Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: update L1 CloudFormation resource definitions #29606

Merged
merged 1 commit into from
Mar 25, 2024

Conversation

aws-cdk-automation
Copy link
Collaborator

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-cloudwatch
│ └ resources
│    └[~] resource AWS::CloudWatch::AnomalyDetector
│      └ types
│         └[~] type SingleMetricAnomalyDetector
│           └ properties
│              └[+] AccountId: string
├[~] service aws-docdbelastic
│ └ resources
│    └[~] resource AWS::DocDBElastic::Cluster
│      └ properties
│         ├[+] BackupRetentionPeriod: integer
│         ├[+] PreferredBackupWindow: string
│         └[+] ShardInstanceCount: integer
├[~] service aws-elasticache
│ └ resources
│    └[~] resource AWS::ElastiCache::ParameterGroup
│      └ attributes
│         └[-] CacheParameterGroupName: string
├[~] service aws-entityresolution
│ └ resources
│    └[~] resource AWS::EntityResolution::IdMappingWorkflow
│      ├ properties
│      │  └ OutputSourceConfig: - Array<IdMappingWorkflowOutputSource> (required)
│      │                        + Array<IdMappingWorkflowOutputSource>
│      └ types
│         └[~] type IdMappingWorkflowInputSource
│           └ properties
│              ├ SchemaArn: - string (required)
│              │            + string
│              └[+] Type: string
├[~] service aws-iam
│ └ resources
│    └[~] resource AWS::IAM::ManagedPolicy
│      └ properties
│         └ Path: - string (immutable)
│                 + string (default="/", immutable)
└[~] service aws-securityhub
  └ resources
     ├[-] resource AWS::SecurityHub::DelegatedAdmin
     │ ├  name: DelegatedAdmin
     │ │  cloudFormationType: AWS::SecurityHub::DelegatedAdmin
     │ │  documentation: The AWS::SecurityHub::DelegatedAdmin resource represents the AWS Security Hub delegated admin account in your organization. One delegated admin resource is allowed to create for the organization in each region in which you configure the AdminAccountId.
     │ ├ properties
     │ │  └AdminAccountId: string (required, immutable)
     │ └ attributes
     │    ├DelegatedAdminIdentifier: string
     │    └Status: string
     ├[-] resource AWS::SecurityHub::Insight
     │ ├  name: Insight
     │ │  cloudFormationType: AWS::SecurityHub::Insight
     │ │  documentation: Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
     │ │  To group the related findings in the insight, use the `GroupByAttribute` .
     │ ├ properties
     │ │  ├Name: string (required)
     │ │  ├Filters: AwsSecurityFindingFilters (required)
     │ │  └GroupByAttribute: string (required)
     │ ├ attributes
     │ │  └InsightArn: string
     │ └ types
     │    ├type AwsSecurityFindingFilters
     │    │├  documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
     │    ││  You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
     │    ││  name: AwsSecurityFindingFilters
     │    │└ properties
     │    │   ├ProductArn: Array<StringFilter>
     │    │   ├AwsAccountId: Array<StringFilter>
     │    │   ├AwsAccountName: Array<StringFilter>
     │    │   ├Id: Array<StringFilter>
     │    │   ├GeneratorId: Array<StringFilter>
     │    │   ├Type: Array<StringFilter>
     │    │   ├Region: Array<StringFilter>
     │    │   ├SeverityLabel: Array<StringFilter>
     │    │   ├Title: Array<StringFilter>
     │    │   ├Description: Array<StringFilter>
     │    │   ├RecommendationText: Array<StringFilter>
     │    │   ├SourceUrl: Array<StringFilter>
     │    │   ├ProductFields: Array<MapFilter>
     │    │   ├ProductName: Array<StringFilter>
     │    │   ├CompanyName: Array<StringFilter>
     │    │   ├UserDefinedFields: Array<MapFilter>
     │    │   ├MalwareName: Array<StringFilter>
     │    │   ├MalwareType: Array<StringFilter>
     │    │   ├MalwarePath: Array<StringFilter>
     │    │   ├MalwareState: Array<StringFilter>
     │    │   ├NetworkDirection: Array<StringFilter>
     │    │   ├NetworkProtocol: Array<StringFilter>
     │    │   ├NetworkSourceIpV4: Array<IpFilter>
     │    │   ├NetworkSourceIpV6: Array<IpFilter>
     │    │   ├NetworkSourceDomain: Array<StringFilter>
     │    │   ├NetworkSourceMac: Array<StringFilter>
     │    │   ├NetworkDestinationIpV4: Array<IpFilter>
     │    │   ├NetworkDestinationIpV6: Array<IpFilter>
     │    │   ├NetworkDestinationDomain: Array<StringFilter>
     │    │   ├ProcessName: Array<StringFilter>
     │    │   ├ProcessPath: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorType: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorValue: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorCategory: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSource: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSourceUrl: Array<StringFilter>
     │    │   ├ResourceType: Array<StringFilter>
     │    │   ├ResourceId: Array<StringFilter>
     │    │   ├ResourcePartition: Array<StringFilter>
     │    │   ├ResourceRegion: Array<StringFilter>
     │    │   ├ResourceTags: Array<MapFilter>
     │    │   ├ResourceAwsEc2InstanceType: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceImageId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIpV4Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceIpV6Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceKeyName: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIamInstanceProfileArn: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceVpcId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceSubnetId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerName: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyStatus: Array<StringFilter>
     │    │   ├ResourceContainerName: Array<StringFilter>
     │    │   ├ResourceContainerImageId: Array<StringFilter>
     │    │   ├ResourceContainerImageName: Array<StringFilter>
     │    │   ├ResourceDetailsOther: Array<MapFilter>
     │    │   ├ComplianceStatus: Array<StringFilter>
     │    │   ├VerificationState: Array<StringFilter>
     │    │   ├WorkflowState: Array<StringFilter>
     │    │   ├WorkflowStatus: Array<StringFilter>
     │    │   ├RecordState: Array<StringFilter>
     │    │   ├RelatedFindingsProductArn: Array<StringFilter>
     │    │   ├RelatedFindingsId: Array<StringFilter>
     │    │   ├ResourceApplicationArn: Array<StringFilter>
     │    │   ├ResourceApplicationName: Array<StringFilter>
     │    │   ├NoteText: Array<StringFilter>
     │    │   ├NoteUpdatedBy: Array<StringFilter>
     │    │   ├Sample: Array<BooleanFilter>
     │    │   ├ComplianceAssociatedStandardsId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersName: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersValue: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsId: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsProductArn: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityLabel: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityOriginal: Array<StringFilter>
     │    │   ├FindingProviderFieldsTypes: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyPrincipalName: Array<StringFilter>
     │    │   ├ResourceAwsIamUserUserName: Array<StringFilter>
     │    │   ├VulnerabilitiesExploitAvailable: Array<StringFilter>
     │    │   └VulnerabilitiesFixAvailable: Array<StringFilter>
     │    ├type StringFilter
     │    │├  documentation: A string filter for filtering AWS Security Hub findings.
     │    ││  name: StringFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   └Value: string (required)
     │    ├type MapFilter
     │    │├  documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
     │    ││  name: MapFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   ├Key: string (required)
     │    │   └Value: string (required)
     │    ├type IpFilter
     │    │├  documentation: The IP filter for querying findings.
     │    ││  name: IpFilter
     │    │└ properties
     │    │   └Cidr: string
     │    └type BooleanFilter
     │     ├  documentation: Boolean filter for querying findings.
     │     │  name: BooleanFilter
     │     └ properties
     │        └Value: boolean (required)
     └[-] resource AWS::SecurityHub::ProductSubscription
       ├  name: ProductSubscription
       │  cloudFormationType: AWS::SecurityHub::ProductSubscription
       │  documentation: The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.
       ├ properties
       │  └ProductArn: string (required, immutable)
       └ attributes
          └ProductSubscriptionArn: string

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
@aws-cdk-automation aws-cdk-automation added auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels Mar 25, 2024
@aws-cdk-automation aws-cdk-automation requested review from a team March 25, 2024 15:25
@github-actions github-actions bot added the p2 label Mar 25, 2024
@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: a087eaa
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Copy link
Contributor

mergify bot commented Mar 25, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 432f97d into main Mar 25, 2024
38 checks passed
@mergify mergify bot deleted the automation/spec-update branch March 25, 2024 15:52
ahammond pushed a commit to ahammond/aws-cdk that referenced this pull request Mar 26, 2024
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-cloudwatch
│ └ resources
│    └[~] resource AWS::CloudWatch::AnomalyDetector
│      └ types
│         └[~] type SingleMetricAnomalyDetector
│           └ properties
│              └[+] AccountId: string
├[~] service aws-docdbelastic
│ └ resources
│    └[~] resource AWS::DocDBElastic::Cluster
│      └ properties
│         ├[+] BackupRetentionPeriod: integer
│         ├[+] PreferredBackupWindow: string
│         └[+] ShardInstanceCount: integer
├[~] service aws-elasticache
│ └ resources
│    └[~] resource AWS::ElastiCache::ParameterGroup
│      └ attributes
│         └[-] CacheParameterGroupName: string
├[~] service aws-entityresolution
│ └ resources
│    └[~] resource AWS::EntityResolution::IdMappingWorkflow
│      ├ properties
│      │  └ OutputSourceConfig: - Array<IdMappingWorkflowOutputSource> (required)
│      │                        + Array<IdMappingWorkflowOutputSource>
│      └ types
│         └[~] type IdMappingWorkflowInputSource
│           └ properties
│              ├ SchemaArn: - string (required)
│              │            + string
│              └[+] Type: string
├[~] service aws-iam
│ └ resources
│    └[~] resource AWS::IAM::ManagedPolicy
│      └ properties
│         └ Path: - string (immutable)
│                 + string (default="/", immutable)
└[~] service aws-securityhub
  └ resources
     ├[-] resource AWS::SecurityHub::DelegatedAdmin
     │ ├  name: DelegatedAdmin
     │ │  cloudFormationType: AWS::SecurityHub::DelegatedAdmin
     │ │  documentation: The AWS::SecurityHub::DelegatedAdmin resource represents the AWS Security Hub delegated admin account in your organization. One delegated admin resource is allowed to create for the organization in each region in which you configure the AdminAccountId.
     │ ├ properties
     │ │  └AdminAccountId: string (required, immutable)
     │ └ attributes
     │    ├DelegatedAdminIdentifier: string
     │    └Status: string
     ├[-] resource AWS::SecurityHub::Insight
     │ ├  name: Insight
     │ │  cloudFormationType: AWS::SecurityHub::Insight
     │ │  documentation: Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
     │ │  To group the related findings in the insight, use the `GroupByAttribute` .
     │ ├ properties
     │ │  ├Name: string (required)
     │ │  ├Filters: AwsSecurityFindingFilters (required)
     │ │  └GroupByAttribute: string (required)
     │ ├ attributes
     │ │  └InsightArn: string
     │ └ types
     │    ├type AwsSecurityFindingFilters
     │    │├  documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
     │    ││  You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
     │    ││  name: AwsSecurityFindingFilters
     │    │└ properties
     │    │   ├ProductArn: Array<StringFilter>
     │    │   ├AwsAccountId: Array<StringFilter>
     │    │   ├AwsAccountName: Array<StringFilter>
     │    │   ├Id: Array<StringFilter>
     │    │   ├GeneratorId: Array<StringFilter>
     │    │   ├Type: Array<StringFilter>
     │    │   ├Region: Array<StringFilter>
     │    │   ├SeverityLabel: Array<StringFilter>
     │    │   ├Title: Array<StringFilter>
     │    │   ├Description: Array<StringFilter>
     │    │   ├RecommendationText: Array<StringFilter>
     │    │   ├SourceUrl: Array<StringFilter>
     │    │   ├ProductFields: Array<MapFilter>
     │    │   ├ProductName: Array<StringFilter>
     │    │   ├CompanyName: Array<StringFilter>
     │    │   ├UserDefinedFields: Array<MapFilter>
     │    │   ├MalwareName: Array<StringFilter>
     │    │   ├MalwareType: Array<StringFilter>
     │    │   ├MalwarePath: Array<StringFilter>
     │    │   ├MalwareState: Array<StringFilter>
     │    │   ├NetworkDirection: Array<StringFilter>
     │    │   ├NetworkProtocol: Array<StringFilter>
     │    │   ├NetworkSourceIpV4: Array<IpFilter>
     │    │   ├NetworkSourceIpV6: Array<IpFilter>
     │    │   ├NetworkSourceDomain: Array<StringFilter>
     │    │   ├NetworkSourceMac: Array<StringFilter>
     │    │   ├NetworkDestinationIpV4: Array<IpFilter>
     │    │   ├NetworkDestinationIpV6: Array<IpFilter>
     │    │   ├NetworkDestinationDomain: Array<StringFilter>
     │    │   ├ProcessName: Array<StringFilter>
     │    │   ├ProcessPath: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorType: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorValue: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorCategory: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSource: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSourceUrl: Array<StringFilter>
     │    │   ├ResourceType: Array<StringFilter>
     │    │   ├ResourceId: Array<StringFilter>
     │    │   ├ResourcePartition: Array<StringFilter>
     │    │   ├ResourceRegion: Array<StringFilter>
     │    │   ├ResourceTags: Array<MapFilter>
     │    │   ├ResourceAwsEc2InstanceType: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceImageId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIpV4Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceIpV6Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceKeyName: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIamInstanceProfileArn: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceVpcId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceSubnetId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerName: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyStatus: Array<StringFilter>
     │    │   ├ResourceContainerName: Array<StringFilter>
     │    │   ├ResourceContainerImageId: Array<StringFilter>
     │    │   ├ResourceContainerImageName: Array<StringFilter>
     │    │   ├ResourceDetailsOther: Array<MapFilter>
     │    │   ├ComplianceStatus: Array<StringFilter>
     │    │   ├VerificationState: Array<StringFilter>
     │    │   ├WorkflowState: Array<StringFilter>
     │    │   ├WorkflowStatus: Array<StringFilter>
     │    │   ├RecordState: Array<StringFilter>
     │    │   ├RelatedFindingsProductArn: Array<StringFilter>
     │    │   ├RelatedFindingsId: Array<StringFilter>
     │    │   ├ResourceApplicationArn: Array<StringFilter>
     │    │   ├ResourceApplicationName: Array<StringFilter>
     │    │   ├NoteText: Array<StringFilter>
     │    │   ├NoteUpdatedBy: Array<StringFilter>
     │    │   ├Sample: Array<BooleanFilter>
     │    │   ├ComplianceAssociatedStandardsId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersName: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersValue: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsId: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsProductArn: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityLabel: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityOriginal: Array<StringFilter>
     │    │   ├FindingProviderFieldsTypes: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyPrincipalName: Array<StringFilter>
     │    │   ├ResourceAwsIamUserUserName: Array<StringFilter>
     │    │   ├VulnerabilitiesExploitAvailable: Array<StringFilter>
     │    │   └VulnerabilitiesFixAvailable: Array<StringFilter>
     │    ├type StringFilter
     │    │├  documentation: A string filter for filtering AWS Security Hub findings.
     │    ││  name: StringFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   └Value: string (required)
     │    ├type MapFilter
     │    │├  documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
     │    ││  name: MapFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   ├Key: string (required)
     │    │   └Value: string (required)
     │    ├type IpFilter
     │    │├  documentation: The IP filter for querying findings.
     │    ││  name: IpFilter
     │    │└ properties
     │    │   └Cidr: string
     │    └type BooleanFilter
     │     ├  documentation: Boolean filter for querying findings.
     │     │  name: BooleanFilter
     │     └ properties
     │        └Value: boolean (required)
     └[-] resource AWS::SecurityHub::ProductSubscription
       ├  name: ProductSubscription
       │  cloudFormationType: AWS::SecurityHub::ProductSubscription
       │  documentation: The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.
       ├ properties
       │  └ProductArn: string (required, immutable)
       └ attributes
          └ProductSubscriptionArn: string
```
This was referenced Apr 1, 2024
@aws aws locked as resolved and limited conversation to collaborators Jul 25, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. p2 pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant