From 3ee5ce03905e5d12d569bcc58b8134c81a97d7c7 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 5 Jun 2024 21:07:53 +0200 Subject: [PATCH] feat: update L1 CloudFormation resource definitions (#30438) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-autoscaling │ └ resources │ └[~] resource AWS::AutoScaling::AutoScalingGroup │ └ properties │ └ NotificationConfiguration: (documentation changed) ├[~] service aws-ec2 │ └ resources │ └[~] resource AWS::EC2::CustomerGateway │ └ properties │ └[+] BgpAsnExtended: number (immutable) ├[~] service aws-eks │ └ resources │ └[~] resource AWS::EKS::Addon │ ├ properties │ │ └[+] PodIdentityAssociations: Array │ └ types │ └[+] type PodIdentityAssociation │ ├ documentation: A pod identity to associate with an add-on. │ │ name: PodIdentityAssociation │ └ properties │ ├ServiceAccount: string (required) │ └RoleArn: string (required) ├[~] service aws-mediaconnect │ └ resources │ └[~] resource AWS::MediaConnect::Flow │ └ types │ └[~] type Source │ └ properties │ ├ MaxLatency: - integer (default=2000) │ │ + integer │ └ MinLatency: - integer (default=2000) │ + integer ├[~] service aws-mediapackagev2 │ └ resources │ └[~] resource AWS::MediaPackageV2::OriginEndpoint │ ├ properties │ │ └[+] DashManifests: Array │ └ types │ ├[+] type DashManifestConfiguration │ │ ├ documentation:

Retrieve the DASH manifest configuration.

│ │ │ name: DashManifestConfiguration │ │ └ properties │ │ ├ManifestName: string (required) │ │ ├ManifestWindowSeconds: integer │ │ ├FilterConfiguration: FilterConfiguration │ │ ├MinUpdatePeriodSeconds: integer │ │ ├MinBufferTimeSeconds: integer │ │ ├SuggestedPresentationDelaySeconds: integer │ │ ├SegmentTemplateFormat: string │ │ ├PeriodTriggers: Array │ │ ├ScteDash: ScteDash │ │ ├DrmSignaling: string │ │ └UtcTiming: DashUtcTiming │ ├[+] type DashUtcTiming │ │ ├ documentation:

Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).

│ │ │ name: DashUtcTiming │ │ └ properties │ │ ├TimingMode: string │ │ └TimingSource: string │ └[+] type ScteDash │ ├ documentation:

The SCTE configuration.

│ │ name: ScteDash │ └ properties │ └AdMarkerDash: string ├[~] service aws-securityhub │ └ resources │ ├[+] resource AWS::SecurityHub::ConfigurationPolicy │ │ ├ name: ConfigurationPolicy │ │ │ cloudFormationType: AWS::SecurityHub::ConfigurationPolicy │ │ │ documentation: The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account. │ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"map"} │ │ ├ properties │ │ │ ├Name: string (required) │ │ │ ├Description: string │ │ │ ├ConfigurationPolicy: Policy (required) │ │ │ └Tags: Map │ │ ├ attributes │ │ │ ├Arn: string │ │ │ ├Id: string │ │ │ ├CreatedAt: string │ │ │ ├UpdatedAt: string │ │ │ └ServiceEnabled: boolean │ │ └ types │ │ ├type Policy │ │ │├ documentation: An object that defines how Security Hub is configured. │ │ ││ name: Policy │ │ │└ properties │ │ │ └SecurityHub: SecurityHubPolicy │ │ ├type SecurityHubPolicy │ │ │├ documentation: An object that defines how AWS Security Hub is configured. │ │ ││ name: SecurityHubPolicy │ │ │└ properties │ │ │ ├EnabledStandardIdentifiers: Array │ │ │ ├ServiceEnabled: boolean │ │ │ └SecurityControlsConfiguration: SecurityControlsConfiguration │ │ ├type SecurityControlsConfiguration │ │ │├ documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy. │ │ ││ name: SecurityControlsConfiguration │ │ │└ properties │ │ │ ├DisabledSecurityControlIdentifiers: Array │ │ │ ├EnabledSecurityControlIdentifiers: Array │ │ │ └SecurityControlCustomParameters: Array │ │ ├type SecurityControlCustomParameter │ │ │├ documentation: An object of security control and control parameter value that are included in a configuration policy. │ │ ││ name: SecurityControlCustomParameter │ │ │└ properties │ │ │ ├Parameters: Map │ │ │ └SecurityControlId: string │ │ ├type ParameterConfiguration │ │ │├ documentation: An object that provides the current value of a security control parameter and identifies whether it has been customized. │ │ ││ name: ParameterConfiguration │ │ │└ properties │ │ │ ├ValueType: string (required) │ │ │ └Value: ParameterValue │ │ └type ParameterValue │ │ ├ documentation: An object that includes the data type of a security control parameter and its current value. │ │ │ name: ParameterValue │ │ └ properties │ │ ├Boolean: boolean │ │ ├Double: number │ │ ├Enum: string │ │ ├EnumList: Array │ │ ├Integer: integer │ │ ├IntegerList: Array │ │ ├String: string │ │ └StringList: Array │ ├[+] resource AWS::SecurityHub::FindingAggregator │ │ ├ name: FindingAggregator │ │ │ cloudFormationType: AWS::SecurityHub::FindingAggregator │ │ │ documentation: The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode. │ │ ├ properties │ │ │ ├RegionLinkingMode: string (required) │ │ │ └Regions: Array │ │ └ attributes │ │ ├FindingAggregatorArn: string │ │ └FindingAggregationRegion: string │ ├[+] resource AWS::SecurityHub::OrganizationConfiguration │ │ ├ name: OrganizationConfiguration │ │ │ cloudFormationType: AWS::SecurityHub::OrganizationConfiguration │ │ │ documentation: The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator. │ │ ├ properties │ │ │ ├AutoEnable: boolean (required) │ │ │ ├AutoEnableStandards: string │ │ │ └ConfigurationType: string │ │ └ attributes │ │ ├OrganizationConfigurationIdentifier: string │ │ ├Status: string │ │ ├StatusMessage: string │ │ └MemberAccountLimitReached: boolean │ └[+] resource AWS::SecurityHub::PolicyAssociation │ ├ name: PolicyAssociation │ │ cloudFormationType: AWS::SecurityHub::PolicyAssociation │ │ documentation: The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region. │ ├ properties │ │ ├ConfigurationPolicyId: string (required) │ │ ├TargetId: string (required, immutable) │ │ └TargetType: string (required, immutable) │ └ attributes │ ├AssociationStatus: string │ ├AssociationType: string │ ├AssociationStatusMessage: string │ ├UpdatedAt: string │ └AssociationIdentifier: string └[~] service aws-securitylake └ resources ├[~] resource AWS::SecurityLake::Subscriber │ ├ properties │ │ └[-] Sources: Array (required) │ └ types │ ├[-] type AwsLogSource │ │ ├ documentation: Adds a natively supported AWS service as an Amazon Security Lake source. Enables source types for member accounts in required AWS Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an AWS service as a source, Security Lake starts collecting logs and events from it. │ │ │ name: AwsLogSource │ │ └ properties │ │ ├SourceName: string │ │ └SourceVersion: string │ ├[-] type CustomLogSource │ │ ├ documentation: Third-party custom log source that meets the requirements to be added to Amazon Security Lake . For more details, see [Custom log source](https://docs.aws.amazon.com//security-lake/latest/userguide/custom-sources.html#iam-roles-custom-sources) in the *Amazon Security Lake User Guide* . │ │ │ name: CustomLogSource │ │ └ properties │ │ ├SourceName: string │ │ └SourceVersion: string │ └[-] type Source │ ├ documentation: Sources are logs and events generated from a single system that match a specific event class in the Open Cybersecurity Schema Framework (OCSF) schema. Amazon Security Lake can collect logs and events from a variety of sources, including natively supported AWS services and third-party custom sources. │ │ name: Source │ └ properties │ ├AwsLogSource: AwsLogSource │ └CustomLogSource: CustomLogSource └[+] resource AWS::SecurityLake::SubscriberNotification ├ name: SubscriberNotification │ cloudFormationType: AWS::SecurityLake::SubscriberNotification │ documentation: Resource Type definition for AWS::SecurityLake::SubscriberNotification ├ properties │ └SubscriberArn: string (required, immutable) └ attributes └SubscriberEndpoint: string ``` --- .../@aws-cdk/cloudformation-diff/package.json | 4 +-- packages/@aws-cdk/integ-runner/package.json | 2 +- packages/aws-cdk-lib/package.json | 2 +- tools/@aws-cdk/spec2cdk/package.json | 6 ++-- yarn.lock | 35 ++++++++----------- 5 files changed, 21 insertions(+), 28 deletions(-) diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 17065e0bc568b..659b82a8e8c78 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.4", - "@aws-cdk/service-spec-types": "^0.0.72", + "@aws-cdk/aws-service-spec": "^0.1.5", + "@aws-cdk/service-spec-types": "^0.0.73", "chalk": "^4", "diff": "^5.2.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index fc5a5692da64e..c90fa53ddad21 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -74,7 +74,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.1.4", + "@aws-cdk/aws-service-spec": "^0.1.5", "cdk-assets": "0.0.0", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 73ca167d8e190..b1ce80207a0a5 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -135,7 +135,7 @@ "mime-types": "^2.1.35" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.1.4", + "@aws-cdk/aws-service-spec": "^0.1.5", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index 2994f0f146af2..03fbfb6c50e12 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.4", - "@aws-cdk/service-spec-importers": "^0.0.35", - "@aws-cdk/service-spec-types": "^0.0.72", + "@aws-cdk/aws-service-spec": "^0.1.5", + "@aws-cdk/service-spec-importers": "^0.0.36", + "@aws-cdk/service-spec-types": "^0.0.73", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/yarn.lock b/yarn.lock index 4a9db7f566eae..651c89c0a2ee6 100644 --- a/yarn.lock +++ b/yarn.lock @@ -51,12 +51,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.3.tgz#9b5d213b5ce5ad4461f6a4720195ff8de72e6523" integrity sha512-twhuEG+JPOYCYPx/xy5uH2+VUsIEhPTzDY0F1KuB+ocjWWB/KEDiOVL19nHvbPCB6fhWnkykXEMJ4HHcKvjtvg== -"@aws-cdk/aws-service-spec@^0.1.4": - version "0.1.4" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.4.tgz#64e9bbea092c36246829b06924702da55cf89120" - integrity sha512-4tHzmQPvNttbLaPfAgGwDXRsa2+SYuhkoSTbUeXqDtgHkQ31lhfB9QsZJ74YWFIg5ke9VGyPlFLIJPX6FbD4MQ== +"@aws-cdk/aws-service-spec@^0.1.5": + version "0.1.5" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.5.tgz#7dd93b26ecd13209ff343ff865d7e74b61fea1fb" + integrity sha512-c75l3CJnv8F0WQ/azz5aJgjk2yoCOXYq++FaRVPrOW/IlnRu/vCyxHXvQB+oaxoii2bvhe+BLIbGOWbIGlznhw== dependencies: - "@aws-cdk/service-spec-types" "^0.0.72" + "@aws-cdk/service-spec-types" "^0.0.73" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/lambda-layer-kubectl-v24@^2.0.242": @@ -69,12 +69,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/lambda-layer-kubectl-v29/-/lambda-layer-kubectl-v29-2.0.0.tgz#1c078fffa2c701c691aeb3e599e91cd3c1017e74" integrity sha512-X6RKZPcPGkYSp9/AhiNtEL7Vz2I77qCdbr5XGtqFeIyw/620Qo2ZIRFr2AjWfGEj81gvcwUbVW5lZ6+EqqyqlA== -"@aws-cdk/service-spec-importers@^0.0.35": - version "0.0.35" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.35.tgz#c761c50be0039529f16fcf4b9294ac5f82980c9b" - integrity sha512-OseAqNXpNOBjDmpazIBrYCUoS6KRlkU5QE1Px62oyBpPmavBFEN2HqSaafWbTij5jUAQKViF9OyBFFuQUQ6Wng== +"@aws-cdk/service-spec-importers@^0.0.36": + version "0.0.36" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-importers/-/service-spec-importers-0.0.36.tgz#5c7488a42b7216378f42ab1a6b12f86bde601d2a" + integrity sha512-MT/7ffHxbCtaaQZ1NckCidGHSPKP7zF6UQ2XwzsmDQ/r+crSQwT8nYVKi9oxf+I/YeK18OnGFio538KP7h1jrw== dependencies: - "@aws-cdk/service-spec-types" "^0.0.71" + "@aws-cdk/service-spec-types" "^0.0.73" "@cdklabs/tskb" "^0.0.3" ajv "^6" canonicalize "^2.0.0" @@ -85,17 +85,10 @@ glob "^8" sort-json "^2.0.1" -"@aws-cdk/service-spec-types@^0.0.71": - version "0.0.71" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.71.tgz#5c26670a4dd1849478c1b94856c62a307ff6dd66" - integrity sha512-HVs2BhcuWZNeF0CoJ8lRhHMD27h5D+dPvqjKgbF3NYWJW3lmdYueASRWTaZnLcND51c/Ar/ZXpXvv0kd6Wj5RQ== - dependencies: - "@cdklabs/tskb" "^0.0.3" - -"@aws-cdk/service-spec-types@^0.0.72": - version "0.0.72" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.72.tgz#3abc38151fe91bb0660f2964080c75f371f3c583" - integrity sha512-XYd1312zJOf8OIKv7c5ekkhsQA+m+KLKetVdRxjaRbSLjtCrYJXCzUmZM+YoeEaJcvhAfHtqrCpv9CYqvxql+A== +"@aws-cdk/service-spec-types@^0.0.73": + version "0.0.73" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.73.tgz#e322a832bf8b7facc5f7a11854770a13d6ea4fd4" + integrity sha512-PGAF/MWEyVWiskERau2GHvguYpskTMM4SC7afjgocI5J0B6uFRMHtJYnpB2QO39RVdGDskZdpzxy5r2ChTtUYQ== dependencies: "@cdklabs/tskb" "^0.0.3"