feat: update L1 CloudFormation resource definitions

[aws-cdk-automation]

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-amazonmq
│ └ resources
│    └[~]  resource AWS::AmazonMQ::Broker
│       └ types
│          └[~] type User
│            └ properties
│               └ JolokiaApiAccess: (documentation changed)
├[~] service aws-apigateway
│ └ resources
│    ├[~]  resource AWS::ApiGateway::DomainName
│    │  ├ properties
│    │  │  └ RoutingMode: (documentation changed)
│    │  └ attributes
│    │     └ DomainNameArn: (documentation changed)
│    └[~]  resource AWS::ApiGateway::DomainNameV2
│       └ properties
│          └ RoutingMode: (documentation changed)
├[~] service aws-apigatewayv2
│ └ resources
│    ├[~]  resource AWS::ApiGatewayV2::DomainName
│    │  └ properties
│    │     └ RoutingMode: (documentation changed)
│    └[~]  resource AWS::ApiGatewayV2::RoutingRule
│       ├      - documentation: Schema for AWS::ApiGatewayV2::RoutingRule
│       │      + documentation: Represents a routing rule. When the incoming request to a domain name matches the conditions for a rule, API Gateway invokes a stage of a target API. Supported only for REST APIs.
│       ├ properties
│       │  ├ Actions: (documentation changed)
│       │  ├ Conditions: (documentation changed)
│       │  ├ DomainNameArn: (documentation changed)
│       │  └ Priority: (documentation changed)
│       ├ attributes
│       │  ├ RoutingRuleArn: (documentation changed)
│       │  └ RoutingRuleId: (documentation changed)
│       └ types
│          ├[~] type Action
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a routing rule action. The only supported action is `invokeApi` .
│          │ └ properties
│          │    └ InvokeApi: (documentation changed)
│          ├[~] type ActionInvokeApi
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents an InvokeApi action.
│          │ └ properties
│          │    ├ ApiId: (documentation changed)
│          │    ├ Stage: (documentation changed)
│          │    └ StripBasePath: (documentation changed)
│          ├[~] type Condition
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a condition. Conditions can contain up to two `matchHeaders` conditions and one `matchBasePaths` conditions. API Gateway evaluates header conditions and base path conditions together. You can only use AND between header and base path conditions.
│          │ └ properties
│          │    ├ MatchBasePaths: (documentation changed)
│          │    └ MatchHeaders: (documentation changed)
│          ├[~] type MatchBasePaths
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a `MatchBasePaths` condition.
│          │ └ properties
│          │    └ AnyOf: (documentation changed)
│          ├[~] type MatchHeaders
│          │ ├      - documentation: undefined
│          │ │      + documentation: Represents a `MatchHeaders` condition.
│          │ └ properties
│          │    └ AnyOf: (documentation changed)
│          └[~] type MatchHeaderValue
│            ├      - documentation: undefined
│            │      + documentation: Represents a `MatchHeaderValue` .
│            └ properties
│               ├ Header: (documentation changed)
│               └ ValueGlob: (documentation changed)
├[~] service aws-autoscaling
│ └ resources
│    ├[~]  resource AWS::AutoScaling::AutoScalingGroup
│    │  ├ properties
│    │  │  └ PlacementGroup: (documentation changed)
│    │  └ types
│    │     ├[~] type InstanceRequirements
│    │     │ └ properties
│    │     │    ├ BaselineEbsBandwidthMbps: (documentation changed)
│    │     │    ├ BurstablePerformance: (documentation changed)
│    │     │    ├ CpuManufacturers: (documentation changed)
│    │     │    ├ InstanceGenerations: (documentation changed)
│    │     │    └ LocalStorage: (documentation changed)
│    │     └[~] type LaunchTemplateOverrides
│    │       └ properties
│    │          └ InstanceType: (documentation changed)
│    └[~]  resource AWS::AutoScaling::LaunchConfiguration
│       ├ properties
│       │  ├ BlockDeviceMappings: (documentation changed)
│       │  ├ EbsOptimized: (documentation changed)
│       │  ├ ImageId: (documentation changed)
│       │  ├ InstanceType: (documentation changed)
│       │  ├ KernelId: (documentation changed)
│       │  ├ KeyName: (documentation changed)
│       │  └ RamDiskId: (documentation changed)
│       └ types
│          └[~] type BlockDeviceMapping
│            └ properties
│               └ DeviceName: (documentation changed)
├[~] service aws-bedrock
│ └ resources
│    ├[~]  resource AWS::Bedrock::Flow
│    │  └ types
│    │     ├[+]  type FieldForReranking
│    │     │  ├      documentation: Field name for reranking
│    │     │  │      name: FieldForReranking
│    │     │  └ properties
│    │     │     └ FieldName: string (required)
│    │     ├[~] type FlowNodeConfiguration
│    │     │ └ properties
│    │     │    ├[+] Loop: LoopFlowNodeConfiguration
│    │     │    ├[+] LoopController: LoopControllerFlowNodeConfiguration
│    │     │    └[+] LoopInput: json
│    │     ├[~] type FlowNodeInput
│    │     │ └ properties
│    │     │    └[+] Category: string
│    │     ├[~] type KnowledgeBaseFlowNodeConfiguration
│    │     │ └ properties
│    │     │    ├[+] InferenceConfiguration: PromptInferenceConfiguration
│    │     │    ├[+] NumberOfResults: number
│    │     │    ├[+] OrchestrationConfiguration: KnowledgeBaseOrchestrationConfiguration
│    │     │    ├[+] PromptTemplate: KnowledgeBasePromptTemplate
│    │     │    └[+] RerankingConfiguration: VectorSearchRerankingConfiguration
│    │     ├[+]  type KnowledgeBaseOrchestrationConfiguration
│    │     │  ├      name: KnowledgeBaseOrchestrationConfiguration
│    │     │  └ properties
│    │     │     ├ PromptTemplate: KnowledgeBasePromptTemplate
│    │     │     ├ InferenceConfig: PromptInferenceConfiguration
│    │     │     ├ AdditionalModelRequestFields: json
│    │     │     └ PerformanceConfig: PerformanceConfiguration
│    │     ├[+]  type KnowledgeBasePromptTemplate
│    │     │  ├      documentation: Knowledge Base Prompt template
│    │     │  │      name: KnowledgeBasePromptTemplate
│    │     │  └ properties
│    │     │     └ TextPromptTemplate: string (required)
│    │     ├[+]  type LoopControllerFlowNodeConfiguration
│    │     │  ├      documentation: Configuration for the LoopController node, which manages loop execution
│    │     │  │      name: LoopControllerFlowNodeConfiguration
│    │     │  └ properties
│    │     │     ├ ContinueCondition: FlowCondition (required)
│    │     │     └ MaxIterations: number (default=10)
│    │     ├[+]  type LoopFlowNodeConfiguration
│    │     │  ├      documentation: Loop node config, contains loop's internal definition
│    │     │  │      name: LoopFlowNodeConfiguration
│    │     │  └ properties
│    │     │     └ Definition: FlowDefinition (required)
│    │     ├[+]  type MetadataConfigurationForReranking
│    │     │  ├      name: MetadataConfigurationForReranking
│    │     │  └ properties
│    │     │     ├ SelectionMode: string (required)
│    │     │     └ SelectiveModeConfiguration: RerankingMetadataSelectiveModeConfiguration
│    │     ├[+]  type PerformanceConfiguration
│    │     │  ├      name: PerformanceConfiguration
│    │     │  └ properties
│    │     │     └ Latency: string
│    │     ├[+]  type RerankingMetadataSelectiveModeConfiguration
│    │     │  ├      name: RerankingMetadataSelectiveModeConfiguration
│    │     │  └ properties
│    │     │     ├ FieldsToInclude: Array<FieldForReranking>
│    │     │     └ FieldsToExclude: Array<FieldForReranking>
│    │     ├[+]  type VectorSearchBedrockRerankingConfiguration
│    │     │  ├      name: VectorSearchBedrockRerankingConfiguration
│    │     │  └ properties
│    │     │     ├ ModelConfiguration: VectorSearchBedrockRerankingModelConfiguration (required)
│    │     │     ├ NumberOfRerankedResults: number
│    │     │     └ MetadataConfiguration: MetadataConfigurationForReranking
│    │     ├[+]  type VectorSearchBedrockRerankingModelConfiguration
│    │     │  ├      name: VectorSearchBedrockRerankingModelConfiguration
│    │     │  └ properties
│    │     │     ├ ModelArn: string (required)
│    │     │     └ AdditionalModelRequestFields: json
│    │     └[+]  type VectorSearchRerankingConfiguration
│    │        ├      name: VectorSearchRerankingConfiguration
│    │        └ properties
│    │           ├ Type: string (required)
│    │           └ BedrockRerankingConfiguration: VectorSearchBedrockRerankingConfiguration
│    └[~]  resource AWS::Bedrock::FlowVersion
│       └ types
│          ├[+]  type FieldForReranking
│          │  ├      documentation: Field name for reranking
│          │  │      name: FieldForReranking
│          │  └ properties
│          │     └ FieldName: string (required)
│          ├[~] type FlowNodeConfiguration
│          │ └ properties
│          │    ├[+] Loop: LoopFlowNodeConfiguration
│          │    ├[+] LoopController: LoopControllerFlowNodeConfiguration
│          │    └[+] LoopInput: json
│          ├[~] type KnowledgeBaseFlowNodeConfiguration
│          │ └ properties
│          │    ├[+] InferenceConfiguration: PromptInferenceConfiguration
│          │    ├[+] NumberOfResults: number
│          │    ├[+] OrchestrationConfiguration: KnowledgeBaseOrchestrationConfiguration
│          │    ├[+] PromptTemplate: KnowledgeBasePromptTemplate
│          │    └[+] RerankingConfiguration: VectorSearchRerankingConfiguration
│          ├[+]  type KnowledgeBaseOrchestrationConfiguration
│          │  ├      name: KnowledgeBaseOrchestrationConfiguration
│          │  └ properties
│          │     ├ PromptTemplate: KnowledgeBasePromptTemplate
│          │     ├ InferenceConfig: PromptInferenceConfiguration
│          │     ├ AdditionalModelRequestFields: json
│          │     └ PerformanceConfig: PerformanceConfiguration
│          ├[+]  type KnowledgeBasePromptTemplate
│          │  ├      documentation: Knowledge Base Prompt template
│          │  │      name: KnowledgeBasePromptTemplate
│          │  └ properties
│          │     └ TextPromptTemplate: string (required)
│          ├[+]  type LoopControllerFlowNodeConfiguration
│          │  ├      documentation: Configuration for the LoopController node, which manages loop execution
│          │  │      name: LoopControllerFlowNodeConfiguration
│          │  └ properties
│          │     ├ ContinueCondition: FlowCondition (required)
│          │     └ MaxIterations: number (default=10)
│          ├[+]  type LoopFlowNodeConfiguration
│          │  ├      documentation: Loop node config, contains loop's internal definition
│          │  │      name: LoopFlowNodeConfiguration
│          │  └ properties
│          │     └ Definition: FlowDefinition (required)
│          ├[+]  type MetadataConfigurationForReranking
│          │  ├      name: MetadataConfigurationForReranking
│          │  └ properties
│          │     ├ SelectionMode: string (required)
│          │     └ SelectiveModeConfiguration: RerankingMetadataSelectiveModeConfiguration
│          ├[+]  type PerformanceConfiguration
│          │  ├      name: PerformanceConfiguration
│          │  └ properties
│          │     └ Latency: string
│          ├[+]  type RerankingMetadataSelectiveModeConfiguration
│          │  ├      name: RerankingMetadataSelectiveModeConfiguration
│          │  └ properties
│          │     ├ FieldsToInclude: Array<FieldForReranking>
│          │     └ FieldsToExclude: Array<FieldForReranking>
│          ├[+]  type VectorSearchBedrockRerankingConfiguration
│          │  ├      name: VectorSearchBedrockRerankingConfiguration
│          │  └ properties
│          │     ├ ModelConfiguration: VectorSearchBedrockRerankingModelConfiguration (required)
│          │     ├ NumberOfRerankedResults: number
│          │     └ MetadataConfiguration: MetadataConfigurationForReranking
│          ├[+]  type VectorSearchBedrockRerankingModelConfiguration
│          │  ├      name: VectorSearchBedrockRerankingModelConfiguration
│          │  └ properties
│          │     ├ ModelArn: string (required)
│          │     └ AdditionalModelRequestFields: json
│          └[+]  type VectorSearchRerankingConfiguration
│             ├      name: VectorSearchRerankingConfiguration
│             └ properties
│                ├ Type: string (required)
│                └ BedrockRerankingConfiguration: VectorSearchBedrockRerankingConfiguration
├[~] service aws-cloudtrail
│ └ resources
│    └[~]  resource AWS::CloudTrail::EventDataStore
│       ├ properties
│       │  ├[+] ContextKeySelectors: Array<ContextKeySelector>
│       │  └[+] MaxEventSize: string
│       └ types
│          └[+]  type ContextKeySelector
│             ├      documentation: An object that contains information types to be included in CloudTrail enriched events.
│             │      name: ContextKeySelector
│             └ properties
│                ├ Type: string (required)
│                └ Equals: Array<string> (required)
├[~] service aws-cloudwatch
│ └ resources
│    └[~]  resource AWS::CloudWatch::InsightRule
│       └ properties
│          └ ApplyOnTransformedLogs: (documentation changed)
├[~] service aws-datasync
│ └ resources
│    ├[~]  resource AWS::DataSync::LocationAzureBlob
│    │  ├      - documentation: Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination.
│    │  │      Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) . You also need a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that can connect to your container.
│    │  │      + documentation: Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination. You can make transfers with or without a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that connects to your container.
│    │  │      Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) .
│    │  ├ properties
│    │  │  ├ AgentArns: (documentation changed)
│    │  │  ├ AzureBlobSasConfiguration: (documentation changed)
│    │  │  ├ CmkSecretConfig: (documentation changed)
│    │  │  └ CustomSecretConfig: (documentation changed)
│    │  ├ attributes
│    │  │  └ CmkSecretConfig.SecretArn: (documentation changed)
│    │  └ types
│    │     ├[~] type CmkSecretConfig
│    │     │ ├      - documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
│    │     │ │      + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
│    │     │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│    │     │ └ properties
│    │     │    ├ KmsKeyArn: (documentation changed)
│    │     │    └ SecretArn: (documentation changed)
│    │     ├[~] type CustomSecretConfig
│    │     │ ├      - documentation: Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
│    │     │ │      + documentation: Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
│    │     │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│    │     │ └ properties
│    │     │    ├ SecretAccessRoleArn: (documentation changed)
│    │     │    └ SecretArn: (documentation changed)
│    │     └[~] type ManagedSecretConfig
│    │       └      - documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager.
│    │              + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS -managed KMS key to encrypt this secret in AWS Secrets Manager .
│    ├[~]  resource AWS::DataSync::LocationObjectStorage
│    │  ├ properties
│    │  │  ├ AgentArns: (documentation changed)
│    │  │  ├ CmkSecretConfig: (documentation changed)
│    │  │  ├ CustomSecretConfig: (documentation changed)
│    │  │  ├ SecretKey: (documentation changed)
│    │  │  └ ServerProtocol: (documentation changed)
│    │  ├ attributes
│    │  │  └ CmkSecretConfig.SecretArn: (documentation changed)
│    │  └ types
│    │     ├[~] type CmkSecretConfig
│    │     │ ├      - documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
│    │     │ │      + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
│    │     │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│    │     │ └ properties
│    │     │    ├ KmsKeyArn: (documentation changed)
│    │     │    └ SecretArn: (documentation changed)
│    │     ├[~] type CustomSecretConfig
│    │     │ ├      - documentation: Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
│    │     │ │      + documentation: Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
│    │     │ │      > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
│    │     │ └ properties
│    │     │    ├ SecretAccessRoleArn: (documentation changed)
│    │     │    └ SecretArn: (documentation changed)
│    │     └[~] type ManagedSecretConfig
│    │       └      - documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager.
│    │              + documentation: Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS -managed KMS key to encrypt this secret in AWS Secrets Manager .
│    ├[~]  resource AWS::DataSync::LocationSMB
│    │  └ properties
│    │     ├ AuthenticationType: (documentation changed)
│    │     ├ DnsIpAddresses: (documentation changed)
│    │     ├ KerberosKeytab: (documentation changed)
│    │     ├ KerberosKrb5Conf: (documentation changed)
│    │     └ KerberosPrincipal: (documentation changed)
│    └[~]  resource AWS::DataSync::Task
│       ├ properties
│       │  ├ TaskMode: (documentation changed)
│       │  └ TaskReportConfig: (documentation changed)
│       └ types
│          ├[~] type Deleted
│          │ ├      - documentation: The reporting level for the deleted section of your DataSync task report.
│          │ │      + documentation: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source.
│          │ └ properties
│          │    └ ReportLevel: (documentation changed)
│          ├[~] type Destination
│          │ └      - documentation: Specifies where DataSync uploads your [task report](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
│          │        + documentation: Specifies where DataSync uploads your task report.
│          ├[~] type ManifestConfigSourceS3
│          │ ├      - documentation: Specifies the S3 bucket where you're hosting the manifest that you want AWS DataSync to use. For more information and configuration examples, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .
│          │ │      + documentation: Specifies the S3 bucket where you're hosting the manifest that you want AWS DataSync to use.
│          │ └ properties
│          │    ├ BucketAccessRoleArn: (documentation changed)
│          │    ├ ManifestObjectPath: (documentation changed)
│          │    └ ManifestObjectVersionId: (documentation changed)
│          ├[~] type Overrides
│          │ ├      - documentation: Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.
│          │ │      + documentation: Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that Datasync attempted to delete in your destination location.
│          │ └ properties
│          │    ├ Deleted: (documentation changed)
│          │    ├ Skipped: (documentation changed)
│          │    ├ Transferred: (documentation changed)
│          │    └ Verified: (documentation changed)
│          ├[~] type Skipped
│          │ ├      - documentation: The reporting level for the skipped section of your DataSync task report.
│          │ │      + documentation: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to skip during your transfer.
│          │ └ properties
│          │    └ ReportLevel: (documentation changed)
│          ├[~] type Source
│          │ ├      - documentation: Specifies the manifest that you want AWS DataSync to use and where it's hosted. For more information and configuration examples, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .
│          │ │      + documentation: Specifies the manifest that you want DataSync to use and where it's hosted.
│          │ └ properties
│          │    └ S3: (documentation changed)
│          ├[~] type TaskReportConfigDestinationS3
│          │ ├      - documentation: Specifies the Amazon S3 bucket where DataSync uploads your [task report](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
│          │ │      + documentation: Specifies the Amazon S3 bucket where DataSync uploads your task report.
│          │ └ properties
│          │    ├ BucketAccessRoleArn: (documentation changed)
│          │    └ S3BucketArn: (documentation changed)
│          ├[~] type TaskSchedule
│          │ └ properties
│          │    └ Status: (documentation changed)
│          ├[~] type Transferred
│          │ ├      - documentation: The reporting level for the transferred section of your DataSync task report.
│          │ │      + documentation: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to transfer.
│          │ └ properties
│          │    └ ReportLevel: (documentation changed)
│          └[~] type Verified
│            ├      - documentation: The reporting level for the verified section of your DataSync task report.
│            │      + documentation: Specifies the level of reporting for the files, objects, and directories that Datasync attempted to verify at the end of your transfer. This only applies if you configure your task to verify data during and after the transfer (which Datasync does by default)
│            └ properties
│               └ ReportLevel: (documentation changed)
├[~] service aws-datazone
│ └ resources
│    └[~]  resource AWS::DataZone::ProjectProfile
│       ├ properties
│       │  ├[-] AllowedDesignations: Array<DesignationConfiguration>
│       │  ├[-] ChangeLog: string
│       │  ├ Description: (documentation changed)
│       │  ├ Name: (documentation changed)
│       │  ├[-] ProjectScopes: Array<ProjectScope>
│       │  └ Status: (documentation changed)
│       ├ attributes
│       │  ├ CreatedAt: (documentation changed)
│       │  ├ CreatedBy: (documentation changed)
│       │  ├ DomainId: (documentation changed)
│       │  ├ DomainUnitId: (documentation changed)
│       │  ├ Id: (documentation changed)
│       │  └ LastUpdatedAt: (documentation changed)
│       └ types
│          ├[-]  type DesignationConfiguration
│          │  ├      name: DesignationConfiguration
│          │  └ properties
│          │     └ DesignationId: string (required)
│          └[-]  type ProjectScope
│             ├      name: ProjectScope
│             └ properties
│                ├ Policy: string
│                └ Name: string (required)
├[~] service aws-deadline
│ └ resources
│    └[~]  resource AWS::Deadline::Fleet
│       └ types
│          └[~] type ServiceManagedEc2FleetConfiguration
│            └ properties
│               └[+] StorageProfileId: string
├[~] service aws-dsql
│ └ resources
│    └[~]  resource AWS::DSQL::Cluster
│       ├      - documentation: The CreateCluster API allows you to create both single-region clusters and multi-Region clusters. With the addition of the *multiRegionProperties* parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation.
│       │      > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters, as detailed in the *Required permissions* section below. 
│       │      *Required permissions*
│       │      - **dsql:CreateCluster** - Required to create a cluster.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:TagResource** - Permission to add tags to a resource.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:PutMultiRegionProperties** - Permission to configure multi-region properties for a cluster.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:AddPeerCluster** - When specifying `multiRegionProperties.clusters` , permission to add peer clusters.
│       │      Resources:
│       │      - Local cluster: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - Each peer cluster: exact ARN of each specified peer cluster
│       │      - **dsql:PutWitnessRegion** - When specifying `multiRegionProperties.witnessRegion` , permission to set a witness Region. This permission is checked both in the cluster Region and in the witness Region.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      Condition Keys: `dsql:WitnessRegion` (matching the specified witness region)
│       │      > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
│       │      + documentation: The CreateCluster API allows you to create both single-Region clusters and multi-Region clusters. With the addition of the *multiRegionProperties* parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation.
│       │      > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters, as detailed in the *Required permissions* section below. 
│       │      *Required permissions*
│       │      - **dsql:CreateCluster** - Required to create a cluster.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:TagResource** - Permission to add tags to a resource.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:PutMultiRegionProperties** - Permission to configure multi-Region properties for a cluster.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - **dsql:AddPeerCluster** - When specifying `multiRegionProperties.clusters` , permission to add peer clusters.
│       │      Resources:
│       │      - Local cluster: `arn:aws:dsql:region:account-id:cluster/*`
│       │      - Each peer cluster: exact ARN of each specified peer cluster
│       │      - **dsql:PutWitnessRegion** - When specifying `multiRegionProperties.witnessRegion` , permission to set a witness Region. This permission is checked both in the cluster Region and in the witness Region.
│       │      Resources: `arn:aws:dsql:region:account-id:cluster/*`
│       │      Condition Keys: `dsql:WitnessRegion` (matching the specified witness region)
│       │      > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
│       ├ properties
│       │  └[+] MultiRegionProperties: MultiRegionProperties
│       └ types
│          └[+]  type MultiRegionProperties
│             ├      documentation: Defines the structure for multi-Region cluster configurations, containing the witness region and linked cluster settings.
│             │      name: MultiRegionProperties
│             └ properties
│                ├ WitnessRegion: string
│                └ Clusters: Array<string>
├[~] service aws-ec2
│ └ resources
│    ├[~]  resource AWS::EC2::EC2Fleet
│    │  └ types
│    │     ├[+]  type BlockDeviceMapping
│    │     │  ├      name: BlockDeviceMapping
│    │     │  └ properties
│    │     │     ├ DeviceName: string
│    │     │     ├ Ebs: EbsBlockDevice
│    │     │     ├ NoDevice: string
│    │     │     └ VirtualName: string
│    │     ├[+]  type EbsBlockDevice
│    │     │  ├      name: EbsBlockDevice
│    │     │  └ properties
│    │     │     ├ DeleteOnTermination: boolean
│    │     │     ├ Encrypted: boolean
│    │     │     ├ Iops: integer
│    │     │     ├ KmsKeyId: string
│    │     │     ├ SnapshotId: string
│    │     │     ├ VolumeSize: integer
│    │     │     └ VolumeType: string
│    │     └[~] type FleetLaunchTemplateOverridesRequest
│    │       └ properties
│    │          └[+] BlockDeviceMappings: Array<BlockDeviceMapping>
│    └[~]  resource AWS::EC2::TrafficMirrorFilter
│       └ attributes
│          └ Id: (documentation changed)
├[~] service aws-ecs
│ └ resources
│    └[~]  resource AWS::ECS::TaskDefinition
│       └ types
│          └[~] type ContainerDefinition
│            └ properties
│               └ DependsOn: (documentation changed)
├[~] service aws-elasticloadbalancingv2
│ └ resources
│    └[~]  resource AWS::ElasticLoadBalancingV2::TargetGroup
│       └ types
│          └[~] type TargetGroupAttribute
│            └ properties
│               └ Key: (documentation changed)
├[~] service aws-emr
│ └ resources
│    └[~]  resource AWS::EMR::Cluster
│       └ types
│          └[~] type ManagedScalingPolicy
│            └ properties
│               ├ ScalingStrategy: (documentation changed)
│               └ UtilizationPerformanceIndex: (documentation changed)
├[+] service aws-evs
│ ├      capitalized: EVS
│ │      cloudFormationNamespace: AWS::EVS
│ │      name: aws-evs
│ │      shortName: evs
│ └ resources
│    └ resource AWS::EVS::Environment
│      ├      name: Environment
│      │      cloudFormationType: AWS::EVS::Environment
│      │      documentation: An environment created within the EVS service
│      │      tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│      ├ properties
│      │  ├ EnvironmentName: string (immutable)
│      │  ├ KmsKeyId: string (immutable)
│      │  ├ VpcId: string (required, immutable)
│      │  ├ ServiceAccessSubnetId: string (required, immutable)
│      │  ├ VcfVersion: string (required, immutable)
│      │  ├ TermsAccepted: boolean (required, immutable)
│      │  ├ LicenseInfo: LicenseInfo (required, immutable)
│      │  ├ InitialVlans: InitialVlans
│      │  ├ Hosts: Array<HostInfoForCreate>
│      │  ├ ConnectivityInfo: ConnectivityInfo (required, immutable)
│      │  ├ VcfHostnames: VcfHostnames (required, immutable)
│      │  ├ SiteId: string (required, immutable)
│      │  ├ ServiceAccessSecurityGroups: ServiceAccessSecurityGroups (immutable)
│      │  └ Tags: Array<tag>
│      ├ attributes
│      │  ├ EnvironmentId: string
│      │  ├ Checks: Array<Check>
│      │  ├ EnvironmentArn: string
│      │  ├ Credentials: Array<Secret>
│      │  ├ EnvironmentState: string
│      │  ├ StateDetails: string
│      │  ├ CreatedAt: string
│      │  └ ModifiedAt: string
│      └ types
│         ├ type Check
│         │ ├      name: Check
│         │ └ properties
│         │    ├ Type: string (required)
│         │    ├ Result: string (required)
│         │    └ ImpairedSince: string
│         ├ type ConnectivityInfo
│         │ ├      name: ConnectivityInfo
│         │ └ properties
│         │    └ PrivateRouteServerPeerings: Array<string> (required)
│         ├ type HostInfoForCreate
│         │ ├      name: HostInfoForCreate
│         │ └ properties
│         │    ├ HostName: string (required)
│         │    ├ KeyName: string (required)
│         │    ├ InstanceType: string (required)
│         │    ├ PlacementGroupId: string
│         │    └ DedicatedHostId: string
│         ├ type InitialVlanInfo
│         │ ├      name: InitialVlanInfo
│         │ └ properties
│         │    └ Cidr: string (required)
│         ├ type InitialVlans
│         │ ├      documentation: The initial Vlan configuration only required upon creation. Modification after creation will have no effect
│         │ │      name: InitialVlans
│         │ └ properties
│         │    ├ VmkManagement: InitialVlanInfo (required)
│         │    ├ VmManagement: InitialVlanInfo (required)
│         │    ├ VMotion: InitialVlanInfo (required)
│         │    ├ VSan: InitialVlanInfo (required)
│         │    ├ VTep: InitialVlanInfo (required)
│         │    ├ EdgeVTep: InitialVlanInfo (required)
│         │    ├ NsxUpLink: InitialVlanInfo (required)
│         │    ├ Hcx: InitialVlanInfo (required)
│         │    ├ ExpansionVlan1: InitialVlanInfo (required)
│         │    └ ExpansionVlan2: InitialVlanInfo (required)
│         ├ type LicenseInfo
│         │ ├      documentation: The license information for an EVS environment
│         │ │      name: LicenseInfo
│         │ └ properties
│         │    ├ SolutionKey: string (required)
│         │    └ VsanKey: string (required)
│         ├ type Secret
│         │ ├      name: Secret
│         │ └ properties
│         │    └ SecretArn: string
│         ├ type ServiceAccessSecurityGroups
│         │ ├      name: ServiceAccessSecurityGroups
│         │ └ properties
│         │    └ SecurityGroups: Array<string>
│         └ type VcfHostnames
│           ├      name: VcfHostnames
│           └ properties
│              ├ VCenter: string (required)
│              ├ Nsx: string (required)
│              ├ NsxManager1: string (required)
│              ├ NsxManager2: string (required)
│              ├ NsxManager3: string (required)
│              ├ NsxEdge1: string (required)
│              ├ NsxEdge2: string (required)
│              ├ SddcManager: string (required)
│              └ CloudBuilder: string (required)
├[~] service aws-fsx
│ └ resources
│    └[~]  resource AWS::FSx::FileSystem
│       ├ properties
│       │  └ StorageType: (documentation changed)
│       └ types
│          ├[~] type LustreConfiguration
│          │ └ properties
│          │    └ DeploymentType: (documentation changed)
│          └[~] type ReadCacheConfiguration
│            └      - documentation: The configuration for the optional provisioned SSD read cache on file systems that use the Intelligent-Tiering storage class.
│                   + documentation: The configuration for the optional provisioned SSD read cache on Amazon FSx for OpenZFS file systems that use the Intelligent-Tiering storage class.
├[~] service aws-lambda
│ └ resources
│    ├[~]  resource AWS::Lambda::EventInvokeConfig
│    │  └ types
│    │     └[~] type OnFailure
│    │       └      - documentation: A destination for events that failed processing.
│    │              + documentation: A destination for events that failed processing. See [Capturing records of Lambda asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html) for more information.
│    └[~]  resource AWS::Lambda::EventSourceMapping
│       └ types
│          ├[~] type OnFailure
│          │ └      - documentation: A destination for events that failed processing.
│          │        + documentation: A destination for events that failed processing. See [Capturing records of Lambda asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html) for more information.
│          └[~] type SelfManagedKafkaEventSourceConfig
│            └ properties
│               └ ConsumerGroupId: (documentation changed)
├[~] service aws-lightsail
│ └ resources
│    └[~]  resource AWS::Lightsail::InstanceSnapshot
│       ├      - documentation: Resource Type definition for AWS::Lightsail::InstanceSnapshot
│       │      + documentation: Describes an instance snapshot.
│       ├ properties
│       │  ├ InstanceName: (documentation changed)
│       │  └ Tags: (documentation changed)
│       └ attributes
│          ├ Arn: (documentation changed)
│          ├ FromInstanceArn: (documentation changed)
│          ├ ResourceType: (documentation changed)
│          ├ SizeInGb: (documentation changed)
│          └ SupportCode: (documentation changed)
├[~] service aws-mediapackage
│ └ resources
│    └[~]  resource AWS::MediaPackage::Asset
│       └ properties
│          ├ Id: - string (required)
│          │     + string (required, immutable)
│          └ Tags: - Array<tag>
│                  + Array<tag> (immutable)
├[~] service aws-networkfirewall
│ └ resources
│    └[+]  resource AWS::NetworkFirewall::VpcEndpointAssociation
│       ├      name: VpcEndpointAssociation
│       │      cloudFormationType: AWS::NetworkFirewall::VpcEndpointAssociation
│       │      documentation: Resource type definition for AWS::NetworkFirewall::VpcEndpointAssociation
│       │      tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│       ├ properties
│       │  ├ Description: string (immutable)
│       │  ├ FirewallArn: string (required, immutable)
│       │  ├ VpcId: string (required, immutable)
│       │  ├ SubnetMapping: SubnetMapping (required, immutable)
│       │  └ Tags: Array<tag>
│       ├ attributes
│       │  ├ VpcEndpointAssociationArn: string
│       │  ├ VpcEndpointAssociationId: string
│       │  └ EndpointId: string
│       └ types
│          └ type SubnetMapping
│            ├      name: SubnetMapping
│            └ properties
│               ├ SubnetId: string (required)
│               └ IPAddressType: string
├[~] service aws-rds
│ └ resources
│    ├[~]  resource AWS::RDS::DBProxyTargetGroup
│    │  └ types
│    │     └[~] type ConnectionPoolConfigurationInfoFormat
│    │       └ properties
│    │          ├ ConnectionBorrowTimeout: (documentation changed)
│    │          └ InitQuery: (documentation changed)
│    └[~]  resource AWS::RDS::DBShardGroup
│       └ properties
│          └ ComputeRedundancy: (documentation changed)
├[~] service aws-s3
│ └ resources
│    └[~]  resource AWS::S3::Bucket
│       └ types
│          └[~] type RoutingRuleCondition
│            └ properties
│               └ KeyPrefixEquals: (documentation changed)
├[~] service aws-transfer
│ └ resources
│    └[~]  resource AWS::Transfer::User
│       └ properties
│          └ HomeDirectory: (documentation changed)
├[~] service aws-verifiedpermissions
│ └ resources
│    └[~]  resource AWS::VerifiedPermissions::PolicyStore
│       ├ properties
│       │  └ DeletionProtection: (documentation changed)
│       └ types
│          └[~] type DeletionProtection
│            ├      - documentation: undefined
│            │      + documentation: Specifies whether the policy store can be deleted.
│            └ properties
│               └ Mode: (documentation changed)
└[~] service aws-wafv2
  └ resources
     └[~]  resource AWS::WAFv2::WebACL
        └ properties
           └[+] OnSourceDDoSProtectionConfig: json

[alvazjor]

LGTM

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: a8a8442
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.