.get(self, "primary_container")
 
@@ -370,11 +370,11 @@ def __init__(__self__,
                  vpc_config: Optional[pulumi.Input[Union['ModelVpcConfigArgs', 'ModelVpcConfigArgsDict']]] = None,
                  __props__=None):
         """
-        Provides a SageMaker AI model resource.
+        Manages an Amazon SageMaker AI Model.
 
         ## Example Usage
 
-        Basic usage:
+        ### Basic Usage
 
         ```python
         import pulumi
@@ -397,21 +397,12 @@ def __init__(__self__,
             })
         ```
 
-        ## Inference Execution Config
-
-        * `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`.
-
-        ### VPC Config
-
-        * `security_group_ids` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
-        * `subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model.
-
         ## Import
 
         Using `pulumi import`, import models using the `name`. For example:
 
         ```sh
-        $ pulumi import aws:sagemaker/model:Model test_model model-foo
+        $ pulumi import aws:sagemaker/model:Model example model-foo
         ```
 
         :param str resource_name: The name of the resource.
@@ -420,8 +411,8 @@ def __init__(__self__,
         :param pulumi.Input[_builtins.bool] enable_network_isolation: Isolates the model container. No inbound or outbound network calls can be made to or from the model container.
         :param pulumi.Input[_builtins.str] execution_role_arn: A role that SageMaker AI can assume to access model artifacts and docker images for deployment.
         :param pulumi.Input[Union['ModelInferenceExecutionConfigArgs', 'ModelInferenceExecutionConfigArgsDict']] inference_execution_config: Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config.
-        :param pulumi.Input[_builtins.str] name: The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
-        :param pulumi.Input[Union['ModelPrimaryContainerArgs', 'ModelPrimaryContainerArgsDict']] primary_container: The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        :param pulumi.Input[_builtins.str] name: Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
+        :param pulumi.Input[Union['ModelPrimaryContainerArgs', 'ModelPrimaryContainerArgsDict']] primary_container: Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[Union['ModelVpcConfigArgs', 'ModelVpcConfigArgsDict']] vpc_config: Specifies the VPC that you want your model to connect to. This configuration is used in hosting services and in batch transform. See VPC Config.
@@ -433,11 +424,11 @@ def __init__(__self__,
                  args: ModelArgs,
                  opts: Optional[pulumi.ResourceOptions] = None):
         """
-        Provides a SageMaker AI model resource.
+        Manages an Amazon SageMaker AI Model.
 
         ## Example Usage
 
-        Basic usage:
+        ### Basic Usage
 
         ```python
         import pulumi
@@ -460,21 +451,12 @@ def __init__(__self__,
             })
         ```
 
-        ## Inference Execution Config
-
-        * `mode` - (Required) How containers in a multi-container are run. The following values are valid `Serial` and `Direct`.
-
-        ### VPC Config
-
-        * `security_group_ids` - (Required) List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
-        * `subnets` - (Required) List of subnet IDs in the VPC to which you want to connect your training job or model.
-
         ## Import
 
         Using `pulumi import`, import models using the `name`. For example:
 
         ```sh
-        $ pulumi import aws:sagemaker/model:Model test_model model-foo
+        $ pulumi import aws:sagemaker/model:Model example model-foo
         ```
 
         :param str resource_name: The name of the resource.
@@ -551,13 +533,13 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) assigned by AWS to this model.
+        :param pulumi.Input[_builtins.str] arn: Amazon Resource Name (ARN) assigned by AWS to this model.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ModelContainerArgs', 'ModelContainerArgsDict']]]] containers: Specifies containers in the inference pipeline. If not specified, the `primary_container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.bool] enable_network_isolation: Isolates the model container. No inbound or outbound network calls can be made to or from the model container.
         :param pulumi.Input[_builtins.str] execution_role_arn: A role that SageMaker AI can assume to access model artifacts and docker images for deployment.
         :param pulumi.Input[Union['ModelInferenceExecutionConfigArgs', 'ModelInferenceExecutionConfigArgsDict']] inference_execution_config: Specifies details of how containers in a multi-container endpoint are called. See Inference Execution Config.
-        :param pulumi.Input[_builtins.str] name: The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
-        :param pulumi.Input[Union['ModelPrimaryContainerArgs', 'ModelPrimaryContainerArgsDict']] primary_container: The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        :param pulumi.Input[_builtins.str] name: Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
+        :param pulumi.Input[Union['ModelPrimaryContainerArgs', 'ModelPrimaryContainerArgsDict']] primary_container: Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: A map of tags to assign to the resource. .If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
@@ -584,7 +566,7 @@ def get(resource_name: str,
     @pulumi.getter
     def arn(self) -> pulumi.Output[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) assigned by AWS to this model.
+        Amazon Resource Name (ARN) assigned by AWS to this model.
         """
         return pulumi.get(self, "arn")
 
@@ -624,7 +606,7 @@ def inference_execution_config(self) -> pulumi.Output['outputs.ModelInferenceExe
     @pulumi.getter
     def name(self) -> pulumi.Output[_builtins.str]:
         """
-        The name of the model (must be unique). If omitted, this provider will assign a random, unique name.
+        Name of the model (must be unique). If omitted, the provider will assign a random, unique name.
         """
         return pulumi.get(self, "name")
 
@@ -632,7 +614,7 @@ def name(self) -> pulumi.Output[_builtins.str]:
     @pulumi.getter(name="primaryContainer")
     def primary_container(self) -> pulumi.Output[Optional['outputs.ModelPrimaryContainer']]:
         """
-        The primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
+        Primary docker image containing inference code that is used when the model is deployed for predictions.  If not specified, the `container` argument is required. Fields are documented below.
         """
         return pulumi.get(self, "primary_container")
 
diff --git a/sdk/python/pulumi_aws/sagemaker/outputs.py b/sdk/python/pulumi_aws/sagemaker/outputs.py
index c8b8cb44e99..50d43ffd063 100644
--- a/sdk/python/pulumi_aws/sagemaker/outputs.py
+++ b/sdk/python/pulumi_aws/sagemaker/outputs.py
@@ -159,6 +159,9 @@
     'HubS3StorageConfig',
     'HumanTaskUIUiTemplate',
     'ModelContainer',
+    'ModelContainerAdditionalModelDataSource',
+    'ModelContainerAdditionalModelDataSourceS3DataSource',
+    'ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig',
     'ModelContainerImageConfig',
     'ModelContainerImageConfigRepositoryAuthConfig',
     'ModelContainerModelDataSource',
@@ -167,6 +170,9 @@
     'ModelContainerMultiModelConfig',
     'ModelInferenceExecutionConfig',
     'ModelPrimaryContainer',
+    'ModelPrimaryContainerAdditionalModelDataSource',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSource',
+    'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig',
     'ModelPrimaryContainerImageConfig',
     'ModelPrimaryContainerImageConfigRepositoryAuthConfig',
     'ModelPrimaryContainerModelDataSource',
@@ -8893,7 +8899,9 @@ class ModelContainer(dict):
     @staticmethod
     def __key_warning(key: str):
         suggest = None
-        if key == "containerHostname":
+        if key == "additionalModelDataSources":
+            suggest = "additional_model_data_sources"
+        elif key == "containerHostname":
             suggest = "container_hostname"
         elif key == "imageConfig":
             suggest = "image_config"
@@ -8920,6 +8928,7 @@ def get(self, key: str, default = None) -> Any:
         return super().get(key, default)
 
     def __init__(__self__, *,
+                 additional_model_data_sources: Optional[Sequence['outputs.ModelContainerAdditionalModelDataSource']] = None,
                  container_hostname: Optional[_builtins.str] = None,
                  environment: Optional[Mapping[str, _builtins.str]] = None,
                  image: Optional[_builtins.str] = None,
@@ -8931,18 +8940,21 @@ def __init__(__self__, *,
                  model_package_name: Optional[_builtins.str] = None,
                  multi_model_config: Optional['outputs.ModelContainerMultiModelConfig'] = None):
         """
-        :param _builtins.str container_hostname: The DNS host name for the container.
+        :param Sequence['ModelContainerAdditionalModelDataSourceArgs'] additional_model_data_sources: Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        :param _builtins.str container_hostname: DNS host name for the container.
         :param Mapping[str, _builtins.str] environment: Environment variables for the Docker container.
-               A list of key value pairs.
-        :param _builtins.str image: The registry path where the inference code image is stored in Amazon ECR.
+        :param _builtins.str image: Registry path where the inference code image is stored in Amazon ECR.
         :param 'ModelContainerImageConfigArgs' image_config: Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.
-        :param _builtins.str inference_specification_name: The inference specification name in the model package version.
-        :param _builtins.str mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        :param 'ModelContainerModelDataSourceArgs' model_data_source: The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
-        :param _builtins.str model_data_url: The URL for the S3 location where model artifacts are stored.
-        :param _builtins.str model_package_name: The Amazon Resource Name (ARN) of the model package to use to create the model.
+        :param _builtins.str inference_specification_name: Inference specification name in the model package version.
+        :param _builtins.str mode: Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
+        :param 'ModelContainerModelDataSourceArgs' model_data_source: Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        :param _builtins.str model_data_url: URL for the S3 location where model artifacts are stored.
+        :param _builtins.str model_package_name: Amazon Resource Name (ARN) of the model package to use to create the model.
+               A list of key value pairs.
         :param 'ModelContainerMultiModelConfigArgs' multi_model_config: Specifies additional configuration for multi-model endpoints. see Multi Model Config.
         """
+        if additional_model_data_sources is not None:
+            pulumi.set(__self__, "additional_model_data_sources", additional_model_data_sources)
         if container_hostname is not None:
             pulumi.set(__self__, "container_hostname", container_hostname)
         if environment is not None:
@@ -8964,11 +8976,19 @@ def __init__(__self__, *,
         if multi_model_config is not None:
             pulumi.set(__self__, "multi_model_config", multi_model_config)
 
+    @_builtins.property
+    @pulumi.getter(name="additionalModelDataSources")
+    def additional_model_data_sources(self) -> Optional[Sequence['outputs.ModelContainerAdditionalModelDataSource']]:
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
+        return pulumi.get(self, "additional_model_data_sources")
+
     @_builtins.property
     @pulumi.getter(name="containerHostname")
     def container_hostname(self) -> Optional[_builtins.str]:
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         return pulumi.get(self, "container_hostname")
 
@@ -8977,7 +8997,6 @@ def container_hostname(self) -> Optional[_builtins.str]:
     def environment(self) -> Optional[Mapping[str, _builtins.str]]:
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         return pulumi.get(self, "environment")
 
@@ -8985,7 +9004,7 @@ def environment(self) -> Optional[Mapping[str, _builtins.str]]:
     @pulumi.getter
     def image(self) -> Optional[_builtins.str]:
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         return pulumi.get(self, "image")
 
@@ -9001,7 +9020,7 @@ def image_config(self) -> Optional['outputs.ModelContainerImageConfig']:
     @pulumi.getter(name="inferenceSpecificationName")
     def inference_specification_name(self) -> Optional[_builtins.str]:
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         return pulumi.get(self, "inference_specification_name")
 
@@ -9009,7 +9028,7 @@ def inference_specification_name(self) -> Optional[_builtins.str]:
     @pulumi.getter
     def mode(self) -> Optional[_builtins.str]:
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        Container hosts value. Allowed values are: `SingleModel` and `MultiModel`. The default value is `SingleModel`.
         """
         return pulumi.get(self, "mode")
 
@@ -9017,7 +9036,7 @@ def mode(self) -> Optional[_builtins.str]:
     @pulumi.getter(name="modelDataSource")
     def model_data_source(self) -> Optional['outputs.ModelContainerModelDataSource']:
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         return pulumi.get(self, "model_data_source")
 
@@ -9025,7 +9044,7 @@ def model_data_source(self) -> Optional['outputs.ModelContainerModelDataSource']
     @pulumi.getter(name="modelDataUrl")
     def model_data_url(self) -> Optional[_builtins.str]:
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         return pulumi.get(self, "model_data_url")
 
@@ -9033,7 +9052,8 @@ def model_data_url(self) -> Optional[_builtins.str]:
     @pulumi.getter(name="modelPackageName")
     def model_package_name(self) -> Optional[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         return pulumi.get(self, "model_package_name")
 
@@ -9046,6 +9066,164 @@ def multi_model_config(self) -> Optional['outputs.ModelContainerMultiModelConfig
         return pulumi.get(self, "multi_model_config")
 
 
+@pulumi.output_type
+class ModelContainerAdditionalModelDataSource(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "channelName":
+            suggest = "channel_name"
+        elif key == "s3DataSources":
+            suggest = "s3_data_sources"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelContainerAdditionalModelDataSource. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelContainerAdditionalModelDataSource.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelContainerAdditionalModelDataSource.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 channel_name: _builtins.str,
+                 s3_data_sources: Sequence['outputs.ModelContainerAdditionalModelDataSourceS3DataSource']):
+        """
+        :param _builtins.str channel_name: Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        :param Sequence['ModelContainerAdditionalModelDataSourceS3DataSourceArgs'] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
+        """
+        pulumi.set(__self__, "channel_name", channel_name)
+        pulumi.set(__self__, "s3_data_sources", s3_data_sources)
+
+    @_builtins.property
+    @pulumi.getter(name="channelName")
+    def channel_name(self) -> _builtins.str:
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        return pulumi.get(self, "channel_name")
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataSources")
+    def s3_data_sources(self) -> Sequence['outputs.ModelContainerAdditionalModelDataSourceS3DataSource']:
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+        return pulumi.get(self, "s3_data_sources")
+
+
+@pulumi.output_type
+class ModelContainerAdditionalModelDataSourceS3DataSource(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "compressionType":
+            suggest = "compression_type"
+        elif key == "s3DataType":
+            suggest = "s3_data_type"
+        elif key == "s3Uri":
+            suggest = "s3_uri"
+        elif key == "modelAccessConfig":
+            suggest = "model_access_config"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelContainerAdditionalModelDataSourceS3DataSource. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelContainerAdditionalModelDataSourceS3DataSource.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelContainerAdditionalModelDataSourceS3DataSource.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 compression_type: _builtins.str,
+                 s3_data_type: _builtins.str,
+                 s3_uri: _builtins.str,
+                 model_access_config: Optional['outputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig'] = None):
+        """
+        :param _builtins.str compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        :param _builtins.str s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param _builtins.str s3_uri: The S3 path of model data to deploy.
+        :param 'ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        pulumi.set(__self__, "compression_type", compression_type)
+        pulumi.set(__self__, "s3_data_type", s3_data_type)
+        pulumi.set(__self__, "s3_uri", s3_uri)
+        if model_access_config is not None:
+            pulumi.set(__self__, "model_access_config", model_access_config)
+
+    @_builtins.property
+    @pulumi.getter(name="compressionType")
+    def compression_type(self) -> _builtins.str:
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        return pulumi.get(self, "compression_type")
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataType")
+    def s3_data_type(self) -> _builtins.str:
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        return pulumi.get(self, "s3_data_type")
+
+    @_builtins.property
+    @pulumi.getter(name="s3Uri")
+    def s3_uri(self) -> _builtins.str:
+        """
+        The S3 path of model data to deploy.
+        """
+        return pulumi.get(self, "s3_uri")
+
+    @_builtins.property
+    @pulumi.getter(name="modelAccessConfig")
+    def model_access_config(self) -> Optional['outputs.ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig']:
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        return pulumi.get(self, "model_access_config")
+
+
+@pulumi.output_type
+class ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "acceptEula":
+            suggest = "accept_eula"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 accept_eula: _builtins.bool):
+        """
+        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        pulumi.set(__self__, "accept_eula", accept_eula)
+
+    @_builtins.property
+    @pulumi.getter(name="acceptEula")
+    def accept_eula(self) -> _builtins.bool:
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        return pulumi.get(self, "accept_eula")
+
+
 @pulumi.output_type
 class ModelContainerImageConfig(dict):
     @staticmethod
@@ -9117,7 +9295,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  repository_credentials_provider_arn: _builtins.str):
         """
-        :param _builtins.str repository_credentials_provider_arn: The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        :param _builtins.str repository_credentials_provider_arn: Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         pulumi.set(__self__, "repository_credentials_provider_arn", repository_credentials_provider_arn)
 
@@ -9125,7 +9303,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="repositoryCredentialsProviderArn")
     def repository_credentials_provider_arn(self) -> _builtins.str:
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         return pulumi.get(self, "repository_credentials_provider_arn")
 
@@ -9152,7 +9330,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  s3_data_sources: Sequence['outputs.ModelContainerModelDataSourceS3DataSource']):
         """
-        :param Sequence['ModelContainerModelDataSourceS3DataSourceArgs'] s3_data_sources: The S3 location of model data to deploy.
+        :param Sequence['ModelContainerModelDataSourceS3DataSourceArgs'] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
         """
         pulumi.set(__self__, "s3_data_sources", s3_data_sources)
 
@@ -9160,7 +9338,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="s3DataSources")
     def s3_data_sources(self) -> Sequence['outputs.ModelContainerModelDataSourceS3DataSource']:
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
         return pulumi.get(self, "s3_data_sources")
 
@@ -9197,9 +9375,9 @@ def __init__(__self__, *,
                  model_access_config: Optional['outputs.ModelContainerModelDataSourceS3DataSourceModelAccessConfig'] = None):
         """
         :param _builtins.str compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
-        :param _builtins.str s3_data_type: The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param _builtins.str s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         :param _builtins.str s3_uri: The S3 path of model data to deploy.
-        :param 'ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        :param 'ModelContainerModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         pulumi.set(__self__, "compression_type", compression_type)
         pulumi.set(__self__, "s3_data_type", s3_data_type)
@@ -9219,7 +9397,7 @@ def compression_type(self) -> _builtins.str:
     @pulumi.getter(name="s3DataType")
     def s3_data_type(self) -> _builtins.str:
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         return pulumi.get(self, "s3_data_type")
 
@@ -9235,7 +9413,7 @@ def s3_uri(self) -> _builtins.str:
     @pulumi.getter(name="modelAccessConfig")
     def model_access_config(self) -> Optional['outputs.ModelContainerModelDataSourceS3DataSourceModelAccessConfig']:
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         return pulumi.get(self, "model_access_config")
 
@@ -9262,7 +9440,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  accept_eula: _builtins.bool):
         """
-        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         pulumi.set(__self__, "accept_eula", accept_eula)
 
@@ -9270,7 +9448,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="acceptEula")
     def accept_eula(self) -> _builtins.bool:
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         return pulumi.get(self, "accept_eula")
 
@@ -9316,7 +9494,7 @@ class ModelInferenceExecutionConfig(dict):
     def __init__(__self__, *,
                  mode: _builtins.str):
         """
-        :param _builtins.str mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        :param _builtins.str mode: How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
         """
         pulumi.set(__self__, "mode", mode)
 
@@ -9324,7 +9502,7 @@ def __init__(__self__, *,
     @pulumi.getter
     def mode(self) -> _builtins.str:
         """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
+        How containers in a multi-container are run. Allowed values are: `Serial` and `Direct`.
         """
         return pulumi.get(self, "mode")
 
@@ -9334,7 +9512,9 @@ class ModelPrimaryContainer(dict):
     @staticmethod
     def __key_warning(key: str):
         suggest = None
-        if key == "containerHostname":
+        if key == "additionalModelDataSources":
+            suggest = "additional_model_data_sources"
+        elif key == "containerHostname":
             suggest = "container_hostname"
         elif key == "imageConfig":
             suggest = "image_config"
@@ -9361,6 +9541,7 @@ def get(self, key: str, default = None) -> Any:
         return super().get(key, default)
 
     def __init__(__self__, *,
+                 additional_model_data_sources: Optional[Sequence['outputs.ModelPrimaryContainerAdditionalModelDataSource']] = None,
                  container_hostname: Optional[_builtins.str] = None,
                  environment: Optional[Mapping[str, _builtins.str]] = None,
                  image: Optional[_builtins.str] = None,
@@ -9372,18 +9553,20 @@ def __init__(__self__, *,
                  model_package_name: Optional[_builtins.str] = None,
                  multi_model_config: Optional['outputs.ModelPrimaryContainerMultiModelConfig'] = None):
         """
-        :param _builtins.str container_hostname: The DNS host name for the container.
+        :param Sequence['ModelPrimaryContainerAdditionalModelDataSourceArgs'] additional_model_data_sources: Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        :param _builtins.str container_hostname: DNS host name for the container.
         :param Mapping[str, _builtins.str] environment: Environment variables for the Docker container.
-               A list of key value pairs.
-        :param _builtins.str image: The registry path where the inference code image is stored in Amazon ECR.
+        :param _builtins.str image: Registry path where the inference code image is stored in Amazon ECR.
         :param 'ModelPrimaryContainerImageConfigArgs' image_config: Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For more information see [Using a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html). see Image Config.
-        :param _builtins.str inference_specification_name: The inference specification name in the model package version.
-        :param _builtins.str mode: The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        :param 'ModelPrimaryContainerModelDataSourceArgs' model_data_source: The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
-        :param _builtins.str model_data_url: The URL for the S3 location where model artifacts are stored.
-        :param _builtins.str model_package_name: The Amazon Resource Name (ARN) of the model package to use to create the model.
+        :param _builtins.str inference_specification_name: Inference specification name in the model package version.
+        :param 'ModelPrimaryContainerModelDataSourceArgs' model_data_source: Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        :param _builtins.str model_data_url: URL for the S3 location where model artifacts are stored.
+        :param _builtins.str model_package_name: Amazon Resource Name (ARN) of the model package to use to create the model.
+               A list of key value pairs.
         :param 'ModelPrimaryContainerMultiModelConfigArgs' multi_model_config: Specifies additional configuration for multi-model endpoints. see Multi Model Config.
         """
+        if additional_model_data_sources is not None:
+            pulumi.set(__self__, "additional_model_data_sources", additional_model_data_sources)
         if container_hostname is not None:
             pulumi.set(__self__, "container_hostname", container_hostname)
         if environment is not None:
@@ -9405,11 +9588,19 @@ def __init__(__self__, *,
         if multi_model_config is not None:
             pulumi.set(__self__, "multi_model_config", multi_model_config)
 
+    @_builtins.property
+    @pulumi.getter(name="additionalModelDataSources")
+    def additional_model_data_sources(self) -> Optional[Sequence['outputs.ModelPrimaryContainerAdditionalModelDataSource']]:
+        """
+        Additional data sources that are available to the model in addition to those specified in `model_data_source`. See Additional Model Data Source.
+        """
+        return pulumi.get(self, "additional_model_data_sources")
+
     @_builtins.property
     @pulumi.getter(name="containerHostname")
     def container_hostname(self) -> Optional[_builtins.str]:
         """
-        The DNS host name for the container.
+        DNS host name for the container.
         """
         return pulumi.get(self, "container_hostname")
 
@@ -9418,7 +9609,6 @@ def container_hostname(self) -> Optional[_builtins.str]:
     def environment(self) -> Optional[Mapping[str, _builtins.str]]:
         """
         Environment variables for the Docker container.
-        A list of key value pairs.
         """
         return pulumi.get(self, "environment")
 
@@ -9426,7 +9616,7 @@ def environment(self) -> Optional[Mapping[str, _builtins.str]]:
     @pulumi.getter
     def image(self) -> Optional[_builtins.str]:
         """
-        The registry path where the inference code image is stored in Amazon ECR.
+        Registry path where the inference code image is stored in Amazon ECR.
         """
         return pulumi.get(self, "image")
 
@@ -9442,23 +9632,20 @@ def image_config(self) -> Optional['outputs.ModelPrimaryContainerImageConfig']:
     @pulumi.getter(name="inferenceSpecificationName")
     def inference_specification_name(self) -> Optional[_builtins.str]:
         """
-        The inference specification name in the model package version.
+        Inference specification name in the model package version.
         """
         return pulumi.get(self, "inference_specification_name")
 
     @_builtins.property
     @pulumi.getter
     def mode(self) -> Optional[_builtins.str]:
-        """
-        The container hosts value `SingleModel/MultiModel`. The default value is `SingleModel`.
-        """
         return pulumi.get(self, "mode")
 
     @_builtins.property
     @pulumi.getter(name="modelDataSource")
     def model_data_source(self) -> Optional['outputs.ModelPrimaryContainerModelDataSource']:
         """
-        The location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
+        Location of model data to deploy. Use this for uncompressed model deployment. For information about how to deploy an uncompressed model, see [Deploying uncompressed models](https://docs.aws.amazon.com/sagemaker/latest/dg/large-model-inference-uncompressed.html) in the _AWS SageMaker AI Developer Guide_.
         """
         return pulumi.get(self, "model_data_source")
 
@@ -9466,7 +9653,7 @@ def model_data_source(self) -> Optional['outputs.ModelPrimaryContainerModelDataS
     @pulumi.getter(name="modelDataUrl")
     def model_data_url(self) -> Optional[_builtins.str]:
         """
-        The URL for the S3 location where model artifacts are stored.
+        URL for the S3 location where model artifacts are stored.
         """
         return pulumi.get(self, "model_data_url")
 
@@ -9474,7 +9661,8 @@ def model_data_url(self) -> Optional[_builtins.str]:
     @pulumi.getter(name="modelPackageName")
     def model_package_name(self) -> Optional[_builtins.str]:
         """
-        The Amazon Resource Name (ARN) of the model package to use to create the model.
+        Amazon Resource Name (ARN) of the model package to use to create the model.
+        A list of key value pairs.
         """
         return pulumi.get(self, "model_package_name")
 
@@ -9487,6 +9675,164 @@ def multi_model_config(self) -> Optional['outputs.ModelPrimaryContainerMultiMode
         return pulumi.get(self, "multi_model_config")
 
 
+@pulumi.output_type
+class ModelPrimaryContainerAdditionalModelDataSource(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "channelName":
+            suggest = "channel_name"
+        elif key == "s3DataSources":
+            suggest = "s3_data_sources"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelPrimaryContainerAdditionalModelDataSource. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSource.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSource.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 channel_name: _builtins.str,
+                 s3_data_sources: Sequence['outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSource']):
+        """
+        :param _builtins.str channel_name: Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        :param Sequence['ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceArgs'] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
+        """
+        pulumi.set(__self__, "channel_name", channel_name)
+        pulumi.set(__self__, "s3_data_sources", s3_data_sources)
+
+    @_builtins.property
+    @pulumi.getter(name="channelName")
+    def channel_name(self) -> _builtins.str:
+        """
+        Custom name for the additional model data source object. It will be stored in `/opt/ml/additional-model-data-sources//`.
+        """
+        return pulumi.get(self, "channel_name")
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataSources")
+    def s3_data_sources(self) -> Sequence['outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSource']:
+        """
+        S3 location of model data to deploy. See S3 Data Source.
+        """
+        return pulumi.get(self, "s3_data_sources")
+
+
+@pulumi.output_type
+class ModelPrimaryContainerAdditionalModelDataSourceS3DataSource(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "compressionType":
+            suggest = "compression_type"
+        elif key == "s3DataType":
+            suggest = "s3_data_type"
+        elif key == "s3Uri":
+            suggest = "s3_uri"
+        elif key == "modelAccessConfig":
+            suggest = "model_access_config"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelPrimaryContainerAdditionalModelDataSourceS3DataSource. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSourceS3DataSource.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 compression_type: _builtins.str,
+                 s3_data_type: _builtins.str,
+                 s3_uri: _builtins.str,
+                 model_access_config: Optional['outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig'] = None):
+        """
+        :param _builtins.str compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        :param _builtins.str s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param _builtins.str s3_uri: The S3 path of model data to deploy.
+        :param 'ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        pulumi.set(__self__, "compression_type", compression_type)
+        pulumi.set(__self__, "s3_data_type", s3_data_type)
+        pulumi.set(__self__, "s3_uri", s3_uri)
+        if model_access_config is not None:
+            pulumi.set(__self__, "model_access_config", model_access_config)
+
+    @_builtins.property
+    @pulumi.getter(name="compressionType")
+    def compression_type(self) -> _builtins.str:
+        """
+        How the model data is prepared. Allowed values are: `None` and `Gzip`.
+        """
+        return pulumi.get(self, "compression_type")
+
+    @_builtins.property
+    @pulumi.getter(name="s3DataType")
+    def s3_data_type(self) -> _builtins.str:
+        """
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        """
+        return pulumi.get(self, "s3_data_type")
+
+    @_builtins.property
+    @pulumi.getter(name="s3Uri")
+    def s3_uri(self) -> _builtins.str:
+        """
+        The S3 path of model data to deploy.
+        """
+        return pulumi.get(self, "s3_uri")
+
+    @_builtins.property
+    @pulumi.getter(name="modelAccessConfig")
+    def model_access_config(self) -> Optional['outputs.ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig']:
+        """
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
+        """
+        return pulumi.get(self, "model_access_config")
+
+
+@pulumi.output_type
+class ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig(dict):
+    @staticmethod
+    def __key_warning(key: str):
+        suggest = None
+        if key == "acceptEula":
+            suggest = "accept_eula"
+
+        if suggest:
+            pulumi.log.warn(f"Key '{key}' not found in ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig. Access the value via the '{suggest}' property getter instead.")
+
+    def __getitem__(self, key: str) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.__key_warning(key)
+        return super().__getitem__(key)
+
+    def get(self, key: str, default = None) -> Any:
+        ModelPrimaryContainerAdditionalModelDataSourceS3DataSourceModelAccessConfig.__key_warning(key)
+        return super().get(key, default)
+
+    def __init__(__self__, *,
+                 accept_eula: _builtins.bool):
+        """
+        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        pulumi.set(__self__, "accept_eula", accept_eula)
+
+    @_builtins.property
+    @pulumi.getter(name="acceptEula")
+    def accept_eula(self) -> _builtins.bool:
+        """
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        """
+        return pulumi.get(self, "accept_eula")
+
+
 @pulumi.output_type
 class ModelPrimaryContainerImageConfig(dict):
     @staticmethod
@@ -9558,7 +9904,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  repository_credentials_provider_arn: _builtins.str):
         """
-        :param _builtins.str repository_credentials_provider_arn: The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        :param _builtins.str repository_credentials_provider_arn: Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         pulumi.set(__self__, "repository_credentials_provider_arn", repository_credentials_provider_arn)
 
@@ -9566,7 +9912,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="repositoryCredentialsProviderArn")
     def repository_credentials_provider_arn(self) -> _builtins.str:
         """
-        The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
+        Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the _AWS Lambda Developer Guide_.
         """
         return pulumi.get(self, "repository_credentials_provider_arn")
 
@@ -9593,7 +9939,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  s3_data_sources: Sequence['outputs.ModelPrimaryContainerModelDataSourceS3DataSource']):
         """
-        :param Sequence['ModelPrimaryContainerModelDataSourceS3DataSourceArgs'] s3_data_sources: The S3 location of model data to deploy.
+        :param Sequence['ModelPrimaryContainerModelDataSourceS3DataSourceArgs'] s3_data_sources: S3 location of model data to deploy. See S3 Data Source.
         """
         pulumi.set(__self__, "s3_data_sources", s3_data_sources)
 
@@ -9601,7 +9947,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="s3DataSources")
     def s3_data_sources(self) -> Sequence['outputs.ModelPrimaryContainerModelDataSourceS3DataSource']:
         """
-        The S3 location of model data to deploy.
+        S3 location of model data to deploy. See S3 Data Source.
         """
         return pulumi.get(self, "s3_data_sources")
 
@@ -9638,9 +9984,9 @@ def __init__(__self__, *,
                  model_access_config: Optional['outputs.ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig'] = None):
         """
         :param _builtins.str compression_type: How the model data is prepared. Allowed values are: `None` and `Gzip`.
-        :param _builtins.str s3_data_type: The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        :param _builtins.str s3_data_type: Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         :param _builtins.str s3_uri: The S3 path of model data to deploy.
-        :param 'ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        :param 'ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfigArgs' model_access_config: Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         pulumi.set(__self__, "compression_type", compression_type)
         pulumi.set(__self__, "s3_data_type", s3_data_type)
@@ -9660,7 +10006,7 @@ def compression_type(self) -> _builtins.str:
     @pulumi.getter(name="s3DataType")
     def s3_data_type(self) -> _builtins.str:
         """
-        The type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
+        Type of model data to deploy. Allowed values are: `S3Object` and `S3Prefix`.
         """
         return pulumi.get(self, "s3_data_type")
 
@@ -9676,7 +10022,7 @@ def s3_uri(self) -> _builtins.str:
     @pulumi.getter(name="modelAccessConfig")
     def model_access_config(self) -> Optional['outputs.ModelPrimaryContainerModelDataSourceS3DataSourceModelAccessConfig']:
         """
-        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. see Model Access Config.
+        Specifies the access configuration file for the ML model. You can explicitly accept the model end-user license agreement (EULA) within the [`model_access_config` configuration block]. See Model Access Config.
         """
         return pulumi.get(self, "model_access_config")
 
@@ -9703,7 +10049,7 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  accept_eula: _builtins.bool):
         """
-        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        :param _builtins.bool accept_eula: Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         pulumi.set(__self__, "accept_eula", accept_eula)
 
@@ -9711,7 +10057,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="acceptEula")
     def accept_eula(self) -> _builtins.bool:
         """
-        Specifies agreement to the model end-user license agreement (EULA). The AcceptEula value must be explicitly defined as `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
+        Specifies agreement to the model end-user license agreement (EULA). The value must be set to `true` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.
         """
         return pulumi.get(self, "accept_eula")
 
@@ -9774,17 +10120,27 @@ def get(self, key: str, default = None) -> Any:
     def __init__(__self__, *,
                  security_group_ids: Sequence[_builtins.str],
                  subnets: Sequence[_builtins.str]):
+        """
+        :param Sequence[_builtins.str] security_group_ids: List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+        :param Sequence[_builtins.str] subnets: List of subnet IDs in the VPC to which you want to connect your training job or model.
+        """
         pulumi.set(__self__, "security_group_ids", security_group_ids)
         pulumi.set(__self__, "subnets", subnets)
 
     @_builtins.property
     @pulumi.getter(name="securityGroupIds")
     def security_group_ids(self) -> Sequence[_builtins.str]:
+        """
+        List of security group IDs you want to be applied to your training job or model. Specify the security groups for the VPC that is specified in the Subnets field.
+        """
         return pulumi.get(self, "security_group_ids")
 
     @_builtins.property
     @pulumi.getter
     def subnets(self) -> Sequence[_builtins.str]:
+        """
+        List of subnet IDs in the VPC to which you want to connect your training job or model.
+        """
         return pulumi.get(self, "subnets")
 
 
diff --git a/sdk/python/pulumi_aws/ssoadmin/account_assignment.py b/sdk/python/pulumi_aws/ssoadmin/account_assignment.py
index cf589d97a81..ada7e2af727 100644
--- a/sdk/python/pulumi_aws/ssoadmin/account_assignment.py
+++ b/sdk/python/pulumi_aws/ssoadmin/account_assignment.py
@@ -24,8 +24,8 @@ def __init__(__self__, *,
                  principal_id: pulumi.Input[_builtins.str],
                  principal_type: pulumi.Input[_builtins.str],
                  target_id: pulumi.Input[_builtins.str],
-                 region: Optional[pulumi.Input[_builtins.str]] = None,
-                 target_type: Optional[pulumi.Input[_builtins.str]] = None):
+                 target_type: pulumi.Input[_builtins.str],
+                 region: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a AccountAssignment resource.
         :param pulumi.Input[_builtins.str] instance_arn: The Amazon Resource Name (ARN) of the SSO Instance.
@@ -33,18 +33,17 @@ def __init__(__self__, *,
         :param pulumi.Input[_builtins.str] principal_id: An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, `f81d4fae-7dec-11d0-a765-00a0c91e6bf6`).
         :param pulumi.Input[_builtins.str] principal_type: The entity type for which the assignment will be created. Valid values: `USER`, `GROUP`.
         :param pulumi.Input[_builtins.str] target_id: An AWS account identifier, typically a 10-12 digit string.
-        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[_builtins.str] target_type: The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         """
         pulumi.set(__self__, "instance_arn", instance_arn)
         pulumi.set(__self__, "permission_set_arn", permission_set_arn)
         pulumi.set(__self__, "principal_id", principal_id)
         pulumi.set(__self__, "principal_type", principal_type)
         pulumi.set(__self__, "target_id", target_id)
+        pulumi.set(__self__, "target_type", target_type)
         if region is not None:
             pulumi.set(__self__, "region", region)
-        if target_type is not None:
-            pulumi.set(__self__, "target_type", target_type)
 
     @_builtins.property
     @pulumi.getter(name="instanceArn")
@@ -106,6 +105,18 @@ def target_id(self) -> pulumi.Input[_builtins.str]:
     def target_id(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "target_id", value)
 
+    @_builtins.property
+    @pulumi.getter(name="targetType")
+    def target_type(self) -> pulumi.Input[_builtins.str]:
+        """
+        The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
+        """
+        return pulumi.get(self, "target_type")
+
+    @target_type.setter
+    def target_type(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "target_type", value)
+
     @_builtins.property
     @pulumi.getter
     def region(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -118,18 +129,6 @@ def region(self) -> Optional[pulumi.Input[_builtins.str]]:
     def region(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "region", value)
 
-    @_builtins.property
-    @pulumi.getter(name="targetType")
-    def target_type(self) -> Optional[pulumi.Input[_builtins.str]]:
-        """
-        The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
-        """
-        return pulumi.get(self, "target_type")
-
-    @target_type.setter
-    def target_type(self, value: Optional[pulumi.Input[_builtins.str]]):
-        pulumi.set(self, "target_type", value)
-
 
 @pulumi.input_type
 class _AccountAssignmentState:
@@ -464,6 +463,8 @@ def _internal_init(__self__,
             if target_id is None and not opts.urn:
                 raise TypeError("Missing required property 'target_id'")
             __props__.__dict__["target_id"] = target_id
+            if target_type is None and not opts.urn:
+                raise TypeError("Missing required property 'target_type'")
             __props__.__dict__["target_type"] = target_type
         super(AccountAssignment, __self__).__init__(
             'aws:ssoadmin/accountAssignment:AccountAssignment',
@@ -560,7 +561,7 @@ def target_id(self) -> pulumi.Output[_builtins.str]:
 
     @_builtins.property
     @pulumi.getter(name="targetType")
-    def target_type(self) -> pulumi.Output[Optional[_builtins.str]]:
+    def target_type(self) -> pulumi.Output[_builtins.str]:
         """
         The entity type for which the assignment will be created. Valid values: `AWS_ACCOUNT`.
         """
diff --git a/sdk/python/pulumi_aws/timestreaminfluxdb/db_cluster.py b/sdk/python/pulumi_aws/timestreaminfluxdb/db_cluster.py
index 52d15fe8f69..1dbf163049c 100644
--- a/sdk/python/pulumi_aws/timestreaminfluxdb/db_cluster.py
+++ b/sdk/python/pulumi_aws/timestreaminfluxdb/db_cluster.py
@@ -21,14 +21,11 @@
 @pulumi.input_type
 class DbClusterArgs:
     def __init__(__self__, *,
-                 allocated_storage: pulumi.Input[_builtins.int],
-                 bucket: pulumi.Input[_builtins.str],
                  db_instance_type: pulumi.Input[_builtins.str],
-                 organization: pulumi.Input[_builtins.str],
-                 password: pulumi.Input[_builtins.str],
-                 username: pulumi.Input[_builtins.str],
                  vpc_security_group_ids: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
                  vpc_subnet_ids: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
+                 allocated_storage: Optional[pulumi.Input[_builtins.int]] = None,
+                 bucket: Optional[pulumi.Input[_builtins.str]] = None,
                  db_parameter_group_identifier: Optional[pulumi.Input[_builtins.str]] = None,
                  db_storage_type: Optional[pulumi.Input[_builtins.str]] = None,
                  deployment_type: Optional[pulumi.Input[_builtins.str]] = None,
@@ -36,43 +33,45 @@ def __init__(__self__, *,
                  log_delivery_configuration: Optional[pulumi.Input['DbClusterLogDeliveryConfigurationArgs']] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  network_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 organization: Optional[pulumi.Input[_builtins.str]] = None,
+                 password: Optional[pulumi.Input[_builtins.str]] = None,
                  port: Optional[pulumi.Input[_builtins.int]] = None,
                  publicly_accessible: Optional[pulumi.Input[_builtins.bool]] = None,
                  region: Optional[pulumi.Input[_builtins.str]] = None,
                  tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
-                 timeouts: Optional[pulumi.Input['DbClusterTimeoutsArgs']] = None):
+                 timeouts: Optional[pulumi.Input['DbClusterTimeoutsArgs']] = None,
+                 username: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a DbCluster resource.
-        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
-        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
         :param pulumi.Input[_builtins.str] db_instance_type: Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
-        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_security_group_ids: List of VPC security group IDs to associate with the cluster.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_subnet_ids: List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.
                
                The following arguments are optional:
+        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] db_parameter_group_identifier: ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `db_parameter_group_identifier`, removing `db_parameter_group_identifier` will cause the cluster to be destroyed and recreated.
         :param pulumi.Input[_builtins.str] db_storage_type: Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use `"InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocated_storage` is 400.
-        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] failover_mode: Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
         :param pulumi.Input['DbClusterLogDeliveryConfigurationArgs'] log_delivery_configuration: Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable.
         :param pulumi.Input[_builtins.str] name: Name that uniquely identifies the DB cluster when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. Cluster names must be unique per customer and per region. The argument must start with a letter, cannot contain consecutive hyphens (`-`) and cannot end with a hyphen.
         :param pulumi.Input[_builtins.str] network_type: Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols.
+        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         :param pulumi.Input[_builtins.int] port: The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
         :param pulumi.Input[_builtins.bool] publicly_accessible: Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
-        pulumi.set(__self__, "allocated_storage", allocated_storage)
-        pulumi.set(__self__, "bucket", bucket)
         pulumi.set(__self__, "db_instance_type", db_instance_type)
-        pulumi.set(__self__, "organization", organization)
-        pulumi.set(__self__, "password", password)
-        pulumi.set(__self__, "username", username)
         pulumi.set(__self__, "vpc_security_group_ids", vpc_security_group_ids)
         pulumi.set(__self__, "vpc_subnet_ids", vpc_subnet_ids)
+        if allocated_storage is not None:
+            pulumi.set(__self__, "allocated_storage", allocated_storage)
+        if bucket is not None:
+            pulumi.set(__self__, "bucket", bucket)
         if db_parameter_group_identifier is not None:
             pulumi.set(__self__, "db_parameter_group_identifier", db_parameter_group_identifier)
         if db_storage_type is not None:
@@ -87,6 +86,10 @@ def __init__(__self__, *,
             pulumi.set(__self__, "name", name)
         if network_type is not None:
             pulumi.set(__self__, "network_type", network_type)
+        if organization is not None:
+            pulumi.set(__self__, "organization", organization)
+        if password is not None:
+            pulumi.set(__self__, "password", password)
         if port is not None:
             pulumi.set(__self__, "port", port)
         if publicly_accessible is not None:
@@ -97,30 +100,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "tags", tags)
         if timeouts is not None:
             pulumi.set(__self__, "timeouts", timeouts)
-
-    @_builtins.property
-    @pulumi.getter(name="allocatedStorage")
-    def allocated_storage(self) -> pulumi.Input[_builtins.int]:
-        """
-        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
-        """
-        return pulumi.get(self, "allocated_storage")
-
-    @allocated_storage.setter
-    def allocated_storage(self, value: pulumi.Input[_builtins.int]):
-        pulumi.set(self, "allocated_storage", value)
-
-    @_builtins.property
-    @pulumi.getter
-    def bucket(self) -> pulumi.Input[_builtins.str]:
-        """
-        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        """
-        return pulumi.get(self, "bucket")
-
-    @bucket.setter
-    def bucket(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "bucket", value)
+        if username is not None:
+            pulumi.set(__self__, "username", username)
 
     @_builtins.property
     @pulumi.getter(name="dbInstanceType")
@@ -134,42 +115,6 @@ def db_instance_type(self) -> pulumi.Input[_builtins.str]:
     def db_instance_type(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "db_instance_type", value)
 
-    @_builtins.property
-    @pulumi.getter
-    def organization(self) -> pulumi.Input[_builtins.str]:
-        """
-        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        """
-        return pulumi.get(self, "organization")
-
-    @organization.setter
-    def organization(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "organization", value)
-
-    @_builtins.property
-    @pulumi.getter
-    def password(self) -> pulumi.Input[_builtins.str]:
-        """
-        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        """
-        return pulumi.get(self, "password")
-
-    @password.setter
-    def password(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "password", value)
-
-    @_builtins.property
-    @pulumi.getter
-    def username(self) -> pulumi.Input[_builtins.str]:
-        """
-        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        """
-        return pulumi.get(self, "username")
-
-    @username.setter
-    def username(self, value: pulumi.Input[_builtins.str]):
-        pulumi.set(self, "username", value)
-
     @_builtins.property
     @pulumi.getter(name="vpcSecurityGroupIds")
     def vpc_security_group_ids(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
@@ -196,6 +141,30 @@ def vpc_subnet_ids(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
     def vpc_subnet_ids(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
         pulumi.set(self, "vpc_subnet_ids", value)
 
+    @_builtins.property
+    @pulumi.getter(name="allocatedStorage")
+    def allocated_storage(self) -> Optional[pulumi.Input[_builtins.int]]:
+        """
+        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        """
+        return pulumi.get(self, "allocated_storage")
+
+    @allocated_storage.setter
+    def allocated_storage(self, value: Optional[pulumi.Input[_builtins.int]]):
+        pulumi.set(self, "allocated_storage", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def bucket(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        """
+        return pulumi.get(self, "bucket")
+
+    @bucket.setter
+    def bucket(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "bucket", value)
+
     @_builtins.property
     @pulumi.getter(name="dbParameterGroupIdentifier")
     def db_parameter_group_identifier(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -224,7 +193,7 @@ def db_storage_type(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="deploymentType")
     def deployment_type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "deployment_type")
 
@@ -280,6 +249,30 @@ def network_type(self) -> Optional[pulumi.Input[_builtins.str]]:
     def network_type(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "network_type", value)
 
+    @_builtins.property
+    @pulumi.getter
+    def organization(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        """
+        return pulumi.get(self, "organization")
+
+    @organization.setter
+    def organization(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "organization", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def password(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
+        """
+        return pulumi.get(self, "password")
+
+    @password.setter
+    def password(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "password", value)
+
     @_builtins.property
     @pulumi.getter
     def port(self) -> Optional[pulumi.Input[_builtins.int]]:
@@ -337,6 +330,18 @@ def timeouts(self) -> Optional[pulumi.Input['DbClusterTimeoutsArgs']]:
     def timeouts(self, value: Optional[pulumi.Input['DbClusterTimeoutsArgs']]):
         pulumi.set(self, "timeouts", value)
 
+    @_builtins.property
+    @pulumi.getter
+    def username(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        """
+        return pulumi.get(self, "username")
+
+    @username.setter
+    def username(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "username", value)
+
 
 @pulumi.input_type
 class _DbClusterState:
@@ -349,6 +354,7 @@ def __init__(__self__, *,
                  db_storage_type: Optional[pulumi.Input[_builtins.str]] = None,
                  deployment_type: Optional[pulumi.Input[_builtins.str]] = None,
                  endpoint: Optional[pulumi.Input[_builtins.str]] = None,
+                 engine_type: Optional[pulumi.Input[_builtins.str]] = None,
                  failover_mode: Optional[pulumi.Input[_builtins.str]] = None,
                  influx_auth_parameters_secret_arn: Optional[pulumi.Input[_builtins.str]] = None,
                  log_delivery_configuration: Optional[pulumi.Input['DbClusterLogDeliveryConfigurationArgs']] = None,
@@ -368,28 +374,29 @@ def __init__(__self__, *,
                  vpc_subnet_ids: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None):
         """
         Input properties used for looking up and filtering DbCluster resources.
-        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] arn: ARN of the Timestream for InfluxDB cluster.
-        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] db_instance_type: Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
         :param pulumi.Input[_builtins.str] db_parameter_group_identifier: ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `db_parameter_group_identifier`, removing `db_parameter_group_identifier` will cause the cluster to be destroyed and recreated.
         :param pulumi.Input[_builtins.str] db_storage_type: Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use `"InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocated_storage` is 400.
-        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] endpoint: Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.
+        :param pulumi.Input[_builtins.str] engine_type: Database engine type of the DB cluster.
         :param pulumi.Input[_builtins.str] failover_mode: Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
-        :param pulumi.Input[_builtins.str] influx_auth_parameters_secret_arn: ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+        :param pulumi.Input[_builtins.str] influx_auth_parameters_secret_arn: ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
         :param pulumi.Input['DbClusterLogDeliveryConfigurationArgs'] log_delivery_configuration: Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable.
         :param pulumi.Input[_builtins.str] name: Name that uniquely identifies the DB cluster when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. Cluster names must be unique per customer and per region. The argument must start with a letter, cannot contain consecutive hyphens (`-`) and cannot end with a hyphen.
         :param pulumi.Input[_builtins.str] network_type: Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols.
-        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         :param pulumi.Input[_builtins.int] port: The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
         :param pulumi.Input[_builtins.bool] publicly_accessible: Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access.
         :param pulumi.Input[_builtins.str] reader_endpoint: The endpoint used to connect to the Timestream for InfluxDB cluster for read-only operations.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
-        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_security_group_ids: List of VPC security group IDs to associate with the cluster.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_subnet_ids: List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.
                
@@ -411,6 +418,8 @@ def __init__(__self__, *,
             pulumi.set(__self__, "deployment_type", deployment_type)
         if endpoint is not None:
             pulumi.set(__self__, "endpoint", endpoint)
+        if engine_type is not None:
+            pulumi.set(__self__, "engine_type", engine_type)
         if failover_mode is not None:
             pulumi.set(__self__, "failover_mode", failover_mode)
         if influx_auth_parameters_secret_arn is not None:
@@ -450,7 +459,7 @@ def __init__(__self__, *,
     @pulumi.getter(name="allocatedStorage")
     def allocated_storage(self) -> Optional[pulumi.Input[_builtins.int]]:
         """
-        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "allocated_storage")
 
@@ -474,7 +483,7 @@ def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter
     def bucket(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "bucket")
 
@@ -522,7 +531,7 @@ def db_storage_type(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="deploymentType")
     def deployment_type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "deployment_type")
 
@@ -542,6 +551,18 @@ def endpoint(self) -> Optional[pulumi.Input[_builtins.str]]:
     def endpoint(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "endpoint", value)
 
+    @_builtins.property
+    @pulumi.getter(name="engineType")
+    def engine_type(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Database engine type of the DB cluster.
+        """
+        return pulumi.get(self, "engine_type")
+
+    @engine_type.setter
+    def engine_type(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "engine_type", value)
+
     @_builtins.property
     @pulumi.getter(name="failoverMode")
     def failover_mode(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -558,7 +579,7 @@ def failover_mode(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter(name="influxAuthParametersSecretArn")
     def influx_auth_parameters_secret_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+        ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
         """
         return pulumi.get(self, "influx_auth_parameters_secret_arn")
 
@@ -606,7 +627,7 @@ def network_type(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter
     def organization(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "organization")
 
@@ -618,7 +639,7 @@ def organization(self, value: Optional[pulumi.Input[_builtins.str]]):
     @pulumi.getter
     def password(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         """
         return pulumi.get(self, "password")
 
@@ -711,7 +732,7 @@ def timeouts(self, value: Optional[pulumi.Input['DbClusterTimeoutsArgs']]):
     @pulumi.getter
     def username(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
-        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "username")
 
@@ -879,6 +900,51 @@ def __init__(__self__,
             })
         ```
 
+        ### Usage with InfluxDB V3
+
+        For InfluxDB V3 clusters, you can create a cluster without providing `allocated_storage`, `bucket`, `organization`, `username`, `password`, or `deployment_type` by specifying a `db_parameter_group_identifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster:
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.timestreaminfluxdb.DbCluster("example",
+            name="example-v3-cluster",
+            db_instance_type="db.influx.large",
+            db_parameter_group_identifier="InfluxDBV3Core",
+            vpc_subnet_ids=[
+                example1["id"],
+                example2["id"],
+            ],
+            vpc_security_group_ids=[example_aws_security_group["id"]])
+        ```
+
+        ## Cluster Type Requirements
+
+        ### InfluxDB V2 Clusters (default)
+
+        The following arguments are **required** for InfluxDB V2 clusters:
+
+        * `allocated_storage`
+        * `bucket`
+        * `deployment_type`
+        * `organization`
+        * `password`
+        * `username`
+
+        The `deployment_type` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified.
+
+        ### InfluxDB V3 Clusters (when using V3 parameter groups)
+
+        The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group):
+
+        * `allocated_storage`
+        * `bucket`
+        * `deployment_type`
+        * `organization`
+        * `password`
+        * `username`
+
         ## Import
 
         Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example:
@@ -889,23 +955,23 @@ def __init__(__self__,
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
-        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] db_instance_type: Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
         :param pulumi.Input[_builtins.str] db_parameter_group_identifier: ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `db_parameter_group_identifier`, removing `db_parameter_group_identifier` will cause the cluster to be destroyed and recreated.
         :param pulumi.Input[_builtins.str] db_storage_type: Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use `"InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocated_storage` is 400.
-        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] failover_mode: Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
         :param pulumi.Input[Union['DbClusterLogDeliveryConfigurationArgs', 'DbClusterLogDeliveryConfigurationArgsDict']] log_delivery_configuration: Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable.
         :param pulumi.Input[_builtins.str] name: Name that uniquely identifies the DB cluster when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. Cluster names must be unique per customer and per region. The argument must start with a letter, cannot contain consecutive hyphens (`-`) and cannot end with a hyphen.
         :param pulumi.Input[_builtins.str] network_type: Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols.
-        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         :param pulumi.Input[_builtins.int] port: The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
         :param pulumi.Input[_builtins.bool] publicly_accessible: Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
-        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_security_group_ids: List of VPC security group IDs to associate with the cluster.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_subnet_ids: List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.
                
@@ -1023,6 +1089,51 @@ def __init__(__self__,
             })
         ```
 
+        ### Usage with InfluxDB V3
+
+        For InfluxDB V3 clusters, you can create a cluster without providing `allocated_storage`, `bucket`, `organization`, `username`, `password`, or `deployment_type` by specifying a `db_parameter_group_identifier` such as `"InfluxDBV3Core"`. The following example shows how to create an InfluxDB V3 cluster:
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.timestreaminfluxdb.DbCluster("example",
+            name="example-v3-cluster",
+            db_instance_type="db.influx.large",
+            db_parameter_group_identifier="InfluxDBV3Core",
+            vpc_subnet_ids=[
+                example1["id"],
+                example2["id"],
+            ],
+            vpc_security_group_ids=[example_aws_security_group["id"]])
+        ```
+
+        ## Cluster Type Requirements
+
+        ### InfluxDB V2 Clusters (default)
+
+        The following arguments are **required** for InfluxDB V2 clusters:
+
+        * `allocated_storage`
+        * `bucket`
+        * `deployment_type`
+        * `organization`
+        * `password`
+        * `username`
+
+        The `deployment_type` argument defaults to `"MULTI_NODE_READ_REPLICAS"` for InfluxDB V2 clusters when not specified.
+
+        ### InfluxDB V3 Clusters (when using V3 parameter groups)
+
+        The following arguments are **forbidden** for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group):
+
+        * `allocated_storage`
+        * `bucket`
+        * `deployment_type`
+        * `organization`
+        * `password`
+        * `username`
+
         ## Import
 
         Using `pulumi import`, import Timestream for InfluxDB cluster using its identifier. For example:
@@ -1075,11 +1186,7 @@ def _internal_init(__self__,
                 raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
             __props__ = DbClusterArgs.__new__(DbClusterArgs)
 
-            if allocated_storage is None and not opts.urn:
-                raise TypeError("Missing required property 'allocated_storage'")
             __props__.__dict__["allocated_storage"] = allocated_storage
-            if bucket is None and not opts.urn:
-                raise TypeError("Missing required property 'bucket'")
             __props__.__dict__["bucket"] = bucket
             if db_instance_type is None and not opts.urn:
                 raise TypeError("Missing required property 'db_instance_type'")
@@ -1091,19 +1198,13 @@ def _internal_init(__self__,
             __props__.__dict__["log_delivery_configuration"] = log_delivery_configuration
             __props__.__dict__["name"] = name
             __props__.__dict__["network_type"] = network_type
-            if organization is None and not opts.urn:
-                raise TypeError("Missing required property 'organization'")
             __props__.__dict__["organization"] = organization
-            if password is None and not opts.urn:
-                raise TypeError("Missing required property 'password'")
             __props__.__dict__["password"] = None if password is None else pulumi.Output.secret(password)
             __props__.__dict__["port"] = port
             __props__.__dict__["publicly_accessible"] = publicly_accessible
             __props__.__dict__["region"] = region
             __props__.__dict__["tags"] = tags
             __props__.__dict__["timeouts"] = timeouts
-            if username is None and not opts.urn:
-                raise TypeError("Missing required property 'username'")
             __props__.__dict__["username"] = username
             if vpc_security_group_ids is None and not opts.urn:
                 raise TypeError("Missing required property 'vpc_security_group_ids'")
@@ -1113,6 +1214,7 @@ def _internal_init(__self__,
             __props__.__dict__["vpc_subnet_ids"] = vpc_subnet_ids
             __props__.__dict__["arn"] = None
             __props__.__dict__["endpoint"] = None
+            __props__.__dict__["engine_type"] = None
             __props__.__dict__["influx_auth_parameters_secret_arn"] = None
             __props__.__dict__["reader_endpoint"] = None
             __props__.__dict__["tags_all"] = None
@@ -1136,6 +1238,7 @@ def get(resource_name: str,
             db_storage_type: Optional[pulumi.Input[_builtins.str]] = None,
             deployment_type: Optional[pulumi.Input[_builtins.str]] = None,
             endpoint: Optional[pulumi.Input[_builtins.str]] = None,
+            engine_type: Optional[pulumi.Input[_builtins.str]] = None,
             failover_mode: Optional[pulumi.Input[_builtins.str]] = None,
             influx_auth_parameters_secret_arn: Optional[pulumi.Input[_builtins.str]] = None,
             log_delivery_configuration: Optional[pulumi.Input[Union['DbClusterLogDeliveryConfigurationArgs', 'DbClusterLogDeliveryConfigurationArgsDict']]] = None,
@@ -1160,28 +1263,29 @@ def get(resource_name: str,
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+        :param pulumi.Input[_builtins.int] allocated_storage: Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] arn: ARN of the Timestream for InfluxDB cluster.
-        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] bucket: Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] db_instance_type: Timestream for InfluxDB DB instance type to run InfluxDB on. Valid options are: `"db.influx.medium"`, `"db.influx.large"`, `"db.influx.xlarge"`, `"db.influx.2xlarge"`, `"db.influx.4xlarge"`, `"db.influx.8xlarge"`, `"db.influx.12xlarge"`, and `"db.influx.16xlarge"`. This argument is updatable.
         :param pulumi.Input[_builtins.str] db_parameter_group_identifier: ID of the DB parameter group assigned to your cluster. This argument is updatable. If added to an existing Timestream for InfluxDB cluster or given a new value, will cause an in-place update to the cluster. However, if a cluster already has a value for `db_parameter_group_identifier`, removing `db_parameter_group_identifier` will cause the cluster to be destroyed and recreated.
         :param pulumi.Input[_builtins.str] db_storage_type: Timestream for InfluxDB DB storage type to read and write InfluxDB data. You can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements: Influx IO Included 3000 IOPS, Influx IO Included 12000 IOPS, Influx IO Included 16000 IOPS. Valid options are: `"InfluxIOIncludedT1"`, `"InfluxIOIncludedT2"`, and `"InfluxIOIncludedT3"`. If you use `"InfluxIOIncludedT2" or "InfluxIOIncludedT3", the minimum value for `allocated_storage` is 400.
-        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        :param pulumi.Input[_builtins.str] deployment_type: Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[_builtins.str] endpoint: Endpoint used to connect to InfluxDB. The default InfluxDB port is 8086.
+        :param pulumi.Input[_builtins.str] engine_type: Database engine type of the DB cluster.
         :param pulumi.Input[_builtins.str] failover_mode: Specifies the behavior of failure recovery when the primary node of the cluster fails. Valid options are: `"AUTOMATIC"` and `"NO_FAILOVER"`.
-        :param pulumi.Input[_builtins.str] influx_auth_parameters_secret_arn: ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+        :param pulumi.Input[_builtins.str] influx_auth_parameters_secret_arn: ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
         :param pulumi.Input[Union['DbClusterLogDeliveryConfigurationArgs', 'DbClusterLogDeliveryConfigurationArgsDict']] log_delivery_configuration: Configuration for sending InfluxDB engine logs to a specified S3 bucket. This argument is updatable.
         :param pulumi.Input[_builtins.str] name: Name that uniquely identifies the DB cluster when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. Cluster names must be unique per customer and per region. The argument must start with a letter, cannot contain consecutive hyphens (`-`) and cannot end with a hyphen.
         :param pulumi.Input[_builtins.str] network_type: Specifies whether the network type of the Timestream for InfluxDB cluster is IPV4, which can communicate over IPv4 protocol only, or DUAL, which can communicate over both IPv4 and IPv6 protocols.
-        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
-        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] organization: Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
+        :param pulumi.Input[_builtins.str] password: Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         :param pulumi.Input[_builtins.int] port: The port on which the cluster accepts connections. Valid values: `1024`-`65535`. Cannot be `2375`-`2376`, `7788`-`7799`, `8090`, or `51678`-`51680`. This argument is updatable.
         :param pulumi.Input[_builtins.bool] publicly_accessible: Configures the DB cluster with a public IP to facilitate access. Other resources, such as a VPC, a subnet, an internet gateway, and a route table with routes, are also required to enabled public access, in addition to this argument. See "Usage with Public Internet Access Enabled" for an example configuration with all required resources for public internet access.
         :param pulumi.Input[_builtins.str] reader_endpoint: The endpoint used to connect to the Timestream for InfluxDB cluster for read-only operations.
         :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Map of tags assigned to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
         :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
-        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        :param pulumi.Input[_builtins.str] username: Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_security_group_ids: List of VPC security group IDs to associate with the cluster.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] vpc_subnet_ids: List of VPC subnet IDs to associate with the cluster. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.
                
@@ -1199,6 +1303,7 @@ def get(resource_name: str,
         __props__.__dict__["db_storage_type"] = db_storage_type
         __props__.__dict__["deployment_type"] = deployment_type
         __props__.__dict__["endpoint"] = endpoint
+        __props__.__dict__["engine_type"] = engine_type
         __props__.__dict__["failover_mode"] = failover_mode
         __props__.__dict__["influx_auth_parameters_secret_arn"] = influx_auth_parameters_secret_arn
         __props__.__dict__["log_delivery_configuration"] = log_delivery_configuration
@@ -1220,9 +1325,9 @@ def get(resource_name: str,
 
     @_builtins.property
     @pulumi.getter(name="allocatedStorage")
-    def allocated_storage(self) -> pulumi.Output[_builtins.int]:
+    def allocated_storage(self) -> pulumi.Output[Optional[_builtins.int]]:
         """
-        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`.
+        Amount of storage in GiB (gibibytes). The minimum value is `20`, the maximum value is `16384`. The argument `db_storage_type` places restrictions on this argument's minimum value. The following is a list of `db_storage_type` values and the corresponding minimum value for `allocated_storage`: `"InfluxIOIncludedT1": `20`, `"InfluxIOIncludedT2" and `"InfluxIOIncludedT3": `400`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "allocated_storage")
 
@@ -1236,9 +1341,9 @@ def arn(self) -> pulumi.Output[_builtins.str]:
 
     @_builtins.property
     @pulumi.getter
-    def bucket(self) -> pulumi.Output[_builtins.str]:
+    def bucket(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "bucket")
 
@@ -1270,7 +1375,7 @@ def db_storage_type(self) -> pulumi.Output[_builtins.str]:
     @pulumi.getter(name="deploymentType")
     def deployment_type(self) -> pulumi.Output[_builtins.str]:
         """
-        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`.
+        Specifies the type of cluster to create. Valid options are: `"MULTI_NODE_READ_REPLICAS"`. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "deployment_type")
 
@@ -1282,6 +1387,14 @@ def endpoint(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "endpoint")
 
+    @_builtins.property
+    @pulumi.getter(name="engineType")
+    def engine_type(self) -> pulumi.Output[_builtins.str]:
+        """
+        Database engine type of the DB cluster.
+        """
+        return pulumi.get(self, "engine_type")
+
     @_builtins.property
     @pulumi.getter(name="failoverMode")
     def failover_mode(self) -> pulumi.Output[_builtins.str]:
@@ -1294,7 +1407,7 @@ def failover_mode(self) -> pulumi.Output[_builtins.str]:
     @pulumi.getter(name="influxAuthParametersSecretArn")
     def influx_auth_parameters_secret_arn(self) -> pulumi.Output[_builtins.str]:
         """
-        ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. The secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password.
+        ARN of the AWS Secrets Manager secret containing the initial InfluxDB authorization parameters. For InfluxDB V2 clusters, the secret value is a JSON formatted key-value pair holding InfluxDB authorization values: organization, bucket, username, and password. For InfluxDB V3 clusters, the secret contains the InfluxDB admin token.
         """
         return pulumi.get(self, "influx_auth_parameters_secret_arn")
 
@@ -1324,17 +1437,17 @@ def network_type(self) -> pulumi.Output[_builtins.str]:
 
     @_builtins.property
     @pulumi.getter
-    def organization(self) -> pulumi.Output[_builtins.str]:
+    def organization(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "organization")
 
     @_builtins.property
     @pulumi.getter
-    def password(self) -> pulumi.Output[_builtins.str]:
+    def password(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group) as the AWS API rejects it.
         """
         return pulumi.get(self, "password")
 
@@ -1393,9 +1506,9 @@ def timeouts(self) -> pulumi.Output[Optional['outputs.DbClusterTimeouts']]:
 
     @_builtins.property
     @pulumi.getter
-    def username(self) -> pulumi.Output[_builtins.str]:
+    def username(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
-        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute.
+        Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is forbidden for InfluxDB V3 clusters (when using an InfluxDB V3 db parameter group).
         """
         return pulumi.get(self, "username")
 
diff --git a/sdk/python/pulumi_aws/vpclattice/__init__.py b/sdk/python/pulumi_aws/vpclattice/__init__.py
index f5861c2fa57..979162bd6ac 100644
--- a/sdk/python/pulumi_aws/vpclattice/__init__.py
+++ b/sdk/python/pulumi_aws/vpclattice/__init__.py
@@ -8,6 +8,7 @@
 # Export this package's modules as members:
 from .access_log_subscription import *
 from .auth_policy import *
+from .domain_verification import *
 from .get_auth_policy import *
 from .get_listener import *
 from .get_resource_policy import *
diff --git a/sdk/python/pulumi_aws/vpclattice/domain_verification.py b/sdk/python/pulumi_aws/vpclattice/domain_verification.py
new file mode 100644
index 00000000000..da8786956f3
--- /dev/null
+++ b/sdk/python/pulumi_aws/vpclattice/domain_verification.py
@@ -0,0 +1,540 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import builtins as _builtins
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from .. import _utilities
+
+__all__ = ['DomainVerificationArgs', 'DomainVerification']
+
+@pulumi.input_type
+class DomainVerificationArgs:
+    def __init__(__self__, *,
+                 domain_name: pulumi.Input[_builtins.str],
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None):
+        """
+        The set of arguments for constructing a DomainVerification resource.
+        :param pulumi.Input[_builtins.str] domain_name: The domain name to verify ownership for.
+               
+               The following arguments are optional:
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        """
+        pulumi.set(__self__, "domain_name", domain_name)
+        if region is not None:
+            pulumi.set(__self__, "region", region)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+
+    @_builtins.property
+    @pulumi.getter(name="domainName")
+    def domain_name(self) -> pulumi.Input[_builtins.str]:
+        """
+        The domain name to verify ownership for.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "domain_name")
+
+    @domain_name.setter
+    def domain_name(self, value: pulumi.Input[_builtins.str]):
+        pulumi.set(self, "domain_name", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
+    @region.setter
+    def region(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "region", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        """
+        return pulumi.get(self, "tags")
+
+    @tags.setter
+    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags", value)
+
+
+@pulumi.input_type
+class _DomainVerificationState:
+    def __init__(__self__, *,
+                 arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 created_at: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 last_verified_time: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 status: Optional[pulumi.Input[_builtins.str]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 txt_record_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 txt_record_value: Optional[pulumi.Input[_builtins.str]] = None):
+        """
+        Input properties used for looking up and filtering DomainVerification resources.
+        :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) of the domain verification.
+        :param pulumi.Input[_builtins.str] created_at: The date and time that the domain verification was created, in ISO-8601 format.
+        :param pulumi.Input[_builtins.str] domain_name: The domain name to verify ownership for.
+               
+               The following arguments are optional:
+        :param pulumi.Input[_builtins.str] last_verified_time: The date and time that the domain was last successfully verified, in ISO-8601 format.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] status: The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
+        :param pulumi.Input[_builtins.str] txt_record_name: The name of the TXT record that must be created for domain verification.
+        :param pulumi.Input[_builtins.str] txt_record_value: The value that must be added to the TXT record for domain verification.
+        """
+        if arn is not None:
+            pulumi.set(__self__, "arn", arn)
+        if created_at is not None:
+            pulumi.set(__self__, "created_at", created_at)
+        if domain_name is not None:
+            pulumi.set(__self__, "domain_name", domain_name)
+        if last_verified_time is not None:
+            pulumi.set(__self__, "last_verified_time", last_verified_time)
+        if region is not None:
+            pulumi.set(__self__, "region", region)
+        if status is not None:
+            pulumi.set(__self__, "status", status)
+        if tags is not None:
+            pulumi.set(__self__, "tags", tags)
+        if tags_all is not None:
+            pulumi.set(__self__, "tags_all", tags_all)
+        if txt_record_name is not None:
+            pulumi.set(__self__, "txt_record_name", txt_record_name)
+        if txt_record_value is not None:
+            pulumi.set(__self__, "txt_record_value", txt_record_value)
+
+    @_builtins.property
+    @pulumi.getter
+    def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The Amazon Resource Name (ARN) of the domain verification.
+        """
+        return pulumi.get(self, "arn")
+
+    @arn.setter
+    def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "arn", value)
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date and time that the domain verification was created, in ISO-8601 format.
+        """
+        return pulumi.get(self, "created_at")
+
+    @created_at.setter
+    def created_at(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "created_at", value)
+
+    @_builtins.property
+    @pulumi.getter(name="domainName")
+    def domain_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The domain name to verify ownership for.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "domain_name")
+
+    @domain_name.setter
+    def domain_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "domain_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="lastVerifiedTime")
+    def last_verified_time(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The date and time that the domain was last successfully verified, in ISO-8601 format.
+        """
+        return pulumi.get(self, "last_verified_time")
+
+    @last_verified_time.setter
+    def last_verified_time(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "last_verified_time", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
+    @region.setter
+    def region(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "region", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def status(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+        """
+        return pulumi.get(self, "status")
+
+    @status.setter
+    def status(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "status", value)
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        """
+        return pulumi.get(self, "tags")
+
+    @tags.setter
+    def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags", value)
+
+    @_builtins.property
+    @pulumi.getter(name="tagsAll")
+    def tags_all(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
+        """
+        Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
+        """
+        return pulumi.get(self, "tags_all")
+
+    @tags_all.setter
+    def tags_all(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
+        pulumi.set(self, "tags_all", value)
+
+    @_builtins.property
+    @pulumi.getter(name="txtRecordName")
+    def txt_record_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The name of the TXT record that must be created for domain verification.
+        """
+        return pulumi.get(self, "txt_record_name")
+
+    @txt_record_name.setter
+    def txt_record_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "txt_record_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="txtRecordValue")
+    def txt_record_value(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The value that must be added to the TXT record for domain verification.
+        """
+        return pulumi.get(self, "txt_record_value")
+
+    @txt_record_value.setter
+    def txt_record_value(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "txt_record_value", value)
+
+
+@pulumi.type_token("aws:vpclattice/domainVerification:DomainVerification")
+class DomainVerification(pulumi.CustomResource):
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 __props__=None):
+        """
+        Resource for managing an AWS VPC Lattice Domain Verification.
+
+        Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources.
+
+        ## Example Usage
+
+        ### Basic Usage
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example", domain_name="example.com")
+        # Create DNS TXT record for domain verification
+        example_record = aws.route53.Record("example",
+            zone_id=example_aws_route53_zone["zoneId"],
+            name=example.txt_record_name,
+            type=aws.route53.RecordType.TXT,
+            ttl=300,
+            records=[example.txt_record_value])
+        ```
+
+        ### With Tags
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example",
+            domain_name="example.com",
+            tags={
+                "Environment": "production",
+                "Purpose": "domain-verification",
+            })
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example:
+
+        ```sh
+        $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] domain_name: The domain name to verify ownership for.
+               
+               The following arguments are optional:
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        """
+        ...
+    @overload
+    def __init__(__self__,
+                 resource_name: str,
+                 args: DomainVerificationArgs,
+                 opts: Optional[pulumi.ResourceOptions] = None):
+        """
+        Resource for managing an AWS VPC Lattice Domain Verification.
+
+        Starts the domain verification process for a custom domain name. Use this resource to verify ownership of a domain before associating it with VPC Lattice resources.
+
+        ## Example Usage
+
+        ### Basic Usage
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example", domain_name="example.com")
+        # Create DNS TXT record for domain verification
+        example_record = aws.route53.Record("example",
+            zone_id=example_aws_route53_zone["zoneId"],
+            name=example.txt_record_name,
+            type=aws.route53.RecordType.TXT,
+            ttl=300,
+            records=[example.txt_record_value])
+        ```
+
+        ### With Tags
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example",
+            domain_name="example.com",
+            tags={
+                "Environment": "production",
+                "Purpose": "domain-verification",
+            })
+        ```
+
+        ## Import
+
+        Using `pulumi import`, import VPC Lattice Domain Verification using the `id`. For example:
+
+        ```sh
+        $ pulumi import aws:vpclattice/domainVerification:DomainVerification example dv-0a1b2c3d4e5f
+        ```
+
+        :param str resource_name: The name of the resource.
+        :param DomainVerificationArgs args: The arguments to use to populate this resource's properties.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        """
+        ...
+    def __init__(__self__, resource_name: str, *args, **kwargs):
+        resource_args, opts = _utilities.get_resource_args_opts(DomainVerificationArgs, pulumi.ResourceOptions, *args, **kwargs)
+        if resource_args is not None:
+            __self__._internal_init(resource_name, opts, **resource_args.__dict__)
+        else:
+            __self__._internal_init(resource_name, *args, **kwargs)
+
+    def _internal_init(__self__,
+                 resource_name: str,
+                 opts: Optional[pulumi.ResourceOptions] = None,
+                 domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 region: Optional[pulumi.Input[_builtins.str]] = None,
+                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+                 __props__=None):
+        opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
+        if not isinstance(opts, pulumi.ResourceOptions):
+            raise TypeError('Expected resource options to be a ResourceOptions instance')
+        if opts.id is None:
+            if __props__ is not None:
+                raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
+            __props__ = DomainVerificationArgs.__new__(DomainVerificationArgs)
+
+            if domain_name is None and not opts.urn:
+                raise TypeError("Missing required property 'domain_name'")
+            __props__.__dict__["domain_name"] = domain_name
+            __props__.__dict__["region"] = region
+            __props__.__dict__["tags"] = tags
+            __props__.__dict__["arn"] = None
+            __props__.__dict__["created_at"] = None
+            __props__.__dict__["last_verified_time"] = None
+            __props__.__dict__["status"] = None
+            __props__.__dict__["tags_all"] = None
+            __props__.__dict__["txt_record_name"] = None
+            __props__.__dict__["txt_record_value"] = None
+        super(DomainVerification, __self__).__init__(
+            'aws:vpclattice/domainVerification:DomainVerification',
+            resource_name,
+            __props__,
+            opts)
+
+    @staticmethod
+    def get(resource_name: str,
+            id: pulumi.Input[str],
+            opts: Optional[pulumi.ResourceOptions] = None,
+            arn: Optional[pulumi.Input[_builtins.str]] = None,
+            created_at: Optional[pulumi.Input[_builtins.str]] = None,
+            domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+            last_verified_time: Optional[pulumi.Input[_builtins.str]] = None,
+            region: Optional[pulumi.Input[_builtins.str]] = None,
+            status: Optional[pulumi.Input[_builtins.str]] = None,
+            tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+            tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
+            txt_record_name: Optional[pulumi.Input[_builtins.str]] = None,
+            txt_record_value: Optional[pulumi.Input[_builtins.str]] = None) -> 'DomainVerification':
+        """
+        Get an existing DomainVerification resource's state with the given name, id, and optional extra
+        properties used to qualify the lookup.
+
+        :param str resource_name: The unique name of the resulting resource.
+        :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
+        :param pulumi.ResourceOptions opts: Options for the resource.
+        :param pulumi.Input[_builtins.str] arn: The Amazon Resource Name (ARN) of the domain verification.
+        :param pulumi.Input[_builtins.str] created_at: The date and time that the domain verification was created, in ISO-8601 format.
+        :param pulumi.Input[_builtins.str] domain_name: The domain name to verify ownership for.
+               
+               The following arguments are optional:
+        :param pulumi.Input[_builtins.str] last_verified_time: The date and time that the domain was last successfully verified, in ISO-8601 format.
+        :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        :param pulumi.Input[_builtins.str] status: The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
+        :param pulumi.Input[_builtins.str] txt_record_name: The name of the TXT record that must be created for domain verification.
+        :param pulumi.Input[_builtins.str] txt_record_value: The value that must be added to the TXT record for domain verification.
+        """
+        opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
+
+        __props__ = _DomainVerificationState.__new__(_DomainVerificationState)
+
+        __props__.__dict__["arn"] = arn
+        __props__.__dict__["created_at"] = created_at
+        __props__.__dict__["domain_name"] = domain_name
+        __props__.__dict__["last_verified_time"] = last_verified_time
+        __props__.__dict__["region"] = region
+        __props__.__dict__["status"] = status
+        __props__.__dict__["tags"] = tags
+        __props__.__dict__["tags_all"] = tags_all
+        __props__.__dict__["txt_record_name"] = txt_record_name
+        __props__.__dict__["txt_record_value"] = txt_record_value
+        return DomainVerification(resource_name, opts=opts, __props__=__props__)
+
+    @_builtins.property
+    @pulumi.getter
+    def arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        The Amazon Resource Name (ARN) of the domain verification.
+        """
+        return pulumi.get(self, "arn")
+
+    @_builtins.property
+    @pulumi.getter(name="createdAt")
+    def created_at(self) -> pulumi.Output[_builtins.str]:
+        """
+        The date and time that the domain verification was created, in ISO-8601 format.
+        """
+        return pulumi.get(self, "created_at")
+
+    @_builtins.property
+    @pulumi.getter(name="domainName")
+    def domain_name(self) -> pulumi.Output[_builtins.str]:
+        """
+        The domain name to verify ownership for.
+
+        The following arguments are optional:
+        """
+        return pulumi.get(self, "domain_name")
+
+    @_builtins.property
+    @pulumi.getter(name="lastVerifiedTime")
+    def last_verified_time(self) -> pulumi.Output[_builtins.str]:
+        """
+        The date and time that the domain was last successfully verified, in ISO-8601 format.
+        """
+        return pulumi.get(self, "last_verified_time")
+
+    @_builtins.property
+    @pulumi.getter
+    def region(self) -> pulumi.Output[_builtins.str]:
+        """
+        Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
+        """
+        return pulumi.get(self, "region")
+
+    @_builtins.property
+    @pulumi.getter
+    def status(self) -> pulumi.Output[_builtins.str]:
+        """
+        The current status of the domain verification process. Valid values: `VERIFIED`, `PENDING`, `VERIFICATION_TIMED_OUT`.
+        """
+        return pulumi.get(self, "status")
+
+    @_builtins.property
+    @pulumi.getter
+    def tags(self) -> pulumi.Output[Optional[Mapping[str, _builtins.str]]]:
+        """
+        Key-value mapping of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
+        """
+        return pulumi.get(self, "tags")
+
+    @_builtins.property
+    @pulumi.getter(name="tagsAll")
+    def tags_all(self) -> pulumi.Output[Mapping[str, _builtins.str]]:
+        """
+        Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
+        """
+        return pulumi.get(self, "tags_all")
+
+    @_builtins.property
+    @pulumi.getter(name="txtRecordName")
+    def txt_record_name(self) -> pulumi.Output[_builtins.str]:
+        """
+        The name of the TXT record that must be created for domain verification.
+        """
+        return pulumi.get(self, "txt_record_name")
+
+    @_builtins.property
+    @pulumi.getter(name="txtRecordValue")
+    def txt_record_value(self) -> pulumi.Output[_builtins.str]:
+        """
+        The value that must be added to the TXT record for domain verification.
+        """
+        return pulumi.get(self, "txt_record_value")
+
diff --git a/sdk/python/pulumi_aws/vpclattice/resource_configuration.py b/sdk/python/pulumi_aws/vpclattice/resource_configuration.py
index b21cca0fdaa..1403862c465 100644
--- a/sdk/python/pulumi_aws/vpclattice/resource_configuration.py
+++ b/sdk/python/pulumi_aws/vpclattice/resource_configuration.py
@@ -22,6 +22,8 @@
 class ResourceConfigurationArgs:
     def __init__(__self__, *,
                  allow_association_to_shareable_service_network: Optional[pulumi.Input[_builtins.bool]] = None,
+                 custom_domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_id: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  port_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  protocol: Optional[pulumi.Input[_builtins.str]] = None,
@@ -35,6 +37,8 @@ def __init__(__self__, *,
         """
         The set of arguments for constructing a ResourceConfiguration resource.
         :param pulumi.Input[_builtins.bool] allow_association_to_shareable_service_network: Allow or Deny the association of this resource to a shareable service network.
+        :param pulumi.Input[_builtins.str] custom_domain_name: Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        :param pulumi.Input[_builtins.str] domain_verification_id: The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
         :param pulumi.Input[_builtins.str] name: Name for the Resource Configuration.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] port_ranges: Port ranges to access the Resource either single port `80` or range `80-81` range.
         :param pulumi.Input[_builtins.str] protocol: Protocol for the Resource `TCP` is currently the only supported value.  MUST be specified if `resource_configuration_group_id` is not.
@@ -49,6 +53,10 @@ def __init__(__self__, *,
         """
         if allow_association_to_shareable_service_network is not None:
             pulumi.set(__self__, "allow_association_to_shareable_service_network", allow_association_to_shareable_service_network)
+        if custom_domain_name is not None:
+            pulumi.set(__self__, "custom_domain_name", custom_domain_name)
+        if domain_verification_id is not None:
+            pulumi.set(__self__, "domain_verification_id", domain_verification_id)
         if name is not None:
             pulumi.set(__self__, "name", name)
         if port_ranges is not None:
@@ -82,6 +90,30 @@ def allow_association_to_shareable_service_network(self) -> Optional[pulumi.Inpu
     def allow_association_to_shareable_service_network(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "allow_association_to_shareable_service_network", value)
 
+    @_builtins.property
+    @pulumi.getter(name="customDomainName")
+    def custom_domain_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        """
+        return pulumi.get(self, "custom_domain_name")
+
+    @custom_domain_name.setter
+    def custom_domain_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "custom_domain_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationId")
+    def domain_verification_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+        """
+        return pulumi.get(self, "domain_verification_id")
+
+    @domain_verification_id.setter
+    def domain_verification_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "domain_verification_id", value)
+
     @_builtins.property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -207,6 +239,10 @@ class _ResourceConfigurationState:
     def __init__(__self__, *,
                  allow_association_to_shareable_service_network: Optional[pulumi.Input[_builtins.bool]] = None,
                  arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 custom_domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_arn: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_id: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_status: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  port_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  protocol: Optional[pulumi.Input[_builtins.str]] = None,
@@ -222,6 +258,10 @@ def __init__(__self__, *,
         Input properties used for looking up and filtering ResourceConfiguration resources.
         :param pulumi.Input[_builtins.bool] allow_association_to_shareable_service_network: Allow or Deny the association of this resource to a shareable service network.
         :param pulumi.Input[_builtins.str] arn: ARN of the resource gateway.
+        :param pulumi.Input[_builtins.str] custom_domain_name: Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        :param pulumi.Input[_builtins.str] domain_verification_arn: ARN of the domain verification.
+        :param pulumi.Input[_builtins.str] domain_verification_id: The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+        :param pulumi.Input[_builtins.str] domain_verification_status: Domain verification status.
         :param pulumi.Input[_builtins.str] name: Name for the Resource Configuration.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] port_ranges: Port ranges to access the Resource either single port `80` or range `80-81` range.
         :param pulumi.Input[_builtins.str] protocol: Protocol for the Resource `TCP` is currently the only supported value.  MUST be specified if `resource_configuration_group_id` is not.
@@ -239,6 +279,14 @@ def __init__(__self__, *,
             pulumi.set(__self__, "allow_association_to_shareable_service_network", allow_association_to_shareable_service_network)
         if arn is not None:
             pulumi.set(__self__, "arn", arn)
+        if custom_domain_name is not None:
+            pulumi.set(__self__, "custom_domain_name", custom_domain_name)
+        if domain_verification_arn is not None:
+            pulumi.set(__self__, "domain_verification_arn", domain_verification_arn)
+        if domain_verification_id is not None:
+            pulumi.set(__self__, "domain_verification_id", domain_verification_id)
+        if domain_verification_status is not None:
+            pulumi.set(__self__, "domain_verification_status", domain_verification_status)
         if name is not None:
             pulumi.set(__self__, "name", name)
         if port_ranges is not None:
@@ -286,6 +334,54 @@ def arn(self) -> Optional[pulumi.Input[_builtins.str]]:
     def arn(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "arn", value)
 
+    @_builtins.property
+    @pulumi.getter(name="customDomainName")
+    def custom_domain_name(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        """
+        return pulumi.get(self, "custom_domain_name")
+
+    @custom_domain_name.setter
+    def custom_domain_name(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "custom_domain_name", value)
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationArn")
+    def domain_verification_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        ARN of the domain verification.
+        """
+        return pulumi.get(self, "domain_verification_arn")
+
+    @domain_verification_arn.setter
+    def domain_verification_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "domain_verification_arn", value)
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationId")
+    def domain_verification_id(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+        """
+        return pulumi.get(self, "domain_verification_id")
+
+    @domain_verification_id.setter
+    def domain_verification_id(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "domain_verification_id", value)
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationStatus")
+    def domain_verification_status(self) -> Optional[pulumi.Input[_builtins.str]]:
+        """
+        Domain verification status.
+        """
+        return pulumi.get(self, "domain_verification_status")
+
+    @domain_verification_status.setter
+    def domain_verification_status(self, value: Optional[pulumi.Input[_builtins.str]]):
+        pulumi.set(self, "domain_verification_status", value)
+
     @_builtins.property
     @pulumi.getter
     def name(self) -> Optional[pulumi.Input[_builtins.str]]:
@@ -425,6 +521,8 @@ def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  allow_association_to_shareable_service_network: Optional[pulumi.Input[_builtins.bool]] = None,
+                 custom_domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_id: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  port_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  protocol: Optional[pulumi.Input[_builtins.str]] = None,
@@ -484,6 +582,31 @@ def __init__(__self__,
             })
         ```
 
+        ### With custom domain
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example", domain_name="example.com")
+        example_resource_configuration = aws.vpclattice.ResourceConfiguration("example",
+            name="Example",
+            resource_gateway_identifier=example_aws_vpclattice_resource_gateway["id"],
+            custom_domain_name="custom.example.com",
+            domain_verification_id=example.id,
+            port_ranges=["443"],
+            protocol="TCP",
+            resource_configuration_definition={
+                "dns_resource": {
+                    "domain_name": "test.example.com",
+                    "ip_address_type": "IPV4",
+                },
+            },
+            tags={
+                "Environment": "Example",
+            })
+        ```
+
         ### ARN Example
 
         ```python
@@ -512,6 +635,8 @@ def __init__(__self__,
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.bool] allow_association_to_shareable_service_network: Allow or Deny the association of this resource to a shareable service network.
+        :param pulumi.Input[_builtins.str] custom_domain_name: Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        :param pulumi.Input[_builtins.str] domain_verification_id: The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
         :param pulumi.Input[_builtins.str] name: Name for the Resource Configuration.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] port_ranges: Port ranges to access the Resource either single port `80` or range `80-81` range.
         :param pulumi.Input[_builtins.str] protocol: Protocol for the Resource `TCP` is currently the only supported value.  MUST be specified if `resource_configuration_group_id` is not.
@@ -578,6 +703,31 @@ def __init__(__self__,
             })
         ```
 
+        ### With custom domain
+
+        ```python
+        import pulumi
+        import pulumi_aws as aws
+
+        example = aws.vpclattice.DomainVerification("example", domain_name="example.com")
+        example_resource_configuration = aws.vpclattice.ResourceConfiguration("example",
+            name="Example",
+            resource_gateway_identifier=example_aws_vpclattice_resource_gateway["id"],
+            custom_domain_name="custom.example.com",
+            domain_verification_id=example.id,
+            port_ranges=["443"],
+            protocol="TCP",
+            resource_configuration_definition={
+                "dns_resource": {
+                    "domain_name": "test.example.com",
+                    "ip_address_type": "IPV4",
+                },
+            },
+            tags={
+                "Environment": "Example",
+            })
+        ```
+
         ### ARN Example
 
         ```python
@@ -619,6 +769,8 @@ def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
                  allow_association_to_shareable_service_network: Optional[pulumi.Input[_builtins.bool]] = None,
+                 custom_domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 domain_verification_id: Optional[pulumi.Input[_builtins.str]] = None,
                  name: Optional[pulumi.Input[_builtins.str]] = None,
                  port_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
                  protocol: Optional[pulumi.Input[_builtins.str]] = None,
@@ -639,6 +791,8 @@ def _internal_init(__self__,
             __props__ = ResourceConfigurationArgs.__new__(ResourceConfigurationArgs)
 
             __props__.__dict__["allow_association_to_shareable_service_network"] = allow_association_to_shareable_service_network
+            __props__.__dict__["custom_domain_name"] = custom_domain_name
+            __props__.__dict__["domain_verification_id"] = domain_verification_id
             __props__.__dict__["name"] = name
             __props__.__dict__["port_ranges"] = port_ranges
             __props__.__dict__["protocol"] = protocol
@@ -650,6 +804,8 @@ def _internal_init(__self__,
             __props__.__dict__["timeouts"] = timeouts
             __props__.__dict__["type"] = type
             __props__.__dict__["arn"] = None
+            __props__.__dict__["domain_verification_arn"] = None
+            __props__.__dict__["domain_verification_status"] = None
             __props__.__dict__["tags_all"] = None
         super(ResourceConfiguration, __self__).__init__(
             'aws:vpclattice/resourceConfiguration:ResourceConfiguration',
@@ -663,6 +819,10 @@ def get(resource_name: str,
             opts: Optional[pulumi.ResourceOptions] = None,
             allow_association_to_shareable_service_network: Optional[pulumi.Input[_builtins.bool]] = None,
             arn: Optional[pulumi.Input[_builtins.str]] = None,
+            custom_domain_name: Optional[pulumi.Input[_builtins.str]] = None,
+            domain_verification_arn: Optional[pulumi.Input[_builtins.str]] = None,
+            domain_verification_id: Optional[pulumi.Input[_builtins.str]] = None,
+            domain_verification_status: Optional[pulumi.Input[_builtins.str]] = None,
             name: Optional[pulumi.Input[_builtins.str]] = None,
             port_ranges: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
             protocol: Optional[pulumi.Input[_builtins.str]] = None,
@@ -683,6 +843,10 @@ def get(resource_name: str,
         :param pulumi.ResourceOptions opts: Options for the resource.
         :param pulumi.Input[_builtins.bool] allow_association_to_shareable_service_network: Allow or Deny the association of this resource to a shareable service network.
         :param pulumi.Input[_builtins.str] arn: ARN of the resource gateway.
+        :param pulumi.Input[_builtins.str] custom_domain_name: Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        :param pulumi.Input[_builtins.str] domain_verification_arn: ARN of the domain verification.
+        :param pulumi.Input[_builtins.str] domain_verification_id: The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+        :param pulumi.Input[_builtins.str] domain_verification_status: Domain verification status.
         :param pulumi.Input[_builtins.str] name: Name for the Resource Configuration.
         :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] port_ranges: Port ranges to access the Resource either single port `80` or range `80-81` range.
         :param pulumi.Input[_builtins.str] protocol: Protocol for the Resource `TCP` is currently the only supported value.  MUST be specified if `resource_configuration_group_id` is not.
@@ -702,6 +866,10 @@ def get(resource_name: str,
 
         __props__.__dict__["allow_association_to_shareable_service_network"] = allow_association_to_shareable_service_network
         __props__.__dict__["arn"] = arn
+        __props__.__dict__["custom_domain_name"] = custom_domain_name
+        __props__.__dict__["domain_verification_arn"] = domain_verification_arn
+        __props__.__dict__["domain_verification_id"] = domain_verification_id
+        __props__.__dict__["domain_verification_status"] = domain_verification_status
         __props__.__dict__["name"] = name
         __props__.__dict__["port_ranges"] = port_ranges
         __props__.__dict__["protocol"] = protocol
@@ -731,6 +899,38 @@ def arn(self) -> pulumi.Output[_builtins.str]:
         """
         return pulumi.get(self, "arn")
 
+    @_builtins.property
+    @pulumi.getter(name="customDomainName")
+    def custom_domain_name(self) -> pulumi.Output[Optional[_builtins.str]]:
+        """
+        Custom domain name for your resource configuration. Additionally, provide a `domain_verification_id` to prove your ownership of a domain.
+        """
+        return pulumi.get(self, "custom_domain_name")
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationArn")
+    def domain_verification_arn(self) -> pulumi.Output[_builtins.str]:
+        """
+        ARN of the domain verification.
+        """
+        return pulumi.get(self, "domain_verification_arn")
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationId")
+    def domain_verification_id(self) -> pulumi.Output[_builtins.str]:
+        """
+        The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
+        """
+        return pulumi.get(self, "domain_verification_id")
+
+    @_builtins.property
+    @pulumi.getter(name="domainVerificationStatus")
+    def domain_verification_status(self) -> pulumi.Output[_builtins.str]:
+        """
+        Domain verification status.
+        """
+        return pulumi.get(self, "domain_verification_status")
+
     @_builtins.property
     @pulumi.getter
     def name(self) -> pulumi.Output[_builtins.str]:
diff --git a/upstream b/upstream
index 24f809a620d..4ffb84dcf85 160000
--- a/upstream
+++ b/upstream
@@ -1 +1 @@
-Subproject commit 24f809a620d205a2599d3b0a4e145319c8e067aa
+Subproject commit 4ffb84dcf85055333c1875a998300659d760730c