diff --git a/src/cfnlint/data/AdditionalSpecs/Policies.json b/src/cfnlint/data/AdditionalSpecs/Policies.json index f174426ef5..f4702ac5d5 100644 --- a/src/cfnlint/data/AdditionalSpecs/Policies.json +++ b/src/cfnlint/data/AdditionalSpecs/Policies.json @@ -13498,6 +13498,7 @@ "ReplicateInstance", "ResumeContact", "ResumeContactRecording", + "SearchAgentStatuses", "SearchAvailablePhoneNumbers", "SearchContactFlowModules", "SearchContactFlows", @@ -13510,6 +13511,7 @@ "SearchResourceTags", "SearchRoutingProfiles", "SearchSecurityProfiles", + "SearchUserHierarchyGroups", "SearchUsers", "SearchVocabularies", "SendChatIntegrationEvent", diff --git a/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json b/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json index ba38ac9957..85306312bd 100644 --- a/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/123ba181485ae293d5bd09722af0c19d5a0d14c62111ff864923fc7b7960dda6.meta.json @@ -1 +1 @@ -{"etag": "\"e307e8687bfecd606f0e899afa9dc391\"", "url": "https://schema.cloudformation.eu-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"738ba15ff4ffdd71dc23036beef518e5\"", "url": "https://schema.cloudformation.eu-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json b/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json index c7eac535ff..c533ce5b71 100644 --- a/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/164e1bfc2823fbd49d8d0e7163ebf32b2b6653d7edfe98a64577daae0b481c38.meta.json @@ -1 +1 @@ -{"etag": "\"4ef0c1c5720349e0aa42d8c03f2190c6\"", "url": "https://schema.cloudformation.cn-north-1.amazonaws.com.cn/CloudformationSchema.zip"} +{"etag": "\"cda566f99a24532ebc8258c4f3bdc40d\"", "url": "https://schema.cloudformation.cn-north-1.amazonaws.com.cn/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json b/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json index 07632650b6..b3d6caafa6 100644 --- a/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/18624fcc4a1c571691d10b2508e6be565e4752bbc10d9552de8df8f81348c42b.meta.json @@ -1 +1 @@ -{"etag": "\"2d862f85e75942a5867c34b7bfc3c77c\"", "url": "https://schema.cloudformation.us-gov-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"504a1877be977ac5dce2cf0b7fb83fd4\"", "url": "https://schema.cloudformation.us-gov-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json b/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json index 206f3f4cc8..e57c08cc1f 100644 --- a/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/227d6e59c86482f7153466759080e65963a1bf4413531ad420ff60a5a0d7965d.meta.json @@ -1 +1 @@ -{"etag": "\"6914ce33d190b3e1e349df96fe4db5f9\"", "url": "https://schema.cloudformation.me-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"530b302bef90109a0b5a5e0265596115\"", "url": "https://schema.cloudformation.me-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json b/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json index 3f07e1ffbd..54a0fe6580 100644 --- a/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/23be708e675cb6098b08969e4dbbc3f54cfc32461d10e077e7e5de1fc25d8b8f.meta.json @@ -1 +1 @@ -{"etag": "\"c4159999fa081b0705a8cc19ad90fb11\"", "url": "https://schema.cloudformation.us-gov-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"29c5448524f706edf4ab7ae25e9c2697\"", "url": "https://schema.cloudformation.us-gov-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json b/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json index 39d6212283..cd87872f0b 100644 --- a/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/26cf4521b683d3267844178a6bcd1d0ad3fe2e7838c23f6acd054944cb2b1618.meta.json @@ -1 +1 @@ -{"etag": "\"5e3092644eadd30dbd152151fb69bae6\"", "url": "https://schema.cloudformation.me-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4a988794be80359d27bd93fa1fbbf0ea\"", "url": "https://schema.cloudformation.me-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json b/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json index bafb2493b6..82869b619a 100644 --- a/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/276cecfeb1ec5e608e2aaa06925a2da57e9907e4a512c10ddae70b98b4dada43.meta.json @@ -1 +1 @@ -{"etag": "\"5d4e9225c20358129f764181a0c1935a\"", "url": "https://schema.cloudformation.eu-west-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4b7de5aadeb179da21b162fb0b69ce9d\"", "url": "https://schema.cloudformation.eu-west-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json b/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json index a39e047d7f..35c3450853 100644 --- a/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/371e40c90b2e47c99f6e275e060ee83a3fbf0a0fb76625ba46dbe42abd34333c.meta.json @@ -1 +1 @@ -{"etag": "\"86ec8b36787356cf267f5f432a71b88a\"", "url": "https://schema.cloudformation.cn-northwest-1.amazonaws.com.cn/CloudformationSchema.zip"} +{"etag": "\"298aa7073a8e0bdf6e4fd4a870da9816\"", "url": "https://schema.cloudformation.cn-northwest-1.amazonaws.com.cn/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json b/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json index b1be8a6d57..1ccdb34508 100644 --- a/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/42155835f382d82337be3d2bf832bada376aa3fe15197e3bb0e9290ff8719b4e.meta.json @@ -1 +1 @@ -{"etag": "\"91d93202afea003b5e2abc8b51a7f3a2\"", "url": "https://schema.cloudformation.af-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"92b7cf87c86ac2f5f03184c2a4c5977e\"", "url": "https://schema.cloudformation.af-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json b/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json index 1fbef7b8ba..bd86c222db 100644 --- a/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/42e9df95722b6524cd001503b6750b86f60a7b5acfc406ebb10d5748cbb8ed41.meta.json @@ -1 +1 @@ -{"etag": "\"990578a386215d4d7dd180c403b696f2\"", "url": "https://schema.cloudformation.us-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4d2790c4dde62c9d8a7ad2c35fafa8f3\"", "url": "https://schema.cloudformation.us-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json b/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json index 3b580ffd15..cc172316fa 100644 --- a/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/4fbb29b69678acdd32c5758ed43ead9bf35136af536e92a84ccbaf062c315066.meta.json @@ -1 +1 @@ -{"etag": "\"178d4817771d0ee17f6c632e6263e86d\"", "url": "https://schema.cloudformation.eu-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"6983ea896b180353f0e53ef005faed84\"", "url": "https://schema.cloudformation.eu-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json b/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json index 5d5e5182fe..d1da7148e0 100644 --- a/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/56584c7d00e444de640bef01fc2c630804470222e5e4c690bacef5312891581d.meta.json @@ -1 +1 @@ -{"etag": "\"f542e9eb0c8ef1fda4e9accd88d04ec1\"", "url": "https://schema.cloudformation.ap-south-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"c7449926f719eba2606d5ba8de92bf3b\"", "url": "https://schema.cloudformation.ap-south-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json b/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json index acda2e9698..2611a8eac7 100644 --- a/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/583721567eccd1d5855daa623819df1a646b563d773e34b020d0ddeab2fe195b.meta.json @@ -1 +1 @@ -{"etag": "\"7a84558ed3d76ce6d02ea6d1bf326431\"", "url": "https://schema.cloudformation.ap-southeast-4.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"7bacaa60c4d0982584e06715d72dcf18\"", "url": "https://schema.cloudformation.ap-southeast-4.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json b/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json index bf212e983d..67e92d1414 100644 --- a/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/6316ae24f21cb620947aa250bebbee69548d44cc32e246ec9d7742088a2c17f8.meta.json @@ -1 +1 @@ -{"etag": "\"727a48603159871b28e5fb26effb6547\"", "url": "https://schema.cloudformation.us-east-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4ffdbb2c310789ccbc13497348dfe5db\"", "url": "https://schema.cloudformation.us-east-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json b/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json index e13c9b5e63..7feab0bb1f 100644 --- a/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/81e1cc73ff2daf7d1e1eca393c2d1fdd98ac34d4109512e0e0947ef752dcb9c9.meta.json @@ -1 +1 @@ -{"etag": "\"aecc2aa6763a28865b7f195a594bef80\"", "url": "https://schema.cloudformation.ap-southeast-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"99d7637fdd01f028672346e21a051165\"", "url": "https://schema.cloudformation.ap-southeast-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json b/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json index 9310bea2bb..1323964469 100644 --- a/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/8adeabf0a09b37a8ed924aea799005947e4a4542365d35fd75466abcf306eeca.meta.json @@ -1 +1 @@ -{"etag": "\"4b19eb4dbe6984e7ed3559819f5bfb5e\"", "url": "https://schema.cloudformation.ap-northeast-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"62acaaf6545f733a59baff62d227a3ee\"", "url": "https://schema.cloudformation.ap-northeast-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json b/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json index 5b30eda34e..535fc197f4 100644 --- a/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/8b8b0cee4df1ef0947a8289e8ec0c67869b7533eabab32ecfc0a00cb19e55a5f.meta.json @@ -1 +1 @@ -{"etag": "\"947213c21450c8444848f8c5b4846dda\"", "url": "https://schema.cloudformation.ap-southeast-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"9a6fdea18b718f461429100bbe7c0629\"", "url": "https://schema.cloudformation.ap-southeast-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json b/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json index 21edc339eb..405d326ee4 100644 --- a/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/b1f069477cd577cde04dfe1b323c0bb0e783fe32b6bb6b13774c32fcca1d303a.meta.json @@ -1 +1 @@ -{"etag": "\"32c73a70fccaa874203ff2eb8914a077\"", "url": "https://schema.cloudformation.ap-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"4973206a2b5eaee26c9fe927ed89797d\"", "url": "https://schema.cloudformation.ap-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json b/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json index 5cb476ac80..fa77146a98 100644 --- a/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/c7ada205073390b33b7593ef8f304b9705f2567698dfdfa979bf0ccdb68cb856.meta.json @@ -1 +1 @@ -{"etag": "\"ffccd5671a87d141834e154742dae609\"", "url": "https://schema.cloudformation.sa-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"ea60a8e0bde333c74c307cc76a58e3fc\"", "url": "https://schema.cloudformation.sa-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json b/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json index 7b3dea361a..3c17b6d692 100644 --- a/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d24ce9a45a014b1ff04d479422ea956e92030ae5c03d7451980a15735e557edb.meta.json @@ -1 +1 @@ -{"etag": "\"463e5a886dddb06914d469bac109b95d\"", "url": "https://schema.cloudformation.ap-southeast-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"9d88197421df70a9d51a07d253bb6164\"", "url": "https://schema.cloudformation.ap-southeast-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json b/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json index 0f02ea2a61..a739ea691d 100644 --- a/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d85e2e061cacfcffe4902adb1074a04e6bb7f975b606f8db57532faddfcdd8c8.meta.json @@ -1 +1 @@ -{"etag": "\"b6c9ba76f037123fce8547681caf6c02\"", "url": "https://schema.cloudformation.ca-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"1be3a165905a91e25c40bf89840e0f80\"", "url": "https://schema.cloudformation.ca-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json b/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json index e97ecd5e5d..4e238375fc 100644 --- a/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/d8e41d35f4f8922b66525dea2c66d72a73ff097c685cda0a63c08a6416dc58ed.meta.json @@ -1 +1 @@ -{"etag": "\"9767f723613c3d641cbb8690ae37bd53\"", "url": "https://schema.cloudformation.eu-central-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"0030f10442463139f094f4a8a4c68432\"", "url": "https://schema.cloudformation.eu-central-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json b/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json index 2d7195f252..3c818ce05f 100644 --- a/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/dd98171253ebc36f5b78e247f3132b5f25c8d66a1f84939600616bab42579541.meta.json @@ -1 +1 @@ -{"etag": "\"d886ddf5ed68d76eab9d79cec3239472\"", "url": "https://schema.cloudformation.eu-north-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"865e8e73d63484a7f42a3ad9b1f95913\"", "url": "https://schema.cloudformation.eu-north-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json b/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json index 3a83950a0f..efdf3085bf 100644 --- a/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/df4945435575c690a2651bb31e7a9b48972142778e1ff452383ede2ad4bac3d7.meta.json @@ -1 +1 @@ -{"etag": "\"1147baab40516d3a031370d4bc77285e\"", "url": "https://schema.cloudformation.eu-south-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"9d7945ad4d234589ff02c84146bf036e\"", "url": "https://schema.cloudformation.eu-south-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json b/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json index 5d2eef745a..cc689a1cc4 100644 --- a/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/e5301e07e25fa2c35d2c7e1f9dcf720826b315ef6f38515840537c02de23abe2.meta.json @@ -1 +1 @@ -{"etag": "\"1949bdac883ab18547ad1e2d650edd28\"", "url": "https://schema.cloudformation.ca-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"bd10368ed359c887f2c50a629eadc63c\"", "url": "https://schema.cloudformation.ca-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json b/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json index 41f7440a3a..462601a7fb 100644 --- a/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/e8b3dacc1675b478e8c7392b51f41467cf908a34e6b4c3fb3e97e2b584f651ca.meta.json @@ -1 +1 @@ -{"etag": "\"4a0b2550d58f623905a8d24bbff19624\"", "url": "https://schema.cloudformation.eu-west-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"3728dc2a42c0f5614c86f3c4dfdf66d9\"", "url": "https://schema.cloudformation.eu-west-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json b/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json index 8cea828c59..1bb871bedb 100644 --- a/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/ea0f7b8f144feb225afe73a24dfdf993318c41c71c21b0a17d4f68d82c5aee21.meta.json @@ -1 +1 @@ -{"etag": "\"b0fd8e1f3ca585fa159eadb2f2bf2853\"", "url": "https://schema.cloudformation.ap-northeast-3.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"e1eb39c095d1df2a685ff5dd1ab15d75\"", "url": "https://schema.cloudformation.ap-northeast-3.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json b/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json index dbd95e1dc6..fd72b9ddd6 100644 --- a/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f1896c9151984eec294af1eddf64260f6cd7e4ced378cacdb93f76ed227b5c5d.meta.json @@ -1 +1 @@ -{"etag": "\"88bea80c58b26f8df4bc055c49d9c882\"", "url": "https://schema.cloudformation.us-west-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"9982052603126a4f84e891caf1ee08af\"", "url": "https://schema.cloudformation.us-west-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json b/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json index c615442241..92e44d4a18 100644 --- a/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f49718b210ea89ff182ae51cb7004366b9e2e4d5e38136a5be83b6a55e7a82a1.meta.json @@ -1 +1 @@ -{"etag": "\"6003f4951dd1c96e9665789bc27c9f3a\"", "url": "https://schema.cloudformation.ap-south-2.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"12c6b0b1f2eb265ec6636f75649910dd\"", "url": "https://schema.cloudformation.ap-south-2.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json b/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json index 84d990106b..df89694499 100644 --- a/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f54eee6f8ad9619f41835b700369cdbb41c64a9c91b2fa5b4928c0d9b2f780b0.meta.json @@ -1 +1 @@ -{"etag": "\"1b6e43838754f853a2011f6bdbbb9d65\"", "url": "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"cc105db70473719e9b114ad1014e8379\"", "url": "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/f6f35a459759d6c132fa2fe798cefbd5b2d398fe33547eed780b9b70f10eb4a2.meta.json b/src/cfnlint/data/DownloadsMetadata/f6f35a459759d6c132fa2fe798cefbd5b2d398fe33547eed780b9b70f10eb4a2.meta.json index 87dd75f580..95ab6ec984 100644 --- a/src/cfnlint/data/DownloadsMetadata/f6f35a459759d6c132fa2fe798cefbd5b2d398fe33547eed780b9b70f10eb4a2.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/f6f35a459759d6c132fa2fe798cefbd5b2d398fe33547eed780b9b70f10eb4a2.meta.json @@ -1 +1 @@ -{"etag": "\"98d51c8c91b0f43c1899379c3adf8de1\"", "url": "https://schema.cloudformation.il-central-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"5a983c153d11efcf45a518e52c38a5ac\"", "url": "https://schema.cloudformation.il-central-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json b/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json index f52ce9d497..3dee749458 100644 --- a/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/fa657351d8e89c40ba6b82c4b1f5e1b5e50a1638ffe0a5dba0d8805c190a05f8.meta.json @@ -1 +1 @@ -{"etag": "\"328becea04695b57ad9bf56e66193c6a\"", "url": "https://schema.cloudformation.eu-west-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"9197619ed336b1a800f7c1e2fd37f3ee\"", "url": "https://schema.cloudformation.eu-west-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json b/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json index 8ea8670957..490501f941 100644 --- a/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json +++ b/src/cfnlint/data/DownloadsMetadata/ff02b7d808c1c00053f09aa43a50addf3b69878d351cffd417dc9a457df808af.meta.json @@ -1 +1 @@ -{"etag": "\"7aba9bac1f6a83caceaad3b7a055c6e7\"", "url": "https://schema.cloudformation.ap-northeast-1.amazonaws.com/CloudformationSchema.zip"} +{"etag": "\"1cfe4c51a1a82c99662d971184c89546\"", "url": "https://schema.cloudformation.ap-northeast-1.amazonaws.com/CloudformationSchema.zip"} diff --git a/src/cfnlint/data/Serverless/ManagedPolicies.json b/src/cfnlint/data/Serverless/ManagedPolicies.json index 6cc362a27f..48100fb15a 100644 --- a/src/cfnlint/data/Serverless/ManagedPolicies.json +++ b/src/cfnlint/data/Serverless/ManagedPolicies.json @@ -1022,6 +1022,7 @@ "AmazonWorkSpacesSecureBrowserReadOnly": "arn:aws:iam::aws:policy/AmazonWorkSpacesSecureBrowserReadOnly", "AmazonWorkSpacesSelfServiceAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", "AmazonWorkSpacesServiceAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", + "AmazonWorkSpacesThinClientReadOnlyAccess": "arn:aws:iam::aws:policy/AmazonWorkSpacesThinClientReadOnlyAccess", "AmazonWorkSpacesWebReadOnly": "arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly", "AmazonWorkSpacesWebServiceRolePolicy": "arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy", "AmazonWorkspacesPCAAccess": "arn:aws:iam::aws:policy/AmazonWorkspacesPCAAccess", diff --git a/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/engine_version.json b/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/engine_version.json index 3d01e43500..04d6564fb7 100644 --- a/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/engine_version.json +++ b/src/cfnlint/data/schemas/extensions/aws_rds_dbcluster/engine_version.json @@ -55,6 +55,7 @@ "5.7.mysql_aurora.2.11.4", "5.7.mysql_aurora.2.11.4", "5.7.mysql_aurora.2.11.5", + "5.7.mysql_aurora.2.11.6", "5.7.mysql_aurora.2.12.0", "5.7.mysql_aurora.2.12.1", "5.7.mysql_aurora.2.12.2", diff --git a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/engine_version.json b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/engine_version.json index f821fb6564..8b7ed07f86 100644 --- a/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/engine_version.json +++ b/src/cfnlint/data/schemas/extensions/aws_rds_dbinstance/engine_version.json @@ -71,6 +71,7 @@ "5.7.mysql_aurora.2.11.4", "5.7.mysql_aurora.2.11.4", "5.7.mysql_aurora.2.11.5", + "5.7.mysql_aurora.2.11.6", "5.7.mysql_aurora.2.12.0", "5.7.mysql_aurora.2.12.1", "5.7.mysql_aurora.2.12.2", diff --git a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/boto.json b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/boto.json index a119291679..838bb9aa4f 100644 --- a/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/boto.json +++ b/src/cfnlint/data/schemas/patches/extensions/all/aws_ec2_launchtemplate/boto.json @@ -82,6 +82,7 @@ "instance-event-window", "internet-gateway", "ipam", + "ipam-external-resource-verification-token", "ipam-pool", "ipam-resource-discovery", "ipam-resource-discovery-association", diff --git a/src/cfnlint/data/schemas/providers/af_south_1/__init__.py b/src/cfnlint/data/schemas/providers/af_south_1/__init__.py index 277363dbe0..943b078c8d 100644 --- a/src/cfnlint/data/schemas/providers/af_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/af_south_1/__init__.py @@ -1043,7 +1043,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1375,9 +1374,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1504,7 +1501,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-sns-subscription.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-dms-replicationconfig.json similarity index 92% rename from src/cfnlint/data/schemas/providers/ap_northeast_1/aws-dms-replicationconfig.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-dms-replicationconfig.json index 83b9074702..b9379a300f 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-dms-replicationconfig.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-dms-replicationconfig.json @@ -106,7 +106,7 @@ "permissions": [ "dms:ModifyReplicationConfig", "dms:AddTagsToResource", - "dms:RemoveTagsFromResource", + "dms:RemoveTagsToResource", "dms:ListTagsForResource", "iam:CreateServiceLinkedRole", "iam:AttachRolePolicy", @@ -179,22 +179,9 @@ "readOnlyProperties": [ "/properties/ReplicationConfigArn" ], - "required": [ - "ReplicationConfigIdentifier", - "SourceEndpointArn", - "TargetEndpointArn", - "ReplicationType", - "ComputeConfig", - "TableMappings" - ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", "tagging": { "cloudFormationSystemTags": false, - "permissions": [ - "dms:AddTagsToResource", - "dms:ListTagsForResource", - "dms:RemoveTagsFromResource" - ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbcluster.json similarity index 99% rename from src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbcluster.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbcluster.json index 6dee021f39..fc8608c49b 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbcluster.json @@ -151,7 +151,6 @@ }, "delete": { "permissions": [ - "rds:AddTagsToResource", "rds:CreateDBClusterSnapshot", "rds:DeleteDBCluster", "rds:DeleteDBInstance", diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbinstance.json similarity index 99% rename from src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbinstance.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbinstance.json index 94f443dbfb..3263d77fb7 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-rds-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-rds-dbinstance.json @@ -193,7 +193,6 @@ }, "delete": { "permissions": [ - "rds:AddTagsToResource", "rds:CreateDBSnapshot", "rds:DeleteDBInstance", "rds:DescribeDBInstances" diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/af_south_1/aws-shield-protectiongroup.json similarity index 95% rename from src/cfnlint/data/schemas/providers/ap_northeast_1/aws-shield-protectiongroup.json rename to src/cfnlint/data/schemas/providers/af_south_1/aws-shield-protectiongroup.json index 5feda49337..023e531faa 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-shield-protectiongroup.json +++ b/src/cfnlint/data/schemas/providers/af_south_1/aws-shield-protectiongroup.json @@ -129,11 +129,6 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", "tagging": { "cloudFormationSystemTags": false, - "permissions": [ - "shield:ListTagsForResource", - "shield:UntagResource", - "shield:TagResource" - ], "tagProperty": "/properties/Tags", "taggable": true }, diff --git a/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py index e440383beb..ba0e27c2b5 100644 --- a/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_east_1/__init__.py @@ -1006,7 +1006,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1358,9 +1357,7 @@ "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-dms-replicationconfig.json similarity index 92% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-dms-replicationconfig.json rename to src/cfnlint/data/schemas/providers/ap_east_1/aws-dms-replicationconfig.json index 83b9074702..b9379a300f 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-dms-replicationconfig.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-dms-replicationconfig.json @@ -106,7 +106,7 @@ "permissions": [ "dms:ModifyReplicationConfig", "dms:AddTagsToResource", - "dms:RemoveTagsFromResource", + "dms:RemoveTagsToResource", "dms:ListTagsForResource", "iam:CreateServiceLinkedRole", "iam:AttachRolePolicy", @@ -179,22 +179,9 @@ "readOnlyProperties": [ "/properties/ReplicationConfigArn" ], - "required": [ - "ReplicationConfigIdentifier", - "SourceEndpointArn", - "TargetEndpointArn", - "ReplicationType", - "ComputeConfig", - "TableMappings" - ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", "tagging": { "cloudFormationSystemTags": false, - "permissions": [ - "dms:AddTagsToResource", - "dms:ListTagsForResource", - "dms:RemoveTagsFromResource" - ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbcluster.json similarity index 99% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbcluster.json rename to src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbcluster.json index 6dee021f39..fc8608c49b 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbcluster.json @@ -151,7 +151,6 @@ }, "delete": { "permissions": [ - "rds:AddTagsToResource", "rds:CreateDBClusterSnapshot", "rds:DeleteDBCluster", "rds:DeleteDBInstance", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbinstance.json similarity index 99% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbinstance.json rename to src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbinstance.json index 94f443dbfb..3263d77fb7 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-rds-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/ap_east_1/aws-rds-dbinstance.json @@ -193,7 +193,6 @@ }, "delete": { "permissions": [ - "rds:AddTagsToResource", "rds:CreateDBSnapshot", "rds:DeleteDBInstance", "rds:DescribeDBInstances" diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py index 7996392da5..da253ee02f 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/__init__.py @@ -133,9 +133,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1352,9 +1357,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1550,6 +1560,7 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", + "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -2011,10 +2022,8 @@ "aws-mediapackage-originendpoint.json", "aws-mediapackage-packagingconfiguration.json", "aws-mediapackage-packaginggroup.json", - "aws-mediapackagev2-channel.json", "aws-mediapackagev2-channelgroup.json", "aws-mediapackagev2-channelpolicy.json", - "aws-mediapackagev2-originendpoint.json", "aws-mediapackagev2-originendpointpolicy.json", "aws-mediastore-container.json", "aws-mediatailor-channel.json", @@ -2081,6 +2090,7 @@ "aws-opsworks-volume.json", "aws-opsworkscm-server.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -2209,7 +2219,6 @@ "aws-s3objectlambda-accesspoint.json", "aws-s3objectlambda-accesspointpolicy.json", "aws-s3outposts-accesspoint.json", - "aws-s3outposts-bucket.json", "aws-s3outposts-bucketpolicy.json", "aws-s3outposts-endpoint.json", "aws-sagemaker-app.json", @@ -2308,6 +2317,7 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", + "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-sns-subscription.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-channel.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-channel.json new file mode 100644 index 0000000000..f2dd6b06fd --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-channel.json @@ -0,0 +1,164 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/InputType" + ], + "definitions": { + "IngestEndpoint": { + "additionalProperties": false, + "properties": { + "Id": { + "type": "string" + }, + "Url": { + "type": "string" + } + }, + "type": "object" + }, + "InputType": { + "enum": [ + "HLS", + "CMAF" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateChannel" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetChannel", + "mediapackagev2:DeleteChannel" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + } + }, + "required": [ + "ChannelGroupName" + ] + }, + "permissions": [ + "mediapackagev2:ListChannels" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetChannel" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateChannel" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "IngestEndpointUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "IngestEndpoints": { + "items": { + "$ref": "#/definitions/IngestEndpoint" + }, + "type": "array" + }, + "InputType": { + "$ref": "#/definitions/InputType" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/IngestEndpoints", + "/properties/IngestEndpointUrls", + "/properties/ModifiedAt" + ], + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::Channel" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-originendpoint.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-originendpoint.json new file mode 100644 index 0000000000..33c30d1062 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-mediapackagev2-originendpoint.json @@ -0,0 +1,651 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ], + "definitions": { + "AdMarkerDash": { + "enum": [ + "BINARY", + "XML" + ], + "type": "string" + }, + "AdMarkerHls": { + "enum": [ + "DATERANGE" + ], + "type": "string" + }, + "CmafEncryptionMethod": { + "enum": [ + "CENC", + "CBCS" + ], + "type": "string" + }, + "ContainerType": { + "enum": [ + "TS", + "CMAF" + ], + "type": "string" + }, + "DashDrmSignaling": { + "enum": [ + "INDIVIDUAL", + "REFERENCED" + ], + "type": "string" + }, + "DashManifestConfiguration": { + "additionalProperties": false, + "properties": { + "DrmSignaling": { + "$ref": "#/definitions/DashDrmSignaling" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "MinBufferTimeSeconds": { + "type": "integer" + }, + "MinUpdatePeriodSeconds": { + "type": "integer" + }, + "PeriodTriggers": { + "items": { + "$ref": "#/definitions/DashPeriodTrigger" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + }, + "ScteDash": { + "$ref": "#/definitions/ScteDash" + }, + "SegmentTemplateFormat": { + "$ref": "#/definitions/DashSegmentTemplateFormat" + }, + "SuggestedPresentationDelaySeconds": { + "type": "integer" + }, + "UtcTiming": { + "$ref": "#/definitions/DashUtcTiming" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "DashPeriodTrigger": { + "enum": [ + "AVAILS", + "DRM_KEY_ROTATION", + "SOURCE_CHANGES", + "SOURCE_DISRUPTIONS", + "NONE" + ], + "type": "string" + }, + "DashSegmentTemplateFormat": { + "enum": [ + "NUMBER_WITH_TIMELINE" + ], + "type": "string" + }, + "DashUtcTiming": { + "additionalProperties": false, + "properties": { + "TimingMode": { + "$ref": "#/definitions/DashUtcTimingMode" + }, + "TimingSource": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "DashUtcTimingMode": { + "enum": [ + "HTTP_HEAD", + "HTTP_ISO", + "HTTP_XSDATE", + "UTC_DIRECT" + ], + "type": "string" + }, + "DrmSystem": { + "enum": [ + "CLEAR_KEY_AES_128", + "FAIRPLAY", + "PLAYREADY", + "WIDEVINE" + ], + "type": "string" + }, + "Encryption": { + "additionalProperties": false, + "properties": { + "ConstantInitializationVector": { + "maxLength": 32, + "minLength": 32, + "pattern": "^[0-9a-fA-F]+$", + "type": "string" + }, + "EncryptionMethod": { + "$ref": "#/definitions/EncryptionMethod" + }, + "KeyRotationIntervalSeconds": { + "maximum": 31536000, + "minimum": 300, + "type": "integer" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/SpekeKeyProvider" + } + }, + "required": [ + "EncryptionMethod", + "SpekeKeyProvider" + ], + "type": "object" + }, + "EncryptionContractConfiguration": { + "additionalProperties": false, + "properties": { + "PresetSpeke20Audio": { + "$ref": "#/definitions/PresetSpeke20Audio" + }, + "PresetSpeke20Video": { + "$ref": "#/definitions/PresetSpeke20Video" + } + }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], + "type": "object" + }, + "EncryptionMethod": { + "additionalProperties": false, + "properties": { + "CmafEncryptionMethod": { + "$ref": "#/definitions/CmafEncryptionMethod" + }, + "TsEncryptionMethod": { + "$ref": "#/definitions/TsEncryptionMethod" + } + }, + "type": "object" + }, + "EndpointErrorCondition": { + "enum": [ + "STALE_MANIFEST", + "INCOMPLETE_MANIFEST", + "MISSING_DRM_KEY", + "SLATE_INPUT" + ], + "type": "string" + }, + "FilterConfiguration": { + "additionalProperties": false, + "properties": { + "End": { + "format": "date-time", + "type": "string" + }, + "ManifestFilter": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + }, + "Start": { + "format": "date-time", + "type": "string" + }, + "TimeDelaySeconds": { + "maximum": 1209600, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "ForceEndpointErrorConfiguration": { + "additionalProperties": false, + "properties": { + "EndpointErrorConditions": { + "items": { + "$ref": "#/definitions/EndpointErrorCondition" + }, + "type": "array" + } + }, + "type": "object" + }, + "HlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "LowLatencyHlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "PresetSpeke20Audio": { + "enum": [ + "PRESET_AUDIO_1", + "PRESET_AUDIO_2", + "PRESET_AUDIO_3", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "PresetSpeke20Video": { + "enum": [ + "PRESET_VIDEO_1", + "PRESET_VIDEO_2", + "PRESET_VIDEO_3", + "PRESET_VIDEO_4", + "PRESET_VIDEO_5", + "PRESET_VIDEO_6", + "PRESET_VIDEO_7", + "PRESET_VIDEO_8", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "Scte": { + "additionalProperties": false, + "properties": { + "ScteFilter": { + "items": { + "$ref": "#/definitions/ScteFilter" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + } + }, + "type": "object" + }, + "ScteDash": { + "additionalProperties": false, + "properties": { + "AdMarkerDash": { + "$ref": "#/definitions/AdMarkerDash" + } + }, + "type": "object" + }, + "ScteFilter": { + "enum": [ + "SPLICE_INSERT", + "BREAK", + "PROVIDER_ADVERTISEMENT", + "DISTRIBUTOR_ADVERTISEMENT", + "PROVIDER_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_PLACEMENT_OPPORTUNITY", + "PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY", + "PROGRAM" + ], + "type": "string" + }, + "ScteHls": { + "additionalProperties": false, + "properties": { + "AdMarkerHls": { + "$ref": "#/definitions/AdMarkerHls" + } + }, + "type": "object" + }, + "Segment": { + "additionalProperties": false, + "properties": { + "Encryption": { + "$ref": "#/definitions/Encryption" + }, + "IncludeIframeOnlyStreams": { + "type": "boolean" + }, + "Scte": { + "$ref": "#/definitions/Scte" + }, + "SegmentDurationSeconds": { + "maximum": 30, + "minimum": 1, + "type": "integer" + }, + "SegmentName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "TsIncludeDvbSubtitles": { + "type": "boolean" + }, + "TsUseAudioRenditionGroup": { + "type": "boolean" + } + }, + "type": "object" + }, + "SpekeKeyProvider": { + "additionalProperties": false, + "properties": { + "DrmSystems": { + "items": { + "$ref": "#/definitions/DrmSystem" + }, + "maxItems": 4, + "minItems": 1, + "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/EncryptionContractConfiguration" + }, + "ResourceId": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[0-9a-zA-Z_-]+$", + "type": "string" + }, + "RoleArn": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "Url": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "TsEncryptionMethod": { + "enum": [ + "AES_128", + "SAMPLE_AES" + ], + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateOriginEndpoint", + "iam:PassRole" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint", + "mediapackagev2:DeleteOriginEndpoint" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + }, + "ChannelName": { + "$ref": "resource-schema.json#/properties/ChannelName" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ] + }, + "permissions": [ + "mediapackagev2:ListOriginEndpoints" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateOriginEndpoint", + "iam:PassRole" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ContainerType": { + "$ref": "#/definitions/ContainerType" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "DashManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/DashManifestConfiguration" + }, + "type": "array" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/ForceEndpointErrorConfiguration" + }, + "HlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/HlsManifestConfiguration" + }, + "type": "array" + }, + "LowLatencyHlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/LowLatencyHlsManifestConfiguration" + }, + "type": "array" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "OriginEndpointName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/Segment" + }, + "StartoverWindowSeconds": { + "maximum": 1209600, + "minimum": 60, + "type": "integer" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/DashManifestUrls", + "/properties/HlsManifestUrls", + "/properties/LowLatencyHlsManifestUrls", + "/properties/ModifiedAt", + "/properties/LowLatencyHlsManifests/*/Url", + "/properties/HlsManifests/*/Url" + ], + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::OriginEndpoint" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-s3outposts-bucket.json b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-s3outposts-bucket.json new file mode 100644 index 0000000000..973a61ee87 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-s3outposts-bucket.json @@ -0,0 +1,290 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/BucketName", + "/properties/OutpostId" + ], + "definitions": { + "AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "minimum": 0, + "type": "integer" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "FilterAndOperator": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/FilterTag" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Tags" + ], + "type": "object" + } + ] + }, + "FilterPrefix": { + "type": "string" + }, + "FilterTag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "Rule": { + "additionalProperties": false, + "anyOf": [ + { + "required": [ + "Status", + "AbortIncompleteMultipartUpload" + ] + }, + { + "required": [ + "Status", + "ExpirationDate" + ] + }, + { + "required": [ + "Status", + "ExpirationInDays" + ] + } + ], + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "$ref": "#/definitions/iso8601UTC" + }, + "ExpirationInDays": { + "minimum": 1, + "type": "integer" + }, + "Filter": { + "additionalProperties": false, + "oneOf": [ + { + "required": [ + "Prefix" + ] + }, + { + "required": [ + "Tag" + ] + }, + { + "required": [ + "AndOperator" + ] + } + ], + "properties": { + "AndOperator": { + "$ref": "#/definitions/FilterAndOperator" + }, + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tag": { + "$ref": "#/definitions/FilterTag" + } + }, + "type": "object" + }, + "Id": { + "maxLength": 255, + "type": "string" + }, + "Status": { + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^(?!aws:.*)([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "iso8601UTC": { + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "s3-outposts:CreateBucket", + "s3-outposts:PutBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + }, + "delete": { + "permissions": [ + "s3-outposts:DeleteBucket" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "OutpostId": { + "$ref": "resource-schema.json#/properties/OutpostId" + } + }, + "required": [ + "OutpostId" + ] + }, + "permissions": [ + "s3-outposts:ListRegionalBuckets" + ] + }, + "read": { + "permissions": [ + "s3-outposts:GetBucket", + "s3-outposts:GetBucketTagging", + "s3-outposts:GetLifecycleConfiguration" + ] + }, + "update": { + "permissions": [ + "s3-outposts:PutBucketTagging", + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[^:]+:s3-outposts:[a-zA-Z0-9\\-]+:\\d{12}:outpost\\/[^:]+\\/bucket\\/[^:]+$", + "type": "string" + }, + "BucketName": { + "maxLength": 63, + "minLength": 3, + "pattern": "(?=^.{3,63}$)(?!^(\\d+\\.)+\\d+$)(^(([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])\\.)*([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])$)", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/LifecycleConfiguration" + }, + "OutpostId": { + "pattern": "^(op-[a-f0-9]{17}|\\d{12}|ec2)$", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "BucketName", + "OutpostId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3outposts.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutBucketTagging", + "s3-outposts:GetBucketTagging" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::S3Outposts::Bucket" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py index 795fafafcc..4266a2f481 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/__init__.py @@ -1410,7 +1410,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1937,9 +1936,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -2098,7 +2095,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-sns-subscription.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-shield-protectiongroup.json similarity index 95% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-shield-protectiongroup.json rename to src/cfnlint/data/schemas/providers/ap_northeast_2/aws-shield-protectiongroup.json index 5feda49337..023e531faa 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-shield-protectiongroup.json +++ b/src/cfnlint/data/schemas/providers/ap_northeast_2/aws-shield-protectiongroup.json @@ -129,11 +129,6 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", "tagging": { "cloudFormationSystemTags": false, - "permissions": [ - "shield:ListTagsForResource", - "shield:UntagResource", - "shield:TagResource" - ], "tagProperty": "/properties/Tags", "taggable": true }, diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py b/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py index f0f5962888..9ec5c34672 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/__init__.py @@ -1290,9 +1290,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_northeast_3/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py index 13a3009f7b..c1e63a6d9b 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_south_1/__init__.py @@ -131,9 +131,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1245,9 +1250,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1893,6 +1903,7 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1941,9 +1952,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py index d4eecdc54e..0514982a78 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_south_2/__init__.py @@ -540,6 +540,7 @@ "AWS::SSO::Instance", "AWS::SSO::InstanceAccessControlAttributeConfiguration", "AWS::SSO::PermissionSet", + "AWS::SageMaker::MlflowTrackingServer", "AWS::SageMaker::ModelCard", "AWS::Scheduler::Schedule", "AWS::Scheduler::ScheduleGroup", @@ -761,7 +762,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-docdb-dbcluster.json", "aws-docdb-dbinstance.json", "aws-docdb-dbsubnetgroup.json", @@ -1018,9 +1018,7 @@ "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1073,6 +1071,7 @@ "aws-s3-bucketpolicy.json", "aws-s3objectlambda-accesspoint.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-sagemaker-mlflowtrackingserver.json", "aws-sagemaker-modelcard.json", "aws-scheduler-schedule.json", "aws-scheduler-schedulegroup.json", diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_south_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py index 9e5cf9623a..2a853a01ec 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_1/__init__.py @@ -133,9 +133,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1320,9 +1325,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -2023,6 +2033,7 @@ "aws-opsworks-volume.json", "aws-opsworkscm-server.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py index 8043862667..913c1518ae 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/__init__.py @@ -134,9 +134,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1347,9 +1352,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -2064,6 +2074,7 @@ "aws-opsworks-volume.json", "aws-opsworkscm-server.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -2120,9 +2131,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py index 0fbb899196..b25555ab1d 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/__init__.py @@ -858,7 +858,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -1131,7 +1130,6 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1151,9 +1149,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1277,7 +1273,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-sns-subscription.json", "aws-sns-topic.json", "aws-sns-topicinlinepolicy.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-organizations-organization.json similarity index 96% rename from src/cfnlint/data/schemas/providers/ap_southeast_1/aws-organizations-organization.json rename to src/cfnlint/data/schemas/providers/ap_southeast_3/aws-organizations-organization.json index 844033a13a..6dac437e5b 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_1/aws-organizations-organization.json +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-organizations-organization.json @@ -27,9 +27,7 @@ ] }, "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] + "permissions": [] } }, "primaryIdentifier": [ diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_3/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py b/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py index 77e757984e..55e54245a3 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/__init__.py @@ -760,7 +760,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -1017,9 +1016,7 @@ "aws-pcaconnectorad-templategroupaccesscontrolentry.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ap_southeast_4/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py b/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py index 90945ded9d..475b420b3e 100644 --- a/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ca_central_1/__init__.py @@ -1682,6 +1682,7 @@ "aws-lakeformation-resource.json", "aws-lakeformation-tag.json", "aws-lakeformation-tagassociation.json", + "aws-lambda-alias.json", "aws-lambda-codesigningconfig.json", "aws-lambda-eventinvokeconfig.json", "aws-lambda-eventsourcemapping.json", @@ -1870,9 +1871,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-lambda-alias.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-lambda-alias.json deleted file mode 100644 index 4a291518b6..0000000000 --- a/src/cfnlint/data/schemas/providers/ca_central_1/aws-lambda-alias.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name", - "/properties/FunctionName" - ], - "definitions": { - "AliasRoutingConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalVersionWeights": { - "items": { - "$ref": "#/definitions/VersionWeight" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "AdditionalVersionWeights" - ], - "type": "object" - }, - "ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "type": "integer" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "type": "string" - }, - "FunctionWeight": { - "type": "number" - } - }, - "required": [ - "FunctionVersion", - "FunctionWeight" - ], - "type": "object" - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Description": { - "type": "string" - }, - "FunctionName": { - "type": "string" - }, - "FunctionVersion": { - "type": "string" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/ProvisionedConcurrencyConfiguration" - }, - "RoutingConfig": { - "$ref": "#/definitions/AliasRoutingConfiguration" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "FunctionName", - "FunctionVersion", - "Name" - ], - "typeName": "AWS::Lambda::Alias" -} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_central_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py b/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py index c4500debcd..3e693c53e5 100644 --- a/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/ca_west_1/__init__.py @@ -649,7 +649,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -847,15 +846,12 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -928,7 +924,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-sns-subscription.json", "aws-sns-topic.json", "aws-sns-topicinlinepolicy.json", diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-organizations-organization.json similarity index 96% rename from src/cfnlint/data/schemas/providers/ap_northeast_1/aws-organizations-organization.json rename to src/cfnlint/data/schemas/providers/ca_west_1/aws-organizations-organization.json index 844033a13a..6dac437e5b 100644 --- a/src/cfnlint/data/schemas/providers/ap_northeast_1/aws-organizations-organization.json +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-organizations-organization.json @@ -27,9 +27,7 @@ ] }, "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] + "permissions": [] } }, "primaryIdentifier": [ diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/ca_west_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/ca_west_1/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/ca_west_1/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py b/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py index e28d4022f9..43fd5d5390 100644 --- a/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/cn_north_1/__init__.py @@ -890,7 +890,6 @@ "aws-ec2-ipamresourcediscovery.json", "aws-ec2-ipamresourcediscoveryassociation.json", "aws-ec2-ipamscope.json", - "aws-ec2-keypair.json", "aws-ec2-launchtemplate.json", "aws-ec2-natgateway.json", "aws-ec2-networkacl.json", @@ -951,7 +950,6 @@ "aws-eks-addon.json", "aws-eks-cluster.json", "aws-eks-identityproviderconfig.json", - "aws-eks-nodegroup.json", "aws-eks-podidentityassociation.json", "aws-elasticache-cachecluster.json", "aws-elasticache-parametergroup.json", @@ -1178,6 +1176,7 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-personalize-dataset.json", "aws-personalize-datasetgroup.json", @@ -1194,7 +1193,9 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", + "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", + "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-keypair.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-keypair.json new file mode 100644 index 0000000000..0947fab641 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-ec2-keypair.json @@ -0,0 +1,126 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/KeyPairId" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/KeyName", + "/properties/KeyType", + "/properties/KeyFormat", + "/properties/PublicKeyMaterial", + "/properties/Tags" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "ec2:CreateKeyPair", + "ec2:ImportKeyPair", + "ec2:CreateTags", + "ssm:PutParameter" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteKeyPair", + "ssm:DeleteParameter", + "ec2:DescribeKeyPairs" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeKeyPairs" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeKeyPairs" + ] + } + }, + "primaryIdentifier": [ + "/properties/KeyName" + ], + "properties": { + "KeyFingerprint": { + "type": "string" + }, + "KeyFormat": { + "default": "pem", + "enum": [ + "pem", + "ppk" + ], + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "KeyPairId": { + "type": "string" + }, + "KeyType": { + "default": "rsa", + "enum": [ + "rsa", + "ed25519" + ], + "type": "string" + }, + "PublicKeyMaterial": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "readOnlyProperties": [ + "/properties/KeyPairId", + "/properties/KeyFingerprint" + ], + "required": [ + "KeyName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": false, + "permissions": [ + "ec2:CreateTags" + ], + "tagProperty": "/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::EC2::KeyPair", + "writeOnlyProperties": [ + "/properties/KeyFormat" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-eks-nodegroup.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-eks-nodegroup.json new file mode 100644 index 0000000000..77987deb31 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_north_1/aws-eks-nodegroup.json @@ -0,0 +1,287 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CapacityType", + "/properties/NodegroupName", + "/properties/RemoteAccess", + "/properties/NodeRole", + "/properties/ClusterName", + "/properties/InstanceTypes", + "/properties/DiskSize", + "/properties/AmiType", + "/properties/Subnets" + ], + "definitions": { + "LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "Id": { + "minLength": 1, + "type": "string" + }, + "Name": { + "minLength": 1, + "type": "string" + }, + "Version": { + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "type": "string" + }, + "SourceSecurityGroups": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Ec2SshKey" + ], + "type": "object" + }, + "ScalingConfig": { + "additionalProperties": false, + "properties": { + "DesiredSize": { + "minimum": 0, + "type": "integer" + }, + "MaxSize": { + "minimum": 1, + "type": "integer" + }, + "MinSize": { + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "Taint": { + "additionalProperties": false, + "properties": { + "Effect": { + "minLength": 1, + "type": "string" + }, + "Key": { + "minLength": 1, + "type": "string" + }, + "Value": { + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "UpdateConfig": { + "additionalProperties": false, + "properties": { + "MaxUnavailable": { + "minimum": 1, + "type": "number" + }, + "MaxUnavailablePercentage": { + "maximum": 100, + "minimum": 1, + "type": "number" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "eks:CreateNodegroup", + "eks:DescribeNodegroup", + "eks:TagResource", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "ec2:DescribeSecurityGroups", + "ec2:DescribeKeyPairs", + "ec2:CreateTags", + "ec2:DeleteTags", + "ec2:DescribeRouteTables", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeLaunchTemplateVersions", + "ec2:RunInstances", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:PassRole", + "iam:ListAttachedRolePolicies" + ] + }, + "delete": { + "permissions": [ + "eks:DeleteNodegroup", + "eks:DescribeNodegroup" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ClusterName": { + "$ref": "resource-schema.json#/properties/ClusterName" + } + }, + "required": [ + "ClusterName" + ] + }, + "permissions": [ + "eks:ListNodegroups" + ] + }, + "read": { + "permissions": [ + "eks:DescribeNodegroup" + ] + }, + "update": { + "permissions": [ + "iam:GetRole", + "iam:PassRole", + "eks:DescribeNodegroup", + "eks:DescribeUpdate", + "eks:ListUpdates", + "eks:TagResource", + "eks:UntagResource", + "eks:UpdateNodegroupConfig", + "eks:UpdateNodegroupVersion" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "AmiType": { + "type": "string" + }, + "Arn": { + "type": "string" + }, + "CapacityType": { + "type": "string" + }, + "ClusterName": { + "minLength": 1, + "type": "string" + }, + "DiskSize": { + "type": "integer" + }, + "ForceUpdateEnabled": { + "default": false, + "type": "boolean" + }, + "Id": { + "type": "string" + }, + "InstanceTypes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Labels": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/LaunchTemplateSpecification" + }, + "NodeRole": { + "type": "string" + }, + "NodegroupName": { + "minLength": 1, + "type": "string" + }, + "ReleaseVersion": { + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/ScalingConfig" + }, + "Subnets": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "Taints": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Taint" + }, + "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/UpdateConfig" + }, + "Version": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn" + ], + "required": [ + "ClusterName", + "NodeRole", + "Subnets" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "eks:TagResource", + "eks:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::EKS::Nodegroup", + "writeOnlyProperties": [ + "/properties/ForceUpdateEnabled" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_north_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/cn_north_1/aws-organizations-organization.json deleted file mode 100644 index 844033a13a..0000000000 --- a/src/cfnlint/data/schemas/providers/cn_north_1/aws-organizations-organization.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "handlers": { - "create": { - "permissions": [ - "organizations:CreateOrganization", - "organizations:DescribeOrganization", - "iam:CreateServiceLinkedRole", - "organizations:ListRoots" - ] - }, - "delete": { - "permissions": [ - "organizations:DeleteOrganization", - "organizations:DescribeOrganization" - ] - }, - "list": { - "permissions": [ - "organizations:DescribeOrganization" - ] - }, - "read": { - "permissions": [ - "organizations:DescribeOrganization", - "organizations:ListRoots" - ] - }, - "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Arn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", - "type": "string" - }, - "FeatureSet": { - "default": "ALL", - "enum": [ - "ALL", - "CONSOLIDATED_BILLING" - ], - "type": "string" - }, - "Id": { - "pattern": "^o-[a-z0-9]{10,32}$", - "type": "string" - }, - "ManagementAccountArn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", - "type": "string" - }, - "ManagementAccountEmail": { - "maxLength": 64, - "minLength": 6, - "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", - "type": "string" - }, - "ManagementAccountId": { - "pattern": "^\\d{12}$", - "type": "string" - }, - "RootId": { - "maxLength": 64, - "pattern": "^r-[0-9a-z]{4,32}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id", - "/properties/Arn", - "/properties/ManagementAccountArn", - "/properties/ManagementAccountId", - "/properties/ManagementAccountEmail", - "/properties/RootId" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", - "tagging": { - "taggable": false - }, - "typeName": "AWS::Organizations::Organization" -} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py b/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py index b56d46d7b3..93e1bff21d 100644 --- a/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/__init__.py @@ -1095,14 +1095,11 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-organizations-organization.json similarity index 96% rename from src/cfnlint/data/schemas/providers/ap_southeast_2/aws-organizations-organization.json rename to src/cfnlint/data/schemas/providers/cn_northwest_1/aws-organizations-organization.json index 844033a13a..6dac437e5b 100644 --- a/src/cfnlint/data/schemas/providers/ap_southeast_2/aws-organizations-organization.json +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-organizations-organization.json @@ -27,9 +27,7 @@ ] }, "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] + "permissions": [] } }, "primaryIdentifier": [ diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/cn_northwest_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py index 745ff4404e..291776f396 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_central_1/__init__.py @@ -1369,9 +1369,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1567,6 +1572,7 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", + "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1664,7 +1670,6 @@ "aws-ec2-vpcpeeringconnection.json", "aws-ec2-vpnconnectionroute.json", "aws-ec2-vpngateway.json", - "aws-ec2-vpngatewayroutepropagation.json", "aws-ecr-pullthroughcacherule.json", "aws-ecr-registrypolicy.json", "aws-ecr-replicationconfiguration.json", @@ -1684,7 +1689,6 @@ "aws-eks-addon.json", "aws-eks-fargateprofile.json", "aws-eks-identityproviderconfig.json", - "aws-eks-nodegroup.json", "aws-eks-podidentityassociation.json", "aws-elasticache-cachecluster.json", "aws-elasticache-globalreplicationgroup.json", @@ -2020,10 +2024,8 @@ "aws-mediapackage-originendpoint.json", "aws-mediapackage-packagingconfiguration.json", "aws-mediapackage-packaginggroup.json", - "aws-mediapackagev2-channel.json", "aws-mediapackagev2-channelgroup.json", "aws-mediapackagev2-channelpolicy.json", - "aws-mediapackagev2-originendpoint.json", "aws-mediapackagev2-originendpointpolicy.json", "aws-mediastore-container.json", "aws-mediatailor-channel.json", @@ -2096,6 +2098,7 @@ "aws-opsworks-volume.json", "aws-opsworkscm-server.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -2149,7 +2152,9 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", + "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", + "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -2229,7 +2234,6 @@ "aws-s3objectlambda-accesspoint.json", "aws-s3objectlambda-accesspointpolicy.json", "aws-s3outposts-accesspoint.json", - "aws-s3outposts-bucket.json", "aws-s3outposts-bucketpolicy.json", "aws-s3outposts-endpoint.json", "aws-sagemaker-app.json", @@ -2327,6 +2331,7 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", + "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-simspaceweaver-simulation.json", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-vpngatewayroutepropagation.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-vpngatewayroutepropagation.json new file mode 100644 index 0000000000..95e415765e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-ec2-vpngatewayroutepropagation.json @@ -0,0 +1,57 @@ +{ + "additionalProperties": false, + "handlers": { + "create": { + "permissions": [ + "ec2:EnableVgwRoutePropagation", + "ec2:DescribeRouteTables" + ] + }, + "delete": { + "permissions": [ + "ec2:DisableVgwRoutePropagation", + "ec2:DescribeRouteTables" + ] + }, + "update": { + "permissions": [ + "ec2:EnableVgwRoutePropagation", + "ec2:DescribeRouteTables" + ] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Id": { + "type": "string" + }, + "RouteTableIds": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "VpnGatewayId": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id" + ], + "required": [ + "RouteTableIds", + "VpnGatewayId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": false, + "tagUpdatable": false, + "taggable": false + }, + "typeName": "AWS::EC2::VPNGatewayRoutePropagation" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-eks-nodegroup.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-eks-nodegroup.json new file mode 100644 index 0000000000..77987deb31 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-eks-nodegroup.json @@ -0,0 +1,287 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CapacityType", + "/properties/NodegroupName", + "/properties/RemoteAccess", + "/properties/NodeRole", + "/properties/ClusterName", + "/properties/InstanceTypes", + "/properties/DiskSize", + "/properties/AmiType", + "/properties/Subnets" + ], + "definitions": { + "LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "Id": { + "minLength": 1, + "type": "string" + }, + "Name": { + "minLength": 1, + "type": "string" + }, + "Version": { + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "type": "string" + }, + "SourceSecurityGroups": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Ec2SshKey" + ], + "type": "object" + }, + "ScalingConfig": { + "additionalProperties": false, + "properties": { + "DesiredSize": { + "minimum": 0, + "type": "integer" + }, + "MaxSize": { + "minimum": 1, + "type": "integer" + }, + "MinSize": { + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "Taint": { + "additionalProperties": false, + "properties": { + "Effect": { + "minLength": 1, + "type": "string" + }, + "Key": { + "minLength": 1, + "type": "string" + }, + "Value": { + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "UpdateConfig": { + "additionalProperties": false, + "properties": { + "MaxUnavailable": { + "minimum": 1, + "type": "number" + }, + "MaxUnavailablePercentage": { + "maximum": 100, + "minimum": 1, + "type": "number" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "eks:CreateNodegroup", + "eks:DescribeNodegroup", + "eks:TagResource", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "ec2:DescribeSecurityGroups", + "ec2:DescribeKeyPairs", + "ec2:CreateTags", + "ec2:DeleteTags", + "ec2:DescribeRouteTables", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeLaunchTemplateVersions", + "ec2:RunInstances", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:PassRole", + "iam:ListAttachedRolePolicies" + ] + }, + "delete": { + "permissions": [ + "eks:DeleteNodegroup", + "eks:DescribeNodegroup" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ClusterName": { + "$ref": "resource-schema.json#/properties/ClusterName" + } + }, + "required": [ + "ClusterName" + ] + }, + "permissions": [ + "eks:ListNodegroups" + ] + }, + "read": { + "permissions": [ + "eks:DescribeNodegroup" + ] + }, + "update": { + "permissions": [ + "iam:GetRole", + "iam:PassRole", + "eks:DescribeNodegroup", + "eks:DescribeUpdate", + "eks:ListUpdates", + "eks:TagResource", + "eks:UntagResource", + "eks:UpdateNodegroupConfig", + "eks:UpdateNodegroupVersion" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "AmiType": { + "type": "string" + }, + "Arn": { + "type": "string" + }, + "CapacityType": { + "type": "string" + }, + "ClusterName": { + "minLength": 1, + "type": "string" + }, + "DiskSize": { + "type": "integer" + }, + "ForceUpdateEnabled": { + "default": false, + "type": "boolean" + }, + "Id": { + "type": "string" + }, + "InstanceTypes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Labels": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/LaunchTemplateSpecification" + }, + "NodeRole": { + "type": "string" + }, + "NodegroupName": { + "minLength": 1, + "type": "string" + }, + "ReleaseVersion": { + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/ScalingConfig" + }, + "Subnets": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "Taints": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Taint" + }, + "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/UpdateConfig" + }, + "Version": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn" + ], + "required": [ + "ClusterName", + "NodeRole", + "Subnets" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "eks:TagResource", + "eks:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::EKS::Nodegroup", + "writeOnlyProperties": [ + "/properties/ForceUpdateEnabled" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-channel.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-channel.json new file mode 100644 index 0000000000..f2dd6b06fd --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-channel.json @@ -0,0 +1,164 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/InputType" + ], + "definitions": { + "IngestEndpoint": { + "additionalProperties": false, + "properties": { + "Id": { + "type": "string" + }, + "Url": { + "type": "string" + } + }, + "type": "object" + }, + "InputType": { + "enum": [ + "HLS", + "CMAF" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateChannel" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetChannel", + "mediapackagev2:DeleteChannel" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + } + }, + "required": [ + "ChannelGroupName" + ] + }, + "permissions": [ + "mediapackagev2:ListChannels" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetChannel" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateChannel" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "IngestEndpointUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "IngestEndpoints": { + "items": { + "$ref": "#/definitions/IngestEndpoint" + }, + "type": "array" + }, + "InputType": { + "$ref": "#/definitions/InputType" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/IngestEndpoints", + "/properties/IngestEndpointUrls", + "/properties/ModifiedAt" + ], + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::Channel" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-originendpoint.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-originendpoint.json new file mode 100644 index 0000000000..33c30d1062 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-mediapackagev2-originendpoint.json @@ -0,0 +1,651 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ], + "definitions": { + "AdMarkerDash": { + "enum": [ + "BINARY", + "XML" + ], + "type": "string" + }, + "AdMarkerHls": { + "enum": [ + "DATERANGE" + ], + "type": "string" + }, + "CmafEncryptionMethod": { + "enum": [ + "CENC", + "CBCS" + ], + "type": "string" + }, + "ContainerType": { + "enum": [ + "TS", + "CMAF" + ], + "type": "string" + }, + "DashDrmSignaling": { + "enum": [ + "INDIVIDUAL", + "REFERENCED" + ], + "type": "string" + }, + "DashManifestConfiguration": { + "additionalProperties": false, + "properties": { + "DrmSignaling": { + "$ref": "#/definitions/DashDrmSignaling" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "MinBufferTimeSeconds": { + "type": "integer" + }, + "MinUpdatePeriodSeconds": { + "type": "integer" + }, + "PeriodTriggers": { + "items": { + "$ref": "#/definitions/DashPeriodTrigger" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + }, + "ScteDash": { + "$ref": "#/definitions/ScteDash" + }, + "SegmentTemplateFormat": { + "$ref": "#/definitions/DashSegmentTemplateFormat" + }, + "SuggestedPresentationDelaySeconds": { + "type": "integer" + }, + "UtcTiming": { + "$ref": "#/definitions/DashUtcTiming" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "DashPeriodTrigger": { + "enum": [ + "AVAILS", + "DRM_KEY_ROTATION", + "SOURCE_CHANGES", + "SOURCE_DISRUPTIONS", + "NONE" + ], + "type": "string" + }, + "DashSegmentTemplateFormat": { + "enum": [ + "NUMBER_WITH_TIMELINE" + ], + "type": "string" + }, + "DashUtcTiming": { + "additionalProperties": false, + "properties": { + "TimingMode": { + "$ref": "#/definitions/DashUtcTimingMode" + }, + "TimingSource": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "DashUtcTimingMode": { + "enum": [ + "HTTP_HEAD", + "HTTP_ISO", + "HTTP_XSDATE", + "UTC_DIRECT" + ], + "type": "string" + }, + "DrmSystem": { + "enum": [ + "CLEAR_KEY_AES_128", + "FAIRPLAY", + "PLAYREADY", + "WIDEVINE" + ], + "type": "string" + }, + "Encryption": { + "additionalProperties": false, + "properties": { + "ConstantInitializationVector": { + "maxLength": 32, + "minLength": 32, + "pattern": "^[0-9a-fA-F]+$", + "type": "string" + }, + "EncryptionMethod": { + "$ref": "#/definitions/EncryptionMethod" + }, + "KeyRotationIntervalSeconds": { + "maximum": 31536000, + "minimum": 300, + "type": "integer" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/SpekeKeyProvider" + } + }, + "required": [ + "EncryptionMethod", + "SpekeKeyProvider" + ], + "type": "object" + }, + "EncryptionContractConfiguration": { + "additionalProperties": false, + "properties": { + "PresetSpeke20Audio": { + "$ref": "#/definitions/PresetSpeke20Audio" + }, + "PresetSpeke20Video": { + "$ref": "#/definitions/PresetSpeke20Video" + } + }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], + "type": "object" + }, + "EncryptionMethod": { + "additionalProperties": false, + "properties": { + "CmafEncryptionMethod": { + "$ref": "#/definitions/CmafEncryptionMethod" + }, + "TsEncryptionMethod": { + "$ref": "#/definitions/TsEncryptionMethod" + } + }, + "type": "object" + }, + "EndpointErrorCondition": { + "enum": [ + "STALE_MANIFEST", + "INCOMPLETE_MANIFEST", + "MISSING_DRM_KEY", + "SLATE_INPUT" + ], + "type": "string" + }, + "FilterConfiguration": { + "additionalProperties": false, + "properties": { + "End": { + "format": "date-time", + "type": "string" + }, + "ManifestFilter": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + }, + "Start": { + "format": "date-time", + "type": "string" + }, + "TimeDelaySeconds": { + "maximum": 1209600, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "ForceEndpointErrorConfiguration": { + "additionalProperties": false, + "properties": { + "EndpointErrorConditions": { + "items": { + "$ref": "#/definitions/EndpointErrorCondition" + }, + "type": "array" + } + }, + "type": "object" + }, + "HlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "LowLatencyHlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "PresetSpeke20Audio": { + "enum": [ + "PRESET_AUDIO_1", + "PRESET_AUDIO_2", + "PRESET_AUDIO_3", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "PresetSpeke20Video": { + "enum": [ + "PRESET_VIDEO_1", + "PRESET_VIDEO_2", + "PRESET_VIDEO_3", + "PRESET_VIDEO_4", + "PRESET_VIDEO_5", + "PRESET_VIDEO_6", + "PRESET_VIDEO_7", + "PRESET_VIDEO_8", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "Scte": { + "additionalProperties": false, + "properties": { + "ScteFilter": { + "items": { + "$ref": "#/definitions/ScteFilter" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + } + }, + "type": "object" + }, + "ScteDash": { + "additionalProperties": false, + "properties": { + "AdMarkerDash": { + "$ref": "#/definitions/AdMarkerDash" + } + }, + "type": "object" + }, + "ScteFilter": { + "enum": [ + "SPLICE_INSERT", + "BREAK", + "PROVIDER_ADVERTISEMENT", + "DISTRIBUTOR_ADVERTISEMENT", + "PROVIDER_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_PLACEMENT_OPPORTUNITY", + "PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY", + "PROGRAM" + ], + "type": "string" + }, + "ScteHls": { + "additionalProperties": false, + "properties": { + "AdMarkerHls": { + "$ref": "#/definitions/AdMarkerHls" + } + }, + "type": "object" + }, + "Segment": { + "additionalProperties": false, + "properties": { + "Encryption": { + "$ref": "#/definitions/Encryption" + }, + "IncludeIframeOnlyStreams": { + "type": "boolean" + }, + "Scte": { + "$ref": "#/definitions/Scte" + }, + "SegmentDurationSeconds": { + "maximum": 30, + "minimum": 1, + "type": "integer" + }, + "SegmentName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "TsIncludeDvbSubtitles": { + "type": "boolean" + }, + "TsUseAudioRenditionGroup": { + "type": "boolean" + } + }, + "type": "object" + }, + "SpekeKeyProvider": { + "additionalProperties": false, + "properties": { + "DrmSystems": { + "items": { + "$ref": "#/definitions/DrmSystem" + }, + "maxItems": 4, + "minItems": 1, + "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/EncryptionContractConfiguration" + }, + "ResourceId": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[0-9a-zA-Z_-]+$", + "type": "string" + }, + "RoleArn": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "Url": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "TsEncryptionMethod": { + "enum": [ + "AES_128", + "SAMPLE_AES" + ], + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateOriginEndpoint", + "iam:PassRole" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint", + "mediapackagev2:DeleteOriginEndpoint" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + }, + "ChannelName": { + "$ref": "resource-schema.json#/properties/ChannelName" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ] + }, + "permissions": [ + "mediapackagev2:ListOriginEndpoints" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateOriginEndpoint", + "iam:PassRole" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ContainerType": { + "$ref": "#/definitions/ContainerType" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "DashManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/DashManifestConfiguration" + }, + "type": "array" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/ForceEndpointErrorConfiguration" + }, + "HlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/HlsManifestConfiguration" + }, + "type": "array" + }, + "LowLatencyHlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/LowLatencyHlsManifestConfiguration" + }, + "type": "array" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "OriginEndpointName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/Segment" + }, + "StartoverWindowSeconds": { + "maximum": 1209600, + "minimum": 60, + "type": "integer" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/DashManifestUrls", + "/properties/HlsManifestUrls", + "/properties/LowLatencyHlsManifestUrls", + "/properties/ModifiedAt", + "/properties/LowLatencyHlsManifests/*/Url", + "/properties/HlsManifests/*/Url" + ], + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::OriginEndpoint" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-organizations-organization.json deleted file mode 100644 index 844033a13a..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_central_1/aws-organizations-organization.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "handlers": { - "create": { - "permissions": [ - "organizations:CreateOrganization", - "organizations:DescribeOrganization", - "iam:CreateServiceLinkedRole", - "organizations:ListRoots" - ] - }, - "delete": { - "permissions": [ - "organizations:DeleteOrganization", - "organizations:DescribeOrganization" - ] - }, - "list": { - "permissions": [ - "organizations:DescribeOrganization" - ] - }, - "read": { - "permissions": [ - "organizations:DescribeOrganization", - "organizations:ListRoots" - ] - }, - "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Arn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", - "type": "string" - }, - "FeatureSet": { - "default": "ALL", - "enum": [ - "ALL", - "CONSOLIDATED_BILLING" - ], - "type": "string" - }, - "Id": { - "pattern": "^o-[a-z0-9]{10,32}$", - "type": "string" - }, - "ManagementAccountArn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", - "type": "string" - }, - "ManagementAccountEmail": { - "maxLength": 64, - "minLength": 6, - "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", - "type": "string" - }, - "ManagementAccountId": { - "pattern": "^\\d{12}$", - "type": "string" - }, - "RootId": { - "maxLength": 64, - "pattern": "^r-[0-9a-z]{4,32}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id", - "/properties/Arn", - "/properties/ManagementAccountArn", - "/properties/ManagementAccountId", - "/properties/ManagementAccountEmail", - "/properties/RootId" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", - "tagging": { - "taggable": false - }, - "typeName": "AWS::Organizations::Organization" -} diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3outposts-bucket.json b/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3outposts-bucket.json new file mode 100644 index 0000000000..973a61ee87 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_1/aws-s3outposts-bucket.json @@ -0,0 +1,290 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/BucketName", + "/properties/OutpostId" + ], + "definitions": { + "AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "minimum": 0, + "type": "integer" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "FilterAndOperator": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/FilterTag" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Tags" + ], + "type": "object" + } + ] + }, + "FilterPrefix": { + "type": "string" + }, + "FilterTag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "Rule": { + "additionalProperties": false, + "anyOf": [ + { + "required": [ + "Status", + "AbortIncompleteMultipartUpload" + ] + }, + { + "required": [ + "Status", + "ExpirationDate" + ] + }, + { + "required": [ + "Status", + "ExpirationInDays" + ] + } + ], + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "$ref": "#/definitions/iso8601UTC" + }, + "ExpirationInDays": { + "minimum": 1, + "type": "integer" + }, + "Filter": { + "additionalProperties": false, + "oneOf": [ + { + "required": [ + "Prefix" + ] + }, + { + "required": [ + "Tag" + ] + }, + { + "required": [ + "AndOperator" + ] + } + ], + "properties": { + "AndOperator": { + "$ref": "#/definitions/FilterAndOperator" + }, + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tag": { + "$ref": "#/definitions/FilterTag" + } + }, + "type": "object" + }, + "Id": { + "maxLength": 255, + "type": "string" + }, + "Status": { + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^(?!aws:.*)([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "iso8601UTC": { + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "s3-outposts:CreateBucket", + "s3-outposts:PutBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + }, + "delete": { + "permissions": [ + "s3-outposts:DeleteBucket" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "OutpostId": { + "$ref": "resource-schema.json#/properties/OutpostId" + } + }, + "required": [ + "OutpostId" + ] + }, + "permissions": [ + "s3-outposts:ListRegionalBuckets" + ] + }, + "read": { + "permissions": [ + "s3-outposts:GetBucket", + "s3-outposts:GetBucketTagging", + "s3-outposts:GetLifecycleConfiguration" + ] + }, + "update": { + "permissions": [ + "s3-outposts:PutBucketTagging", + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[^:]+:s3-outposts:[a-zA-Z0-9\\-]+:\\d{12}:outpost\\/[^:]+\\/bucket\\/[^:]+$", + "type": "string" + }, + "BucketName": { + "maxLength": 63, + "minLength": 3, + "pattern": "(?=^.{3,63}$)(?!^(\\d+\\.)+\\d+$)(^(([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])\\.)*([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])$)", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/LifecycleConfiguration" + }, + "OutpostId": { + "pattern": "^(op-[a-f0-9]{17}|\\d{12}|ec2)$", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "BucketName", + "OutpostId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3outposts.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutBucketTagging", + "s3-outposts:GetBucketTagging" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::S3Outposts::Bucket" +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py index 3618b47855..b77b25d988 100644 --- a/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_central_2/__init__.py @@ -541,6 +541,7 @@ "AWS::SSO::Instance", "AWS::SSO::InstanceAccessControlAttributeConfiguration", "AWS::SSO::PermissionSet", + "AWS::SageMaker::MlflowTrackingServer", "AWS::SageMaker::ModelCard", "AWS::Scheduler::Schedule", "AWS::Scheduler::ScheduleGroup", @@ -763,7 +764,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -999,7 +999,6 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1019,9 +1018,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1075,6 +1072,7 @@ "aws-s3-bucketpolicy.json", "aws-s3objectlambda-accesspoint.json", "aws-s3objectlambda-accesspointpolicy.json", + "aws-sagemaker-mlflowtrackingserver.json", "aws-sagemaker-modelcard.json", "aws-scheduler-schedule.json", "aws-scheduler-schedulegroup.json", @@ -1113,7 +1111,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-sns-subscription.json", "aws-sns-topic.json", "aws-sns-topicinlinepolicy.json", diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/ap_south_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-organizations-organization.json similarity index 96% rename from src/cfnlint/data/schemas/providers/ap_south_1/aws-organizations-organization.json rename to src/cfnlint/data/schemas/providers/eu_central_2/aws-organizations-organization.json index 844033a13a..6dac437e5b 100644 --- a/src/cfnlint/data/schemas/providers/ap_south_1/aws-organizations-organization.json +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-organizations-organization.json @@ -27,9 +27,7 @@ ] }, "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] + "permissions": [] } }, "primaryIdentifier": [ diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_central_2/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/eu_central_2/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_central_2/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py index e7ddfa732d..95c2c2a089 100644 --- a/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_north_1/__init__.py @@ -1217,7 +1217,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1652,9 +1651,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_north_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py index 4baca81251..2cf69a841d 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_south_1/__init__.py @@ -985,7 +985,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1283,7 +1282,6 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1303,9 +1301,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1432,7 +1428,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-sns-subscription.json", diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-organizations-organization.json new file mode 100644 index 0000000000..6dac437e5b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-organizations-organization.json @@ -0,0 +1,86 @@ +{ + "additionalProperties": false, + "handlers": { + "create": { + "permissions": [ + "organizations:CreateOrganization", + "organizations:DescribeOrganization", + "iam:CreateServiceLinkedRole", + "organizations:ListRoots" + ] + }, + "delete": { + "permissions": [ + "organizations:DeleteOrganization", + "organizations:DescribeOrganization" + ] + }, + "list": { + "permissions": [ + "organizations:DescribeOrganization" + ] + }, + "read": { + "permissions": [ + "organizations:DescribeOrganization", + "organizations:ListRoots" + ] + }, + "update": { + "permissions": [] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Arn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", + "type": "string" + }, + "FeatureSet": { + "default": "ALL", + "enum": [ + "ALL", + "CONSOLIDATED_BILLING" + ], + "type": "string" + }, + "Id": { + "pattern": "^o-[a-z0-9]{10,32}$", + "type": "string" + }, + "ManagementAccountArn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", + "type": "string" + }, + "ManagementAccountEmail": { + "maxLength": 64, + "minLength": 6, + "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", + "type": "string" + }, + "ManagementAccountId": { + "pattern": "^\\d{12}$", + "type": "string" + }, + "RootId": { + "maxLength": 64, + "pattern": "^r-[0-9a-z]{4,32}$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/ManagementAccountArn", + "/properties/ManagementAccountId", + "/properties/ManagementAccountEmail", + "/properties/RootId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", + "tagging": { + "taggable": false + }, + "typeName": "AWS::Organizations::Organization" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/eu_south_1/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_1/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py index 0cd11dcf9d..4248133e8a 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_south_2/__init__.py @@ -751,6 +751,7 @@ "aws-config-organizationconfigrule.json", "aws-config-storedquery.json", "aws-controltower-enabledbaseline.json", + "aws-controltower-enabledcontrol.json", "aws-controltower-landingzone.json", "aws-datasync-agent.json", "aws-datasync-locationazureblob.json", @@ -768,7 +769,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -1022,7 +1022,6 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-controltower-enabledcontrol.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-controltower-enabledcontrol.json deleted file mode 100644 index cae81c46bc..0000000000 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-controltower-enabledcontrol.json +++ /dev/null @@ -1,183 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/TargetIdentifier", - "/properties/ControlIdentifier" - ], - "definitions": { - "EnabledControlParameter": { - "additionalProperties": false, - "properties": { - "Key": { - "type": "string" - }, - "Value": { - "insertionOrder": false, - "items": { - "type": [ - "string", - "number", - "object", - "boolean" - ] - }, - "minItems": 1, - "type": [ - "array", - "string", - "number", - "object", - "boolean" - ] - } - }, - "required": [ - "Value", - "Key" - ], - "type": "object" - }, - "Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "maxLength": 128, - "minLength": 1, - "type": "string" - }, - "Value": { - "maxLength": 256, - "minLength": 0, - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - } - }, - "handlers": { - "create": { - "permissions": [ - "controltower:ListEnabledControls", - "controltower:GetEnabledControl", - "controltower:GetControlOperation", - "controltower:EnableControl", - "controltower:TagResource", - "organizations:UpdatePolicy", - "organizations:CreatePolicy", - "organizations:AttachPolicy", - "organizations:DetachPolicy", - "organizations:ListPoliciesForTarget", - "organizations:ListTargetsForPolicy", - "organizations:DescribePolicy" - ], - "timeoutInMinutes": 720 - }, - "delete": { - "permissions": [ - "controltower:GetControlOperation", - "controltower:DisableControl", - "organizations:UpdatePolicy", - "organizations:DeletePolicy", - "organizations:CreatePolicy", - "organizations:AttachPolicy", - "organizations:DetachPolicy", - "organizations:ListPoliciesForTarget", - "organizations:ListTargetsForPolicy", - "organizations:DescribePolicy" - ], - "timeoutInMinutes": 720 - }, - "list": { - "handlerSchema": { - "properties": { - "TargetIdentifier": { - "$ref": "resource-schema.json#/properties/TargetIdentifier" - } - }, - "required": [ - "TargetIdentifier" - ] - }, - "permissions": [ - "controltower:ListEnabledControls" - ] - }, - "read": { - "permissions": [ - "controltower:ListEnabledControls", - "controltower:GetEnabledControl", - "controltower:ListTagsForResource" - ] - }, - "update": { - "permissions": [ - "controltower:ListEnabledControls", - "controltower:GetEnabledControl", - "controltower:GetControlOperation", - "controltower:UpdateEnabledControl", - "controltower:UntagResource", - "controltower:TagResource", - "organizations:UpdatePolicy", - "organizations:CreatePolicy", - "organizations:AttachPolicy", - "organizations:DetachPolicy", - "organizations:ListPoliciesForTarget", - "organizations:ListTargetsForPolicy", - "organizations:DescribePolicy" - ], - "timeoutInMinutes": 720 - } - }, - "primaryIdentifier": [ - "/properties/TargetIdentifier", - "/properties/ControlIdentifier" - ], - "properties": { - "ControlIdentifier": { - "maxLength": 2048, - "minLength": 20, - "pattern": "^arn:aws[0-9a-zA-Z_\\-:\\/]+$", - "type": "string" - }, - "Parameters": { - "insertionOrder": false, - "items": { - "$ref": "#/definitions/EnabledControlParameter" - }, - "minItems": 1, - "type": "array" - }, - "Tags": { - "insertionOrder": false, - "items": { - "$ref": "#/definitions/Tag" - }, - "maxItems": 50, - "minItems": 1, - "type": "array" - }, - "TargetIdentifier": { - "maxLength": 2048, - "minLength": 20, - "pattern": "^arn:aws[0-9a-zA-Z_\\-:\\/]+$", - "type": "string" - } - }, - "required": [ - "TargetIdentifier", - "ControlIdentifier" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-controltower", - "tagging": { - "cloudFormationSystemTags": true, - "tagOnCreate": true, - "tagProperty": "/properties/Tags", - "tagUpdatable": true, - "taggable": true - }, - "typeName": "AWS::ControlTower::EnabledControl" -} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbcluster.json index 3355402afa..fc8608c49b 100644 --- a/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbcluster.json @@ -444,6 +444,17 @@ "/properties/StorageThroughput" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, "typeName": "AWS::RDS::DBCluster", "writeOnlyProperties": [ "/properties/DBInstanceParameterGroupName", diff --git a/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_south_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py index 8b2b33fde2..31d86fccce 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_1/__init__.py @@ -130,9 +130,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1339,9 +1344,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1965,7 +1975,6 @@ "aws-mediaconnect-bridgesource.json", "aws-mediaconnect-flow.json", "aws-mediaconnect-flowentitlement.json", - "aws-mediaconnect-flowoutput.json", "aws-mediaconnect-flowsource.json", "aws-mediaconnect-flowvpcinterface.json", "aws-mediaconnect-gateway.json", @@ -2116,9 +2125,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -2401,8 +2408,6 @@ "aws-workspacesweb-truststore.json", "aws-workspacesweb-useraccessloggingsettings.json", "aws-workspacesweb-usersettings.json", - "aws-xray-group.json", "aws-xray-resourcepolicy.json", - "aws-xray-samplingrule.json", "module.json", ] diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-mediaconnect-flowoutput.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-mediaconnect-flowoutput.json new file mode 100644 index 0000000000..eca21c2b4a --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-mediaconnect-flowoutput.json @@ -0,0 +1,248 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/Name" + ], + "definitions": { + "DestinationConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationIp": { + "type": "string" + }, + "DestinationPort": { + "type": "integer" + }, + "Interface": { + "$ref": "#/definitions/Interface" + } + }, + "required": [ + "DestinationIp", + "DestinationPort", + "Interface" + ], + "type": "object" + }, + "EncodingParameters": { + "additionalProperties": false, + "properties": { + "CompressionFactor": { + "type": "number" + }, + "EncoderProfile": { + "enum": [ + "main", + "high" + ], + "type": "string" + } + }, + "required": [ + "CompressionFactor" + ], + "type": "object" + }, + "Encryption": { + "additionalProperties": false, + "properties": { + "Algorithm": { + "enum": [ + "aes128", + "aes192", + "aes256" + ], + "type": "string" + }, + "KeyType": { + "default": "static-key", + "enum": [ + "static-key", + "srt-password" + ], + "type": "string" + }, + "RoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "RoleArn", + "SecretArn" + ], + "type": "object" + }, + "Interface": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "MediaStreamOutputConfiguration": { + "additionalProperties": false, + "properties": { + "DestinationConfigurations": { + "items": { + "$ref": "#/definitions/DestinationConfiguration" + }, + "type": "array" + }, + "EncodingName": { + "enum": [ + "jxsv", + "raw", + "smpte291", + "pcm" + ], + "type": "string" + }, + "EncodingParameters": { + "$ref": "#/definitions/EncodingParameters" + }, + "MediaStreamName": { + "type": "string" + } + }, + "required": [ + "EncodingName", + "MediaStreamName" + ], + "type": "object" + }, + "VpcInterfaceAttachment": { + "additionalProperties": false, + "properties": { + "VpcInterfaceName": { + "type": "string" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:PassRole", + "mediaconnect:AddFlowOutputs" + ] + }, + "delete": { + "permissions": [ + "mediaconnect:DescribeFlow", + "mediaconnect:RemoveFlowOutput" + ] + }, + "list": { + "permissions": [ + "mediaconnect:DescribeFlow" + ] + }, + "read": { + "permissions": [ + "mediaconnect:DescribeFlow" + ] + }, + "update": { + "permissions": [ + "mediaconnect:DescribeFlow", + "mediaconnect:UpdateFlowOutput" + ] + } + }, + "primaryIdentifier": [ + "/properties/OutputArn" + ], + "properties": { + "CidrAllowList": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Description": { + "type": "string" + }, + "Destination": { + "type": "string" + }, + "Encryption": { + "$ref": "#/definitions/Encryption" + }, + "FlowArn": { + "type": "string" + }, + "MaxLatency": { + "type": "integer" + }, + "MediaStreamOutputConfigurations": { + "items": { + "$ref": "#/definitions/MediaStreamOutputConfiguration" + }, + "type": "array" + }, + "MinLatency": { + "type": "integer" + }, + "Name": { + "type": "string" + }, + "OutputArn": { + "type": "string" + }, + "OutputStatus": { + "enum": [ + "ENABLED", + "DISABLED" + ], + "type": "string" + }, + "Port": { + "type": "integer" + }, + "Protocol": { + "enum": [ + "zixi-push", + "rtp-fec", + "rtp", + "zixi-pull", + "rist", + "fujitsu-qos", + "srt-listener", + "srt-caller", + "st2110-jpegxs", + "cdi" + ], + "type": "string" + }, + "RemoteId": { + "type": "string" + }, + "SmoothingLatency": { + "type": "integer" + }, + "StreamId": { + "type": "string" + }, + "VpcInterfaceAttachment": { + "$ref": "#/definitions/VpcInterfaceAttachment" + } + }, + "readOnlyProperties": [ + "/properties/OutputArn" + ], + "required": [ + "FlowArn", + "Protocol" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediaconnect.git", + "typeName": "AWS::MediaConnect::FlowOutput" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-group.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-group.json new file mode 100644 index 0000000000..bbb33a124e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-group.json @@ -0,0 +1,112 @@ +{ + "additionalProperties": false, + "definitions": { + "InsightsConfiguration": { + "additionalProperties": false, + "properties": { + "InsightsEnabled": { + "type": "boolean" + }, + "NotificationsEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "handlers": { + "create": { + "permissions": [ + "xray:CreateGroup", + "xray:TagResource" + ] + }, + "delete": { + "permissions": [ + "xray:DeleteGroup" + ] + }, + "list": { + "permissions": [ + "xray:GetGroups", + "xray:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "xray:GetGroup", + "xray:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "xray:UpdateGroup", + "xray:TagResource", + "xray:UntagResource", + "xray:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/GroupARN" + ], + "properties": { + "FilterExpression": { + "type": "string" + }, + "GroupARN": { + "maxLength": 400, + "minLength": 1, + "type": "string" + }, + "GroupName": { + "maxLength": 32, + "minLength": 1, + "type": "string" + }, + "InsightsConfiguration": { + "$ref": "#/definitions/InsightsConfiguration" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/GroupARN" + ], + "required": [ + "GroupName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::XRay::Group" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-samplingrule.json b/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-samplingrule.json new file mode 100644 index 0000000000..e225d39670 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_1/aws-xray-samplingrule.json @@ -0,0 +1,262 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/SamplingRule/Version" + ], + "definitions": { + "RuleARN": { + "type": "string" + }, + "RuleName": { + "maxLength": 32, + "minLength": 1, + "type": "string" + }, + "SamplingRule": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$comment": "String to string map", + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "FixedRate": { + "maximum": 1, + "minimum": 0, + "type": "number" + }, + "HTTPMethod": { + "maxLength": 10, + "type": "string" + }, + "Host": { + "maxLength": 64, + "type": "string" + }, + "Priority": { + "maximum": 9999, + "minimum": 1, + "type": "integer" + }, + "ReservoirSize": { + "minimum": 0, + "type": "integer" + }, + "ResourceARN": { + "maxLength": 500, + "type": "string" + }, + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "ServiceName": { + "maxLength": 64, + "type": "string" + }, + "ServiceType": { + "maxLength": 64, + "type": "string" + }, + "URLPath": { + "maxLength": 128, + "type": "string" + }, + "Version": { + "minimum": 1, + "type": "integer" + } + }, + "required": [ + "FixedRate", + "Host", + "HTTPMethod", + "Priority", + "ReservoirSize", + "ResourceARN", + "ServiceName", + "ServiceType", + "URLPath" + ], + "type": "object" + }, + "SamplingRuleRecord": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "type": "string" + }, + "ModifiedAt": { + "type": "string" + }, + "SamplingRule": { + "$ref": "#/definitions/SamplingRule" + } + }, + "type": "object" + }, + "SamplingRuleUpdate": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$comment": "String to string map", + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "FixedRate": { + "maximum": 1, + "minimum": 0, + "type": "number" + }, + "HTTPMethod": { + "maxLength": 10, + "type": "string" + }, + "Host": { + "maxLength": 64, + "type": "string" + }, + "Priority": { + "maximum": 9999, + "minimum": 1, + "type": "integer" + }, + "ReservoirSize": { + "minimum": 0, + "type": "integer" + }, + "ResourceARN": { + "maxLength": 500, + "type": "string" + }, + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "ServiceName": { + "maxLength": 64, + "type": "string" + }, + "ServiceType": { + "maxLength": 64, + "type": "string" + }, + "URLPath": { + "maxLength": 128, + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "deprecatedProperties": [ + "/properties/RuleName", + "/properties/SamplingRuleRecord", + "/properties/SamplingRuleUpdate" + ], + "handlers": { + "create": { + "permissions": [ + "xray:CreateSamplingRule", + "xray:TagResource" + ] + }, + "delete": { + "permissions": [ + "xray:DeleteSamplingRule" + ] + }, + "list": { + "permissions": [ + "xray:GetSamplingRules", + "xray:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "xray:GetSamplingRules", + "xray:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "xray:UpdateSamplingRule", + "xray:TagResource", + "xray:UntagResource", + "xray:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/RuleARN" + ], + "properties": { + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "SamplingRule": { + "$ref": "#/definitions/SamplingRule" + }, + "SamplingRuleRecord": { + "$ref": "#/definitions/SamplingRuleRecord" + }, + "SamplingRuleUpdate": { + "$ref": "#/definitions/SamplingRuleUpdate" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/RuleARN" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::XRay::SamplingRule" +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py index a3185b5b62..7b0b58a1ad 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_2/__init__.py @@ -1961,9 +1961,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py b/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py index 4c1ae2cb4c..3f9549170d 100644 --- a/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py +++ b/src/cfnlint/data/schemas/providers/eu_west_3/__init__.py @@ -115,9 +115,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1054,9 +1059,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1603,9 +1613,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/eu_west_3/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/il_central_1/__init__.py b/src/cfnlint/data/schemas/providers/il_central_1/__init__.py index 9405479927..e08cfc692b 100644 --- a/src/cfnlint/data/schemas/providers/il_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/il_central_1/__init__.py @@ -571,6 +571,7 @@ "AWS::SageMaker::FeatureGroup", "AWS::SageMaker::Image", "AWS::SageMaker::ImageVersion", + "AWS::SageMaker::MlflowTrackingServer", "AWS::SageMaker::ModelCard", "AWS::SageMaker::ModelPackage", "AWS::SageMaker::ModelPackageGroup", @@ -803,7 +804,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dynamodb-globaltable.json", "aws-dynamodb-table.json", "aws-ec2-capacityreservation.json", @@ -1045,15 +1045,12 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1116,6 +1113,7 @@ "aws-sagemaker-featuregroup.json", "aws-sagemaker-image.json", "aws-sagemaker-imageversion.json", + "aws-sagemaker-mlflowtrackingserver.json", "aws-sagemaker-modelcard.json", "aws-sagemaker-modelpackage.json", "aws-sagemaker-modelpackagegroup.json", @@ -1164,7 +1162,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-sns-subscription.json", "aws-sns-topic.json", "aws-sns-topicinlinepolicy.json", diff --git a/src/cfnlint/data/schemas/providers/il_central_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/il_central_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/il_central_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/il_central_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/il_central_1/aws-organizations-organization.json new file mode 100644 index 0000000000..6dac437e5b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/il_central_1/aws-organizations-organization.json @@ -0,0 +1,86 @@ +{ + "additionalProperties": false, + "handlers": { + "create": { + "permissions": [ + "organizations:CreateOrganization", + "organizations:DescribeOrganization", + "iam:CreateServiceLinkedRole", + "organizations:ListRoots" + ] + }, + "delete": { + "permissions": [ + "organizations:DeleteOrganization", + "organizations:DescribeOrganization" + ] + }, + "list": { + "permissions": [ + "organizations:DescribeOrganization" + ] + }, + "read": { + "permissions": [ + "organizations:DescribeOrganization", + "organizations:ListRoots" + ] + }, + "update": { + "permissions": [] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Arn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", + "type": "string" + }, + "FeatureSet": { + "default": "ALL", + "enum": [ + "ALL", + "CONSOLIDATED_BILLING" + ], + "type": "string" + }, + "Id": { + "pattern": "^o-[a-z0-9]{10,32}$", + "type": "string" + }, + "ManagementAccountArn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", + "type": "string" + }, + "ManagementAccountEmail": { + "maxLength": 64, + "minLength": 6, + "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", + "type": "string" + }, + "ManagementAccountId": { + "pattern": "^\\d{12}$", + "type": "string" + }, + "RootId": { + "maxLength": 64, + "pattern": "^r-[0-9a-z]{4,32}$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/ManagementAccountArn", + "/properties/ManagementAccountId", + "/properties/ManagementAccountEmail", + "/properties/RootId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", + "tagging": { + "taggable": false + }, + "typeName": "AWS::Organizations::Organization" +} diff --git a/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/il_central_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/il_central_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/il_central_1/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/il_central_1/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/__init__.py b/src/cfnlint/data/schemas/providers/me_central_1/__init__.py index 37b90fe799..674e9a35c4 100644 --- a/src/cfnlint/data/schemas/providers/me_central_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/me_central_1/__init__.py @@ -800,7 +800,6 @@ "aws-dms-dataprovider.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-docdb-dbcluster.json", "aws-docdb-dbinstance.json", "aws-docdb-dbsubnetgroup.json", @@ -1103,9 +1102,7 @@ "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_central_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/__init__.py b/src/cfnlint/data/schemas/providers/me_south_1/__init__.py index 9ec836e0e2..6ee0dd1fbe 100644 --- a/src/cfnlint/data/schemas/providers/me_south_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/me_south_1/__init__.py @@ -993,7 +993,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1336,9 +1335,7 @@ "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1472,7 +1469,6 @@ "aws-shield-drtaccess.json", "aws-shield-proactiveengagement.json", "aws-shield-protection.json", - "aws-shield-protectiongroup.json", "aws-signer-profilepermission.json", "aws-signer-signingprofile.json", "aws-sns-subscription.json", diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/me_south_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/me_south_1/aws-shield-protectiongroup.json new file mode 100644 index 0000000000..023e531faa --- /dev/null +++ b/src/cfnlint/data/schemas/providers/me_south_1/aws-shield-protectiongroup.json @@ -0,0 +1,136 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ProtectionGroupId" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "shield:CreateProtectionGroup", + "shield:TagResource" + ] + }, + "delete": { + "permissions": [ + "shield:DeleteProtectionGroup", + "shield:UntagResource" + ] + }, + "list": { + "permissions": [ + "shield:ListProtectionGroups" + ] + }, + "read": { + "permissions": [ + "shield:DescribeProtectionGroup", + "shield:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "shield:UpdateProtectionGroup", + "shield:ListTagsForResource", + "shield:TagResource", + "shield:UntagResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/ProtectionGroupArn" + ], + "properties": { + "Aggregation": { + "enum": [ + "SUM", + "MEAN", + "MAX" + ], + "type": "string" + }, + "Members": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "maxItems": 10000, + "type": "array" + }, + "Pattern": { + "enum": [ + "ALL", + "ARBITRARY", + "BY_RESOURCE_TYPE" + ], + "type": "string" + }, + "ProtectionGroupArn": { + "type": "string" + }, + "ProtectionGroupId": { + "maxLength": 36, + "minLength": 1, + "pattern": "[a-zA-Z0-9\\-]*", + "type": "string" + }, + "ResourceType": { + "enum": [ + "CLOUDFRONT_DISTRIBUTION", + "ROUTE_53_HOSTED_ZONE", + "ELASTIC_IP_ALLOCATION", + "CLASSIC_LOAD_BALANCER", + "APPLICATION_LOAD_BALANCER", + "GLOBAL_ACCELERATOR" + ], + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/ProtectionGroupArn" + ], + "replacementStrategy": "delete_then_create", + "required": [ + "Aggregation", + "Pattern", + "ProtectionGroupId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", + "tagging": { + "cloudFormationSystemTags": false, + "tagProperty": "/properties/Tags", + "taggable": true + }, + "typeName": "AWS::Shield::ProtectionGroup" +} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py b/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py index 3fc1db8f32..3058ab341a 100644 --- a/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/sa_east_1/__init__.py @@ -1639,6 +1639,7 @@ "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1659,9 +1660,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-organizations-organization.json deleted file mode 100644 index 844033a13a..0000000000 --- a/src/cfnlint/data/schemas/providers/sa_east_1/aws-organizations-organization.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "handlers": { - "create": { - "permissions": [ - "organizations:CreateOrganization", - "organizations:DescribeOrganization", - "iam:CreateServiceLinkedRole", - "organizations:ListRoots" - ] - }, - "delete": { - "permissions": [ - "organizations:DeleteOrganization", - "organizations:DescribeOrganization" - ] - }, - "list": { - "permissions": [ - "organizations:DescribeOrganization" - ] - }, - "read": { - "permissions": [ - "organizations:DescribeOrganization", - "organizations:ListRoots" - ] - }, - "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Arn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", - "type": "string" - }, - "FeatureSet": { - "default": "ALL", - "enum": [ - "ALL", - "CONSOLIDATED_BILLING" - ], - "type": "string" - }, - "Id": { - "pattern": "^o-[a-z0-9]{10,32}$", - "type": "string" - }, - "ManagementAccountArn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", - "type": "string" - }, - "ManagementAccountEmail": { - "maxLength": 64, - "minLength": 6, - "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", - "type": "string" - }, - "ManagementAccountId": { - "pattern": "^\\d{12}$", - "type": "string" - }, - "RootId": { - "maxLength": 64, - "pattern": "^r-[0-9a-z]{4,32}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id", - "/properties/Arn", - "/properties/ManagementAccountArn", - "/properties/ManagementAccountId", - "/properties/ManagementAccountEmail", - "/properties/RootId" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", - "tagging": { - "taggable": false - }, - "typeName": "AWS::Organizations::Organization" -} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/sa_east_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_east_1/__init__.py b/src/cfnlint/data/schemas/providers/us_east_1/__init__.py index 27eec82ef8..abbfd5b85a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_east_1/__init__.py @@ -139,9 +139,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::BillingConductor::BillingGroup", "AWS::BillingConductor::CustomLineItem", "AWS::BillingConductor::PricingPlan", diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flow.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flow.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flow.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flow.json diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flowalias.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flowalias.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flowalias.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flowalias.json diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flowversion.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flowversion.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-flowversion.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-flowversion.json diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-prompt.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-prompt.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-prompt.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-prompt.json diff --git a/src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-promptversion.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-promptversion.json similarity index 100% rename from src/cfnlint/data/schemas/providers/eu_central_1/aws-bedrock-promptversion.json rename to src/cfnlint/data/schemas/providers/us_east_1/aws-bedrock-promptversion.json diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationconfig.json index b9379a300f..83b9074702 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationconfig.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-dms-replicationconfig.json @@ -106,7 +106,7 @@ "permissions": [ "dms:ModifyReplicationConfig", "dms:AddTagsToResource", - "dms:RemoveTagsToResource", + "dms:RemoveTagsFromResource", "dms:ListTagsForResource", "iam:CreateServiceLinkedRole", "iam:AttachRolePolicy", @@ -179,9 +179,22 @@ "readOnlyProperties": [ "/properties/ReplicationConfigArn" ], + "required": [ + "ReplicationConfigIdentifier", + "SourceEndpointArn", + "TargetEndpointArn", + "ReplicationType", + "ComputeConfig", + "TableMappings" + ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "dms:RemoveTagsFromResource" + ], "tagOnCreate": true, "tagProperty": "/properties/Tags", "tagUpdatable": true, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json index ff143459f7..8308f887d3 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-ec2-launchtemplate.json @@ -879,6 +879,7 @@ "instance-event-window", "internet-gateway", "ipam", + "ipam-external-resource-verification-token", "ipam-pool", "ipam-resource-discovery", "ipam-resource-discovery-association", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-entityresolution-idmappingworkflow.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-entityresolution-idmappingworkflow.json index e53f4199bb..ff69890959 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-entityresolution-idmappingworkflow.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-entityresolution-idmappingworkflow.json @@ -162,7 +162,7 @@ "type": "object" }, "ProviderServiceArn": { - "pattern": "^arn:(aws|aws-us-gov|aws-cn):entityresolution:([A-Za-z0-9]+(-[A-Za-z0-9]+)+)::providerservice/[A-Za-z0-9]+/[A-Za-z0-9]+$", + "pattern": "^arn:(aws|aws-us-gov|aws-cn):(entityresolution):([a-z]{2}-[a-z]{1,10}-[0-9])::providerservice/([a-zA-Z0-9_-]{1,255})/([a-zA-Z0-9_-]{1,255})$", "type": "string" } }, diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-organizations-organization.json index 6dac437e5b..844033a13a 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-organizations-organization.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-organizations-organization.json @@ -27,7 +27,9 @@ ] }, "update": { - "permissions": [] + "permissions": [ + "organizations:DescribeOrganization" + ] } }, "primaryIdentifier": [ diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json index fc8608c49b..6dee021f39 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbcluster.json @@ -151,6 +151,7 @@ }, "delete": { "permissions": [ + "rds:AddTagsToResource", "rds:CreateDBClusterSnapshot", "rds:DeleteDBCluster", "rds:DeleteDBInstance", diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json index 3263d77fb7..94f443dbfb 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-rds-dbinstance.json @@ -193,6 +193,7 @@ }, "delete": { "permissions": [ + "rds:AddTagsToResource", "rds:CreateDBSnapshot", "rds:DeleteDBInstance", "rds:DescribeDBInstances" diff --git a/src/cfnlint/data/schemas/providers/us_east_1/aws-shield-protectiongroup.json b/src/cfnlint/data/schemas/providers/us_east_1/aws-shield-protectiongroup.json index 023e531faa..5feda49337 100644 --- a/src/cfnlint/data/schemas/providers/us_east_1/aws-shield-protectiongroup.json +++ b/src/cfnlint/data/schemas/providers/us_east_1/aws-shield-protectiongroup.json @@ -129,6 +129,11 @@ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git", "tagging": { "cloudFormationSystemTags": false, + "permissions": [ + "shield:ListTagsForResource", + "shield:UntagResource", + "shield:TagResource" + ], "tagProperty": "/properties/Tags", "taggable": true }, diff --git a/src/cfnlint/data/schemas/providers/us_east_2/__init__.py b/src/cfnlint/data/schemas/providers/us_east_2/__init__.py index 12191f4e7f..82aab66a20 100644 --- a/src/cfnlint/data/schemas/providers/us_east_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_east_2/__init__.py @@ -1783,6 +1783,7 @@ "aws-lakeformation-resource.json", "aws-lakeformation-tag.json", "aws-lakeformation-tagassociation.json", + "aws-lambda-alias.json", "aws-lambda-codesigningconfig.json", "aws-lambda-eventinvokeconfig.json", "aws-lambda-eventsourcemapping.json", @@ -1957,9 +1958,7 @@ "aws-ram-permission.json", "aws-ram-resourceshare.json", "aws-rds-customdbengineversion.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-lambda-alias.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-lambda-alias.json deleted file mode 100644 index 4a291518b6..0000000000 --- a/src/cfnlint/data/schemas/providers/us_east_2/aws-lambda-alias.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name", - "/properties/FunctionName" - ], - "definitions": { - "AliasRoutingConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalVersionWeights": { - "items": { - "$ref": "#/definitions/VersionWeight" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "AdditionalVersionWeights" - ], - "type": "object" - }, - "ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "type": "integer" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "type": "string" - }, - "FunctionWeight": { - "type": "number" - } - }, - "required": [ - "FunctionVersion", - "FunctionWeight" - ], - "type": "object" - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Description": { - "type": "string" - }, - "FunctionName": { - "type": "string" - }, - "FunctionVersion": { - "type": "string" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/ProvisionedConcurrencyConfiguration" - }, - "RoutingConfig": { - "$ref": "#/definitions/AliasRoutingConfiguration" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "FunctionName", - "FunctionVersion", - "Name" - ], - "typeName": "AWS::Lambda::Alias" -} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_east_2/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py b/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py index 041a9dabc3..0ad22a6ba2 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/__init__.py @@ -1053,15 +1053,12 @@ "aws-opsworks-stack.json", "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbsecuritygroup.json", "aws-rds-dbsecuritygroupingress.json", diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-organizations-organization.json new file mode 100644 index 0000000000..6dac437e5b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-organizations-organization.json @@ -0,0 +1,86 @@ +{ + "additionalProperties": false, + "handlers": { + "create": { + "permissions": [ + "organizations:CreateOrganization", + "organizations:DescribeOrganization", + "iam:CreateServiceLinkedRole", + "organizations:ListRoots" + ] + }, + "delete": { + "permissions": [ + "organizations:DeleteOrganization", + "organizations:DescribeOrganization" + ] + }, + "list": { + "permissions": [ + "organizations:DescribeOrganization" + ] + }, + "read": { + "permissions": [ + "organizations:DescribeOrganization", + "organizations:ListRoots" + ] + }, + "update": { + "permissions": [] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Arn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", + "type": "string" + }, + "FeatureSet": { + "default": "ALL", + "enum": [ + "ALL", + "CONSOLIDATED_BILLING" + ], + "type": "string" + }, + "Id": { + "pattern": "^o-[a-z0-9]{10,32}$", + "type": "string" + }, + "ManagementAccountArn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", + "type": "string" + }, + "ManagementAccountEmail": { + "maxLength": 64, + "minLength": 6, + "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", + "type": "string" + }, + "ManagementAccountId": { + "pattern": "^\\d{12}$", + "type": "string" + }, + "RootId": { + "maxLength": 64, + "pattern": "^r-[0-9a-z]{4,32}$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/ManagementAccountArn", + "/properties/ManagementAccountId", + "/properties/ManagementAccountEmail", + "/properties/RootId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", + "tagging": { + "taggable": false + }, + "typeName": "AWS::Organizations::Organization" +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_east_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py b/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py index 3ba015ad0d..428729eef4 100644 --- a/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/__init__.py @@ -1245,7 +1245,6 @@ "aws-opsworks-stack.json", "aws-opsworks-userprofile.json", "aws-opsworks-volume.json", - "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -1274,9 +1273,7 @@ "aws-quicksight-vpcconnection.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbsecuritygroup.json", "aws-rds-dbsecuritygroupingress.json", diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-organizations-organization.json new file mode 100644 index 0000000000..6dac437e5b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-organizations-organization.json @@ -0,0 +1,86 @@ +{ + "additionalProperties": false, + "handlers": { + "create": { + "permissions": [ + "organizations:CreateOrganization", + "organizations:DescribeOrganization", + "iam:CreateServiceLinkedRole", + "organizations:ListRoots" + ] + }, + "delete": { + "permissions": [ + "organizations:DeleteOrganization", + "organizations:DescribeOrganization" + ] + }, + "list": { + "permissions": [ + "organizations:DescribeOrganization" + ] + }, + "read": { + "permissions": [ + "organizations:DescribeOrganization", + "organizations:ListRoots" + ] + }, + "update": { + "permissions": [] + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "Arn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", + "type": "string" + }, + "FeatureSet": { + "default": "ALL", + "enum": [ + "ALL", + "CONSOLIDATED_BILLING" + ], + "type": "string" + }, + "Id": { + "pattern": "^o-[a-z0-9]{10,32}$", + "type": "string" + }, + "ManagementAccountArn": { + "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", + "type": "string" + }, + "ManagementAccountEmail": { + "maxLength": 64, + "minLength": 6, + "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", + "type": "string" + }, + "ManagementAccountId": { + "pattern": "^\\d{12}$", + "type": "string" + }, + "RootId": { + "maxLength": 64, + "pattern": "^r-[0-9a-z]{4,32}$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/ManagementAccountArn", + "/properties/ManagementAccountId", + "/properties/ManagementAccountEmail", + "/properties/RootId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", + "tagging": { + "taggable": false + }, + "typeName": "AWS::Organizations::Organization" +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_gov_west_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/__init__.py b/src/cfnlint/data/schemas/providers/us_west_1/__init__.py index 494eb30be3..674b2f780e 100644 --- a/src/cfnlint/data/schemas/providers/us_west_1/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_west_1/__init__.py @@ -1162,7 +1162,6 @@ "aws-dms-eventsubscription.json", "aws-dms-instanceprofile.json", "aws-dms-migrationproject.json", - "aws-dms-replicationconfig.json", "aws-dms-replicationinstance.json", "aws-dms-replicationsubnetgroup.json", "aws-dms-replicationtask.json", @@ -1455,6 +1454,7 @@ "aws-lakeformation-resource.json", "aws-lakeformation-tag.json", "aws-lakeformation-tagassociation.json", + "aws-lambda-alias.json", "aws-lambda-codesigningconfig.json", "aws-lambda-eventinvokeconfig.json", "aws-lambda-eventsourcemapping.json", @@ -1563,9 +1563,7 @@ "aws-pipes-pipe.json", "aws-ram-permission.json", "aws-ram-resourceshare.json", - "aws-rds-dbcluster.json", "aws-rds-dbclusterparametergroup.json", - "aws-rds-dbinstance.json", "aws-rds-dbparametergroup.json", "aws-rds-dbproxy.json", "aws-rds-dbproxyendpoint.json", @@ -1807,8 +1805,6 @@ "aws-wafv2-webacl.json", "aws-wafv2-webaclassociation.json", "aws-workspaces-workspace.json", - "aws-xray-group.json", "aws-xray-resourcepolicy.json", - "aws-xray-samplingrule.json", "module.json", ] diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-dms-replicationconfig.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-dms-replicationconfig.json new file mode 100644 index 0000000000..b9379a300f --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-dms-replicationconfig.json @@ -0,0 +1,191 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ReplicationConfigIdentifier" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ResourceIdentifier" + ], + "definitions": { + "ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "integer" + }, + "MinCapacityUnits": { + "type": "integer" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "dms:CreateReplicationConfig", + "dms:AddTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + }, + "delete": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:DeleteReplicationConfig", + "dms:ListTagsForResource", + "iam:DeleteServiceLinkedRole", + "iam:GetServiceLinkedRoleDeletionStatus" + ] + }, + "list": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "dms:DescribeReplicationConfigs", + "dms:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "dms:ModifyReplicationConfig", + "dms:AddTagsToResource", + "dms:RemoveTagsToResource", + "dms:ListTagsForResource", + "iam:CreateServiceLinkedRole", + "iam:AttachRolePolicy", + "iam:PutRolePolicy", + "iam:UpdateRoleDescription" + ] + } + }, + "primaryIdentifier": [ + "/properties/ReplicationConfigArn" + ], + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "ReplicationType": { + "enum": [ + "full-load", + "full-load-and-cdc", + "cdc" + ], + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "TableMappings": { + "format": "json", + "type": [ + "object", + "string" + ] + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 1, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/ReplicationConfigArn" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-dms", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::DMS::ReplicationConfig" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-lambda-alias.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-lambda-alias.json deleted file mode 100644 index 4a291518b6..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_1/aws-lambda-alias.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "createOnlyProperties": [ - "/properties/Name", - "/properties/FunctionName" - ], - "definitions": { - "AliasRoutingConfiguration": { - "additionalProperties": false, - "properties": { - "AdditionalVersionWeights": { - "items": { - "$ref": "#/definitions/VersionWeight" - }, - "type": "array", - "uniqueItems": true - } - }, - "required": [ - "AdditionalVersionWeights" - ], - "type": "object" - }, - "ProvisionedConcurrencyConfiguration": { - "additionalProperties": false, - "properties": { - "ProvisionedConcurrentExecutions": { - "type": "integer" - } - }, - "required": [ - "ProvisionedConcurrentExecutions" - ], - "type": "object" - }, - "VersionWeight": { - "additionalProperties": false, - "properties": { - "FunctionVersion": { - "type": "string" - }, - "FunctionWeight": { - "type": "number" - } - }, - "required": [ - "FunctionVersion", - "FunctionWeight" - ], - "type": "object" - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Description": { - "type": "string" - }, - "FunctionName": { - "type": "string" - }, - "FunctionVersion": { - "type": "string" - }, - "Id": { - "type": "string" - }, - "Name": { - "type": "string" - }, - "ProvisionedConcurrencyConfig": { - "$ref": "#/definitions/ProvisionedConcurrencyConfiguration" - }, - "RoutingConfig": { - "$ref": "#/definitions/AliasRoutingConfiguration" - } - }, - "readOnlyProperties": [ - "/properties/Id" - ], - "required": [ - "FunctionName", - "FunctionVersion", - "Name" - ], - "typeName": "AWS::Lambda::Alias" -} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbcluster.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbcluster.json new file mode 100644 index 0000000000..fc8608c49b --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbcluster.json @@ -0,0 +1,469 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/Engine", + "/properties/GlobalClusterIdentifier", + "/properties/MasterUsername" + ], + "createOnlyProperties": [ + "/properties/AvailabilityZones", + "/properties/DBClusterIdentifier", + "/properties/DBSubnetGroupName", + "/properties/DBSystemId", + "/properties/DatabaseName", + "/properties/EngineMode", + "/properties/KmsKeyId", + "/properties/PubliclyAccessible", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/UseLatestRestorableTime" + ], + "definitions": { + "DBClusterRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ReadEndpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + } + }, + "type": "object" + }, + "ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "AutoPause": { + "type": "boolean" + }, + "MaxCapacity": { + "type": "integer" + }, + "MinCapacity": { + "type": "integer" + }, + "SecondsBeforeTimeout": { + "type": "integer" + }, + "SecondsUntilAutoPause": { + "type": "integer" + }, + "TimeoutAction": { + "type": "string" + } + }, + "type": "object" + }, + "ServerlessV2ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxCapacity": { + "type": "number" + }, + "MinCapacity": { + "type": "number" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "iam:CreateServiceLinkedRole", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:CreateDBCluster", + "rds:CreateDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:RestoreDBClusterFromSnapshot", + "rds:RestoreDBClusterToPointInTime", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBClusterSnapshot", + "rds:DeleteDBCluster", + "rds:DeleteDBInstance", + "rds:DescribeDBClusters", + "rds:DescribeGlobalClusters", + "rds:RemoveFromGlobalCluster" + ] + }, + "list": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "read": { + "permissions": [ + "rds:DescribeDBClusters" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeSecurityGroups", + "iam:PassRole", + "rds:AddRoleToDBCluster", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBSubnetGroups", + "rds:DescribeEvents", + "rds:DescribeGlobalClusters", + "rds:DisableHttpEndpoint", + "rds:EnableHttpEndpoint", + "rds:ModifyDBCluster", + "rds:ModifyDBInstance", + "rds:RemoveFromGlobalCluster", + "rds:RemoveRoleFromDBCluster", + "rds:RemoveTagsFromResource", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBClusterIdentifier" + ], + "properties": { + "AllocatedStorage": { + "type": "integer" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBClusterRole" + }, + "type": "array", + "uniqueItems": true + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AvailabilityZones": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "BacktrackWindow": { + "minimum": 0, + "type": "integer" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 1, + "type": "integer" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "DBClusterArn": { + "type": "string" + }, + "DBClusterIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBClusterInstanceClass": { + "type": "string" + }, + "DBClusterParameterGroupName": { + "default": "default.aurora5.6", + "type": "string" + }, + "DBClusterResourceId": { + "type": "string" + }, + "DBInstanceParameterGroupName": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DatabaseName": { + "type": "string" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "EnableGlobalWriteForwarding": { + "type": "boolean" + }, + "EnableHttpEndpoint": { + "type": "boolean" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnableLocalWriteForwarding": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineMode": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "GlobalClusterIdentifier": { + "maxLength": 63, + "minLength": 0, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "minLength": 1, + "pattern": "^[a-zA-Z]{1}[a-zA-Z0-9_]*$", + "type": "string" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "PerformanceInsightsEnabled": { + "type": "boolean" + }, + "PerformanceInsightsKmsKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "type": "integer" + }, + "Port": { + "type": "integer" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReadEndpoint": { + "$ref": "#/definitions/ReadEndpoint" + }, + "ReplicationSourceIdentifier": { + "type": "string" + }, + "RestoreToTime": { + "type": "string" + }, + "RestoreType": { + "default": "full-copy", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/ScalingConfiguration" + }, + "ServerlessV2ScalingConfiguration": { + "$ref": "#/definitions/ServerlessV2ScalingConfiguration" + }, + "SnapshotIdentifier": { + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 50, + "type": "array", + "uniqueItems": true + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)", + "/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/DBClusterArn", + "/properties/DBClusterResourceId", + "/properties/Endpoint", + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/ReadEndpoint/Address", + "/properties/MasterUserSecret/SecretArn", + "/properties/StorageThroughput" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "rds:AddTagsToResource", + "rds:RemoveTagsFromResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::RDS::DBCluster", + "writeOnlyProperties": [ + "/properties/DBInstanceParameterGroupName", + "/properties/MasterUserPassword", + "/properties/RestoreToTime", + "/properties/RestoreType", + "/properties/SnapshotIdentifier", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceRegion", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbinstance.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbinstance.json new file mode 100644 index 0000000000..3263d77fb7 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-rds-dbinstance.json @@ -0,0 +1,620 @@ +{ + "additionalProperties": false, + "conditionalCreateOnlyProperties": [ + "/properties/AutoMinorVersionUpgrade", + "/properties/AvailabilityZone", + "/properties/BackupRetentionPeriod", + "/properties/DBClusterSnapshotIdentifier", + "/properties/DBParameterGroupName", + "/properties/DBSnapshotIdentifier", + "/properties/Engine", + "/properties/MultiAZ", + "/properties/PerformanceInsightsKMSKeyId", + "/properties/PreferredMaintenanceWindow", + "/properties/RestoreTime", + "/properties/SourceDBClusterIdentifier", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/StorageType", + "/properties/UseLatestRestorableTime" + ], + "createOnlyProperties": [ + "/properties/CharacterSetName", + "/properties/CustomIAMInstanceProfile", + "/properties/DBClusterIdentifier", + "/properties/DBInstanceIdentifier", + "/properties/DBName", + "/properties/DBSubnetGroupName", + "/properties/KmsKeyId", + "/properties/MasterUsername", + "/properties/NcharCharacterSetName", + "/properties/Port", + "/properties/SourceRegion", + "/properties/StorageEncrypted", + "/properties/Timezone" + ], + "definitions": { + "CertificateDetails": { + "additionalProperties": false, + "properties": { + "CAIdentifier": { + "type": "string" + }, + "ValidTill": { + "format": "date-time", + "type": "string" + } + }, + "type": "object" + }, + "DBInstanceRole": { + "additionalProperties": false, + "properties": { + "FeatureName": { + "type": "string" + }, + "RoleArn": { + "type": "string" + } + }, + "required": [ + "FeatureName", + "RoleArn" + ], + "type": "object" + }, + "Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "HostedZoneId": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, + "MasterUserSecret": { + "additionalProperties": false, + "properties": { + "KmsKeyId": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "ProcessorFeature": { + "additionalProperties": false, + "properties": { + "Name": { + "enum": [ + "coreCount", + "threadsPerCore" + ], + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key" + ], + "type": "object" + } + }, + "dependencies": { + "KmsKeyId": { + "properties": { + "StorageEncrypted": { + "enum": [ + "true", + "True", + true + ] + } + }, + "required": [ + "StorageEncrypted" + ] + } + }, + "dependentExcluded": { + "SourceDBInstanceIdentifier": [ + "CharacterSetName", + "MasterUserPassword", + "MasterUsername", + "StorageEncrypted" + ] + }, + "deprecatedProperties": [ + "/properties/TdeCredentialArn", + "/properties/TdeCredentialPassword" + ], + "handlers": { + "create": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:CreateDBInstance", + "rds:CreateDBInstanceReadReplica", + "rds:DescribeDBInstances", + "rds:DescribeDBClusters", + "rds:DescribeDBClusterSnapshots", + "rds:DescribeDBInstanceAutomatedBackups", + "rds:DescribeDBSnapshots", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:RebootDBInstance", + "rds:RestoreDBInstanceFromDBSnapshot", + "rds:RestoreDBInstanceToPointInTime", + "rds:StartDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + }, + "delete": { + "permissions": [ + "rds:CreateDBSnapshot", + "rds:DeleteDBInstance", + "rds:DescribeDBInstances" + ], + "timeoutInMinutes": 2160 + }, + "list": { + "permissions": [ + "rds:DescribeDBInstances" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "rds:DescribeDBInstances" + ] + }, + "update": { + "permissions": [ + "ec2:DescribeAccountAttributes", + "ec2:DescribeAvailabilityZones", + "ec2:DescribeInternetGateways", + "ec2:DescribeSecurityGroups", + "ec2:DescribeSubnets", + "ec2:DescribeVpcAttribute", + "ec2:DescribeVpcs", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListRoles", + "iam:PassRole", + "kms:CreateGrant", + "kms:DescribeKey", + "rds:AddRoleToDBInstance", + "rds:AddTagsToResource", + "rds:DescribeDBClusters", + "rds:DescribeDBEngineVersions", + "rds:DescribeDBInstances", + "rds:DescribeDBParameterGroups", + "rds:DescribeEvents", + "rds:ModifyDBInstance", + "rds:PromoteReadReplica", + "rds:RebootDBInstance", + "rds:RemoveRoleFromDBInstance", + "rds:RemoveTagsFromResource", + "rds:StartDBInstanceAutomatedBackupsReplication", + "rds:StopDBInstanceAutomatedBackupsReplication", + "secretsmanager:CreateSecret", + "secretsmanager:TagResource" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/DBInstanceIdentifier" + ], + "properties": { + "AllocatedStorage": { + "pattern": "^[0-9]*$", + "type": "string" + }, + "AllowMajorVersionUpgrade": { + "type": "boolean" + }, + "AssociatedRoles": { + "items": { + "$ref": "#/definitions/DBInstanceRole" + }, + "type": "array" + }, + "AutoMinorVersionUpgrade": { + "type": "boolean" + }, + "AutomaticBackupReplicationKmsKeyId": { + "type": "string" + }, + "AutomaticBackupReplicationRegion": { + "type": "string" + }, + "AvailabilityZone": { + "type": "string" + }, + "BackupRetentionPeriod": { + "default": 1, + "maximum": 35, + "minimum": 0, + "type": "integer" + }, + "CACertificateIdentifier": { + "type": "string" + }, + "CertificateDetails": { + "$ref": "#/definitions/CertificateDetails" + }, + "CertificateRotationRestart": { + "type": "boolean" + }, + "CharacterSetName": { + "type": "string" + }, + "CopyTagsToSnapshot": { + "type": "boolean" + }, + "CustomIAMInstanceProfile": { + "type": "string" + }, + "DBClusterIdentifier": { + "type": "string" + }, + "DBClusterSnapshotIdentifier": { + "type": "string" + }, + "DBInstanceArn": { + "type": "string" + }, + "DBInstanceClass": { + "type": "string" + }, + "DBInstanceIdentifier": { + "maxLength": 63, + "minLength": 1, + "pattern": "^$|^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$", + "type": "string" + }, + "DBName": { + "type": "string" + }, + "DBParameterGroupName": { + "type": "string" + }, + "DBSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + }, + "DBSnapshotIdentifier": { + "type": "string" + }, + "DBSubnetGroupName": { + "type": "string" + }, + "DBSystemId": { + "type": "string" + }, + "DbiResourceId": { + "type": "string" + }, + "DedicatedLogVolume": { + "type": "boolean" + }, + "DeleteAutomatedBackups": { + "type": "boolean" + }, + "DeletionProtection": { + "type": "boolean" + }, + "Domain": { + "type": "string" + }, + "DomainAuthSecretArn": { + "type": "string" + }, + "DomainDnsIps": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DomainFqdn": { + "type": "string" + }, + "DomainIAMRoleName": { + "type": "string" + }, + "DomainOu": { + "type": "string" + }, + "EnableCloudwatchLogsExports": { + "items": { + "type": "string" + }, + "type": "array" + }, + "EnableIAMDatabaseAuthentication": { + "type": "boolean" + }, + "EnablePerformanceInsights": { + "type": "boolean" + }, + "Endpoint": { + "$ref": "#/definitions/Endpoint" + }, + "Engine": { + "type": "string" + }, + "EngineLifecycleSupport": { + "type": "string" + }, + "EngineVersion": { + "type": "string" + }, + "Iops": { + "type": "integer" + }, + "KmsKeyId": { + "type": "string" + }, + "LicenseModel": { + "type": "string" + }, + "ManageMasterUserPassword": { + "type": "boolean" + }, + "MasterUserPassword": { + "type": "string" + }, + "MasterUserSecret": { + "$ref": "#/definitions/MasterUserSecret" + }, + "MasterUsername": { + "maxLength": 128, + "minLength": 1, + "pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$", + "type": "string" + }, + "MaxAllocatedStorage": { + "type": "integer" + }, + "MonitoringInterval": { + "default": 0, + "type": "integer" + }, + "MonitoringRoleArn": { + "type": "string" + }, + "MultiAZ": { + "type": "boolean" + }, + "NcharCharacterSetName": { + "type": "string" + }, + "NetworkType": { + "type": "string" + }, + "OptionGroupName": { + "type": "string" + }, + "PerformanceInsightsKMSKeyId": { + "type": "string" + }, + "PerformanceInsightsRetentionPeriod": { + "enum": [ + 7, + 31, + 62, + 93, + 124, + 155, + 186, + 217, + 248, + 279, + 310, + 341, + 372, + 403, + 434, + 465, + 496, + 527, + 558, + 589, + 620, + 651, + 682, + 713, + 731 + ], + "type": "integer" + }, + "Port": { + "pattern": "^\\d*$", + "type": "string" + }, + "PreferredBackupWindow": { + "type": "string" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ProcessorFeatures": { + "items": { + "$ref": "#/definitions/ProcessorFeature" + }, + "type": "array" + }, + "PromotionTier": { + "default": 1, + "maximum": 15, + "minimum": 0, + "type": "integer" + }, + "PubliclyAccessible": { + "type": "boolean" + }, + "ReplicaMode": { + "type": "string" + }, + "RestoreTime": { + "format": "date-time", + "type": "string" + }, + "SourceDBClusterIdentifier": { + "type": "string" + }, + "SourceDBInstanceAutomatedBackupsArn": { + "type": "string" + }, + "SourceDBInstanceIdentifier": { + "type": "string" + }, + "SourceDbiResourceId": { + "type": "string" + }, + "SourceRegion": { + "type": "string" + }, + "StorageEncrypted": { + "type": "boolean" + }, + "StorageThroughput": { + "type": "integer" + }, + "StorageType": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": false + }, + "TdeCredentialArn": { + "type": "string" + }, + "TdeCredentialPassword": { + "type": "string" + }, + "Timezone": { + "type": "string" + }, + "UseDefaultProcessorFeatures": { + "type": "boolean" + }, + "UseLatestRestorableTime": { + "type": "boolean" + }, + "VPCSecurityGroups": { + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": true + } + }, + "propertyTransform": { + "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)", + "/properties/DBClusterSnapshotIdentifier": "$lowercase(DBClusterSnapshotIdentifier)", + "/properties/DBInstanceIdentifier": "$lowercase(DBInstanceIdentifier)", + "/properties/DBName": "$lowercase(DBName) $OR $uppercase(DBName)", + "/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)", + "/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)", + "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)", + "/properties/Engine": "$lowercase(Engine)", + "/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])", + "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])", + "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])", + "/properties/NetworkType": "$lowercase(NetworkType)", + "/properties/OptionGroupName": "$lowercase(OptionGroupName)", + "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])", + "/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)", + "/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)", + "/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)", + "/properties/StorageType": "$lowercase(StorageType)" + }, + "readOnlyProperties": [ + "/properties/Endpoint/Address", + "/properties/Endpoint/Port", + "/properties/Endpoint/HostedZoneId", + "/properties/DbiResourceId", + "/properties/DBInstanceArn", + "/properties/DBSystemId", + "/properties/MasterUserSecret/SecretArn", + "/properties/CertificateDetails/CAIdentifier", + "/properties/CertificateDetails/ValidTill" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "typeName": "AWS::RDS::DBInstance", + "writeOnlyProperties": [ + "/properties/AllowMajorVersionUpgrade", + "/properties/AutomaticBackupReplicationKmsKeyId", + "/properties/CertificateRotationRestart", + "/properties/DBSnapshotIdentifier", + "/properties/DeleteAutomatedBackups", + "/properties/MasterUserPassword", + "/properties/Port", + "/properties/RestoreTime", + "/properties/SourceDBInstanceAutomatedBackupsArn", + "/properties/SourceDBInstanceIdentifier", + "/properties/SourceDbiResourceId", + "/properties/SourceRegion", + "/properties/TdeCredentialPassword", + "/properties/UseDefaultProcessorFeatures", + "/properties/UseLatestRestorableTime" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-group.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-group.json new file mode 100644 index 0000000000..bbb33a124e --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-group.json @@ -0,0 +1,112 @@ +{ + "additionalProperties": false, + "definitions": { + "InsightsConfiguration": { + "additionalProperties": false, + "properties": { + "InsightsEnabled": { + "type": "boolean" + }, + "NotificationsEnabled": { + "type": "boolean" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "handlers": { + "create": { + "permissions": [ + "xray:CreateGroup", + "xray:TagResource" + ] + }, + "delete": { + "permissions": [ + "xray:DeleteGroup" + ] + }, + "list": { + "permissions": [ + "xray:GetGroups", + "xray:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "xray:GetGroup", + "xray:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "xray:UpdateGroup", + "xray:TagResource", + "xray:UntagResource", + "xray:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/GroupARN" + ], + "properties": { + "FilterExpression": { + "type": "string" + }, + "GroupARN": { + "maxLength": 400, + "minLength": 1, + "type": "string" + }, + "GroupName": { + "maxLength": 32, + "minLength": 1, + "type": "string" + }, + "InsightsConfiguration": { + "$ref": "#/definitions/InsightsConfiguration" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/GroupARN" + ], + "required": [ + "GroupName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::XRay::Group" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-samplingrule.json b/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-samplingrule.json new file mode 100644 index 0000000000..e225d39670 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_1/aws-xray-samplingrule.json @@ -0,0 +1,262 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/SamplingRule/Version" + ], + "definitions": { + "RuleARN": { + "type": "string" + }, + "RuleName": { + "maxLength": 32, + "minLength": 1, + "type": "string" + }, + "SamplingRule": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$comment": "String to string map", + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "FixedRate": { + "maximum": 1, + "minimum": 0, + "type": "number" + }, + "HTTPMethod": { + "maxLength": 10, + "type": "string" + }, + "Host": { + "maxLength": 64, + "type": "string" + }, + "Priority": { + "maximum": 9999, + "minimum": 1, + "type": "integer" + }, + "ReservoirSize": { + "minimum": 0, + "type": "integer" + }, + "ResourceARN": { + "maxLength": 500, + "type": "string" + }, + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "ServiceName": { + "maxLength": 64, + "type": "string" + }, + "ServiceType": { + "maxLength": 64, + "type": "string" + }, + "URLPath": { + "maxLength": 128, + "type": "string" + }, + "Version": { + "minimum": 1, + "type": "integer" + } + }, + "required": [ + "FixedRate", + "Host", + "HTTPMethod", + "Priority", + "ReservoirSize", + "ResourceARN", + "ServiceName", + "ServiceType", + "URLPath" + ], + "type": "object" + }, + "SamplingRuleRecord": { + "additionalProperties": false, + "properties": { + "CreatedAt": { + "type": "string" + }, + "ModifiedAt": { + "type": "string" + }, + "SamplingRule": { + "$ref": "#/definitions/SamplingRule" + } + }, + "type": "object" + }, + "SamplingRuleUpdate": { + "additionalProperties": false, + "properties": { + "Attributes": { + "$comment": "String to string map", + "additionalProperties": false, + "patternProperties": { + ".{1,}": { + "type": "string" + } + }, + "type": "object" + }, + "FixedRate": { + "maximum": 1, + "minimum": 0, + "type": "number" + }, + "HTTPMethod": { + "maxLength": 10, + "type": "string" + }, + "Host": { + "maxLength": 64, + "type": "string" + }, + "Priority": { + "maximum": 9999, + "minimum": 1, + "type": "integer" + }, + "ReservoirSize": { + "minimum": 0, + "type": "integer" + }, + "ResourceARN": { + "maxLength": 500, + "type": "string" + }, + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "ServiceName": { + "maxLength": 64, + "type": "string" + }, + "ServiceType": { + "maxLength": 64, + "type": "string" + }, + "URLPath": { + "maxLength": 128, + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "deprecatedProperties": [ + "/properties/RuleName", + "/properties/SamplingRuleRecord", + "/properties/SamplingRuleUpdate" + ], + "handlers": { + "create": { + "permissions": [ + "xray:CreateSamplingRule", + "xray:TagResource" + ] + }, + "delete": { + "permissions": [ + "xray:DeleteSamplingRule" + ] + }, + "list": { + "permissions": [ + "xray:GetSamplingRules", + "xray:ListTagsForResource" + ] + }, + "read": { + "permissions": [ + "xray:GetSamplingRules", + "xray:ListTagsForResource" + ] + }, + "update": { + "permissions": [ + "xray:UpdateSamplingRule", + "xray:TagResource", + "xray:UntagResource", + "xray:ListTagsForResource" + ] + } + }, + "primaryIdentifier": [ + "/properties/RuleARN" + ], + "properties": { + "RuleARN": { + "$ref": "#/definitions/RuleARN" + }, + "RuleName": { + "$ref": "#/definitions/RuleName" + }, + "SamplingRule": { + "$ref": "#/definitions/SamplingRule" + }, + "SamplingRuleRecord": { + "$ref": "#/definitions/SamplingRuleRecord" + }, + "SamplingRuleUpdate": { + "$ref": "#/definitions/SamplingRuleUpdate" + }, + "Tags": { + "$ref": "#/definitions/Tags" + } + }, + "readOnlyProperties": [ + "/properties/RuleARN" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::XRay::SamplingRule" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/__init__.py b/src/cfnlint/data/schemas/providers/us_west_2/__init__.py index 6d66b9d2d1..c77759b9f2 100644 --- a/src/cfnlint/data/schemas/providers/us_west_2/__init__.py +++ b/src/cfnlint/data/schemas/providers/us_west_2/__init__.py @@ -137,9 +137,14 @@ "AWS::Bedrock::Agent", "AWS::Bedrock::AgentAlias", "AWS::Bedrock::DataSource", + "AWS::Bedrock::Flow", + "AWS::Bedrock::FlowAlias", + "AWS::Bedrock::FlowVersion", "AWS::Bedrock::Guardrail", "AWS::Bedrock::GuardrailVersion", "AWS::Bedrock::KnowledgeBase", + "AWS::Bedrock::Prompt", + "AWS::Bedrock::PromptVersion", "AWS::Budgets::Budget", "AWS::Budgets::BudgetsAction", "AWS::CDK::Metadata", @@ -1412,9 +1417,14 @@ "aws-bedrock-agent.json", "aws-bedrock-agentalias.json", "aws-bedrock-datasource.json", + "aws-bedrock-flow.json", + "aws-bedrock-flowalias.json", + "aws-bedrock-flowversion.json", "aws-bedrock-guardrail.json", "aws-bedrock-guardrailversion.json", "aws-bedrock-knowledgebase.json", + "aws-bedrock-prompt.json", + "aws-bedrock-promptversion.json", "aws-budgets-budget.json", "aws-budgets-budgetsaction.json", "aws-cassandra-keyspace.json", @@ -1651,7 +1661,6 @@ "aws-ec2-ipamresourcediscovery.json", "aws-ec2-ipamresourcediscoveryassociation.json", "aws-ec2-ipamscope.json", - "aws-ec2-keypair.json", "aws-ec2-launchtemplate.json", "aws-ec2-localgatewayroute.json", "aws-ec2-localgatewayroutetable.json", @@ -1733,10 +1742,8 @@ "aws-efs-mounttarget.json", "aws-eks-accessentry.json", "aws-eks-addon.json", - "aws-eks-cluster.json", "aws-eks-fargateprofile.json", "aws-eks-identityproviderconfig.json", - "aws-eks-nodegroup.json", "aws-eks-podidentityassociation.json", "aws-elasticache-cachecluster.json", "aws-elasticache-globalreplicationgroup.json", @@ -2083,10 +2090,8 @@ "aws-mediapackage-originendpoint.json", "aws-mediapackage-packagingconfiguration.json", "aws-mediapackage-packaginggroup.json", - "aws-mediapackagev2-channel.json", "aws-mediapackagev2-channelgroup.json", "aws-mediapackagev2-channelpolicy.json", - "aws-mediapackagev2-originendpoint.json", "aws-mediapackagev2-originendpointpolicy.json", "aws-mediastore-container.json", "aws-mediatailor-channel.json", @@ -2161,6 +2166,7 @@ "aws-opsworks-volume.json", "aws-opsworkscm-server.json", "aws-organizations-account.json", + "aws-organizations-organization.json", "aws-organizations-organizationalunit.json", "aws-organizations-policy.json", "aws-organizations-resourcepolicy.json", @@ -2317,7 +2323,6 @@ "aws-s3objectlambda-accesspoint.json", "aws-s3objectlambda-accesspointpolicy.json", "aws-s3outposts-accesspoint.json", - "aws-s3outposts-bucket.json", "aws-s3outposts-bucketpolicy.json", "aws-s3outposts-endpoint.json", "aws-sagemaker-app.json", @@ -2519,10 +2524,8 @@ "aws-workspacesweb-identityprovider.json", "aws-workspacesweb-ipaccesssettings.json", "aws-workspacesweb-networksettings.json", - "aws-workspacesweb-portal.json", "aws-workspacesweb-truststore.json", "aws-workspacesweb-useraccessloggingsettings.json", - "aws-workspacesweb-usersettings.json", "aws-xray-group.json", "aws-xray-resourcepolicy.json", "aws-xray-samplingrule.json", diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-keypair.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-keypair.json new file mode 100644 index 0000000000..0947fab641 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-ec2-keypair.json @@ -0,0 +1,126 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/KeyPairId" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/KeyName", + "/properties/KeyType", + "/properties/KeyFormat", + "/properties/PublicKeyMaterial", + "/properties/Tags" + ], + "definitions": { + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "ec2:CreateKeyPair", + "ec2:ImportKeyPair", + "ec2:CreateTags", + "ssm:PutParameter" + ] + }, + "delete": { + "permissions": [ + "ec2:DeleteKeyPair", + "ssm:DeleteParameter", + "ec2:DescribeKeyPairs" + ] + }, + "list": { + "permissions": [ + "ec2:DescribeKeyPairs" + ] + }, + "read": { + "permissions": [ + "ec2:DescribeKeyPairs" + ] + } + }, + "primaryIdentifier": [ + "/properties/KeyName" + ], + "properties": { + "KeyFingerprint": { + "type": "string" + }, + "KeyFormat": { + "default": "pem", + "enum": [ + "pem", + "ppk" + ], + "type": "string" + }, + "KeyName": { + "type": "string" + }, + "KeyPairId": { + "type": "string" + }, + "KeyType": { + "default": "rsa", + "enum": [ + "rsa", + "ed25519" + ], + "type": "string" + }, + "PublicKeyMaterial": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "readOnlyProperties": [ + "/properties/KeyPairId", + "/properties/KeyFingerprint" + ], + "required": [ + "KeyName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": false, + "permissions": [ + "ec2:CreateTags" + ], + "tagProperty": "/properties/Tags", + "tagUpdatable": false, + "taggable": true + }, + "typeName": "AWS::EC2::KeyPair", + "writeOnlyProperties": [ + "/properties/KeyFormat" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-cluster.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-cluster.json new file mode 100644 index 0000000000..174109bffd --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-cluster.json @@ -0,0 +1,409 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/OutpostConfig", + "/properties/EncryptionConfig", + "/properties/KubernetesNetworkConfig", + "/properties/AccessConfig/BootstrapClusterCreatorAdminPermissions", + "/properties/Name", + "/properties/RoleArn", + "/properties/BootstrapSelfManagedAddons" + ], + "definitions": { + "AccessConfig": { + "additionalProperties": false, + "properties": { + "AuthenticationMode": { + "enum": [ + "CONFIG_MAP", + "API_AND_CONFIG_MAP", + "API" + ], + "type": "string" + }, + "BootstrapClusterCreatorAdminPermissions": { + "type": "boolean" + } + }, + "type": "object" + }, + "ClusterLogging": { + "additionalProperties": false, + "properties": { + "EnabledTypes": { + "$ref": "#/definitions/EnabledTypes" + } + }, + "type": "object" + }, + "ControlPlanePlacement": { + "additionalProperties": false, + "properties": { + "GroupName": { + "type": "string" + } + }, + "type": "object" + }, + "EnabledTypes": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/LoggingTypeConfig" + }, + "type": "array" + }, + "EncryptionConfig": { + "additionalProperties": false, + "properties": { + "Provider": { + "$ref": "#/definitions/Provider" + }, + "Resources": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "KubernetesNetworkConfig": { + "additionalProperties": false, + "properties": { + "IpFamily": { + "enum": [ + "ipv4", + "ipv6" + ], + "type": "string" + }, + "ServiceIpv4Cidr": { + "type": "string" + }, + "ServiceIpv6Cidr": { + "type": "string" + } + }, + "type": "object" + }, + "Logging": { + "additionalProperties": false, + "properties": { + "ClusterLogging": { + "$ref": "#/definitions/ClusterLogging" + } + }, + "type": "object" + }, + "LoggingTypeConfig": { + "additionalProperties": false, + "properties": { + "Type": { + "enum": [ + "api", + "audit", + "authenticator", + "controllerManager", + "scheduler" + ], + "type": "string" + } + }, + "type": "object" + }, + "OutpostConfig": { + "additionalProperties": false, + "properties": { + "ControlPlaneInstanceType": { + "type": "string" + }, + "ControlPlanePlacement": { + "$ref": "#/definitions/ControlPlanePlacement" + }, + "OutpostArns": { + "insertionOrder": false, + "items": { + "minItems": 1, + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "OutpostArns", + "ControlPlaneInstanceType" + ], + "type": "object" + }, + "Provider": { + "additionalProperties": false, + "properties": { + "KeyArn": { + "type": "string" + } + }, + "type": "object" + }, + "RemoteNodeNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "insertionOrder": false, + "items": { + "minItems": 1, + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "RemoteNodeNetworks": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/RemoteNodeNetwork" + }, + "type": "array" + }, + "RemotePodNetwork": { + "additionalProperties": false, + "properties": { + "Cidrs": { + "insertionOrder": false, + "items": { + "minItems": 1, + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "Cidrs" + ], + "type": "object" + }, + "RemotePodNetworks": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/RemotePodNetwork" + }, + "type": "array" + }, + "ResourcesVpcConfig": { + "additionalProperties": false, + "properties": { + "EndpointPrivateAccess": { + "type": "boolean" + }, + "EndpointPublicAccess": { + "type": "boolean" + }, + "PublicAccessCidrs": { + "insertionOrder": false, + "items": { + "minItems": 1, + "type": "string" + }, + "type": "array" + }, + "SecurityGroupIds": { + "format": "AWS::EC2::SecurityGroup.Ids", + "insertionOrder": false, + "items": { + "format": "AWS::EC2::SecurityGroup.GroupId", + "minItems": 1, + "type": "string" + }, + "type": "array" + }, + "SubnetIds": { + "insertionOrder": false, + "items": { + "minItems": 1, + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "SubnetIds" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "eks:CreateCluster", + "eks:DescribeCluster", + "eks:TagResource", + "iam:PassRole", + "iam:GetRole", + "iam:ListAttachedRolePolicies", + "iam:CreateServiceLinkedRole", + "iam:CreateInstanceProfile", + "iam:TagInstanceProfile", + "iam:AddRoleToInstanceProfile", + "iam:GetInstanceProfile", + "iam:DeleteInstanceProfile", + "iam:RemoveRoleFromInstanceProfile", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "kms:DescribeKey", + "kms:CreateGrant" + ] + }, + "delete": { + "permissions": [ + "eks:DeleteCluster", + "eks:DescribeCluster" + ] + }, + "list": { + "permissions": [ + "eks:ListClusters" + ] + }, + "read": { + "permissions": [ + "eks:DescribeCluster" + ] + }, + "update": { + "permissions": [ + "iam:PassRole", + "eks:UpdateClusterConfig", + "eks:UpdateClusterVersion", + "eks:DescribeCluster", + "eks:DescribeUpdate", + "eks:TagResource", + "eks:UntagResource" + ], + "timeoutInMinutes": 180 + } + }, + "primaryIdentifier": [ + "/properties/Name" + ], + "properties": { + "AccessConfig": { + "$ref": "#/definitions/AccessConfig" + }, + "Arn": { + "type": "string" + }, + "BootstrapSelfManagedAddons": { + "type": "boolean" + }, + "CertificateAuthorityData": { + "type": "string" + }, + "ClusterSecurityGroupId": { + "type": "string" + }, + "EncryptionConfig": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/EncryptionConfig", + "maxItems": 1 + }, + "type": "array" + }, + "EncryptionConfigKeyArn": { + "type": "string" + }, + "Endpoint": { + "type": "string" + }, + "Id": { + "type": "string" + }, + "KubernetesNetworkConfig": { + "$ref": "#/definitions/KubernetesNetworkConfig" + }, + "Logging": { + "$ref": "#/definitions/Logging" + }, + "Name": { + "maxLength": 100, + "minLength": 1, + "pattern": "^[0-9A-Za-z][A-Za-z0-9\\-_]*", + "type": "string" + }, + "OpenIdConnectIssuerUrl": { + "type": "string" + }, + "OutpostConfig": { + "$ref": "#/definitions/OutpostConfig" + }, + "ResourcesVpcConfig": { + "$ref": "#/definitions/ResourcesVpcConfig" + }, + "RoleArn": { + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + }, + "Version": { + "pattern": "1\\.\\d\\d", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn", + "/properties/Endpoint", + "/properties/CertificateAuthorityData", + "/properties/ClusterSecurityGroupId", + "/properties/EncryptionConfigKeyArn", + "/properties/OpenIdConnectIssuerUrl", + "/properties/KubernetesNetworkConfig/ServiceIpv6Cidr" + ], + "required": [ + "RoleArn", + "ResourcesVpcConfig" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-eks.git", + "tagging": { + "cloudFormationSystemTags": true, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::EKS::Cluster", + "writeOnlyProperties": [ + "/properties/AccessConfig/BootstrapClusterCreatorAdminPermissions", + "/properties/BootstrapSelfManagedAddons" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-nodegroup.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-nodegroup.json new file mode 100644 index 0000000000..77987deb31 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-eks-nodegroup.json @@ -0,0 +1,287 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/CapacityType", + "/properties/NodegroupName", + "/properties/RemoteAccess", + "/properties/NodeRole", + "/properties/ClusterName", + "/properties/InstanceTypes", + "/properties/DiskSize", + "/properties/AmiType", + "/properties/Subnets" + ], + "definitions": { + "LaunchTemplateSpecification": { + "additionalProperties": false, + "properties": { + "Id": { + "minLength": 1, + "type": "string" + }, + "Name": { + "minLength": 1, + "type": "string" + }, + "Version": { + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "RemoteAccess": { + "additionalProperties": false, + "properties": { + "Ec2SshKey": { + "type": "string" + }, + "SourceSecurityGroups": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + } + }, + "required": [ + "Ec2SshKey" + ], + "type": "object" + }, + "ScalingConfig": { + "additionalProperties": false, + "properties": { + "DesiredSize": { + "minimum": 0, + "type": "integer" + }, + "MaxSize": { + "minimum": 1, + "type": "integer" + }, + "MinSize": { + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "Taint": { + "additionalProperties": false, + "properties": { + "Effect": { + "minLength": 1, + "type": "string" + }, + "Key": { + "minLength": 1, + "type": "string" + }, + "Value": { + "minLength": 0, + "type": "string" + } + }, + "type": "object" + }, + "UpdateConfig": { + "additionalProperties": false, + "properties": { + "MaxUnavailable": { + "minimum": 1, + "type": "number" + }, + "MaxUnavailablePercentage": { + "maximum": 100, + "minimum": 1, + "type": "number" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "eks:CreateNodegroup", + "eks:DescribeNodegroup", + "eks:TagResource", + "ec2:DescribeSubnets", + "ec2:DescribeVpcs", + "ec2:DescribeSecurityGroups", + "ec2:DescribeKeyPairs", + "ec2:CreateTags", + "ec2:DeleteTags", + "ec2:DescribeRouteTables", + "ec2:DescribeLaunchTemplates", + "ec2:DescribeLaunchTemplateVersions", + "ec2:RunInstances", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:PassRole", + "iam:ListAttachedRolePolicies" + ] + }, + "delete": { + "permissions": [ + "eks:DeleteNodegroup", + "eks:DescribeNodegroup" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ClusterName": { + "$ref": "resource-schema.json#/properties/ClusterName" + } + }, + "required": [ + "ClusterName" + ] + }, + "permissions": [ + "eks:ListNodegroups" + ] + }, + "read": { + "permissions": [ + "eks:DescribeNodegroup" + ] + }, + "update": { + "permissions": [ + "iam:GetRole", + "iam:PassRole", + "eks:DescribeNodegroup", + "eks:DescribeUpdate", + "eks:ListUpdates", + "eks:TagResource", + "eks:UntagResource", + "eks:UpdateNodegroupConfig", + "eks:UpdateNodegroupVersion" + ], + "timeoutInMinutes": 2160 + } + }, + "primaryIdentifier": [ + "/properties/Id" + ], + "properties": { + "AmiType": { + "type": "string" + }, + "Arn": { + "type": "string" + }, + "CapacityType": { + "type": "string" + }, + "ClusterName": { + "minLength": 1, + "type": "string" + }, + "DiskSize": { + "type": "integer" + }, + "ForceUpdateEnabled": { + "default": false, + "type": "boolean" + }, + "Id": { + "type": "string" + }, + "InstanceTypes": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Labels": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "LaunchTemplate": { + "$ref": "#/definitions/LaunchTemplateSpecification" + }, + "NodeRole": { + "type": "string" + }, + "NodegroupName": { + "minLength": 1, + "type": "string" + }, + "ReleaseVersion": { + "type": "string" + }, + "RemoteAccess": { + "$ref": "#/definitions/RemoteAccess" + }, + "ScalingConfig": { + "$ref": "#/definitions/ScalingConfig" + }, + "Subnets": { + "insertionOrder": false, + "items": { + "type": "string" + }, + "type": "array", + "uniqueItems": false + }, + "Tags": { + "additionalProperties": false, + "patternProperties": { + "^.+$": { + "type": "string" + } + }, + "type": "object" + }, + "Taints": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Taint" + }, + "type": "array" + }, + "UpdateConfig": { + "$ref": "#/definitions/UpdateConfig" + }, + "Version": { + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/Id", + "/properties/Arn" + ], + "required": [ + "ClusterName", + "NodeRole", + "Subnets" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "eks:TagResource", + "eks:UntagResource" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::EKS::Nodegroup", + "writeOnlyProperties": [ + "/properties/ForceUpdateEnabled" + ] +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-channel.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-channel.json new file mode 100644 index 0000000000..f2dd6b06fd --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-channel.json @@ -0,0 +1,164 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/InputType" + ], + "definitions": { + "IngestEndpoint": { + "additionalProperties": false, + "properties": { + "Id": { + "type": "string" + }, + "Url": { + "type": "string" + } + }, + "type": "object" + }, + "InputType": { + "enum": [ + "HLS", + "CMAF" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateChannel" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetChannel", + "mediapackagev2:DeleteChannel" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + } + }, + "required": [ + "ChannelGroupName" + ] + }, + "permissions": [ + "mediapackagev2:ListChannels" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetChannel" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateChannel" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "IngestEndpointUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "IngestEndpoints": { + "items": { + "$ref": "#/definitions/IngestEndpoint" + }, + "type": "array" + }, + "InputType": { + "$ref": "#/definitions/InputType" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/IngestEndpoints", + "/properties/IngestEndpointUrls", + "/properties/ModifiedAt" + ], + "required": [ + "ChannelGroupName", + "ChannelName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::Channel" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-originendpoint.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-originendpoint.json new file mode 100644 index 0000000000..33c30d1062 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-mediapackagev2-originendpoint.json @@ -0,0 +1,651 @@ +{ + "additionalIdentifiers": [ + [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ] + ], + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/ChannelGroupName", + "/properties/ChannelName", + "/properties/OriginEndpointName" + ], + "definitions": { + "AdMarkerDash": { + "enum": [ + "BINARY", + "XML" + ], + "type": "string" + }, + "AdMarkerHls": { + "enum": [ + "DATERANGE" + ], + "type": "string" + }, + "CmafEncryptionMethod": { + "enum": [ + "CENC", + "CBCS" + ], + "type": "string" + }, + "ContainerType": { + "enum": [ + "TS", + "CMAF" + ], + "type": "string" + }, + "DashDrmSignaling": { + "enum": [ + "INDIVIDUAL", + "REFERENCED" + ], + "type": "string" + }, + "DashManifestConfiguration": { + "additionalProperties": false, + "properties": { + "DrmSignaling": { + "$ref": "#/definitions/DashDrmSignaling" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "MinBufferTimeSeconds": { + "type": "integer" + }, + "MinUpdatePeriodSeconds": { + "type": "integer" + }, + "PeriodTriggers": { + "items": { + "$ref": "#/definitions/DashPeriodTrigger" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + }, + "ScteDash": { + "$ref": "#/definitions/ScteDash" + }, + "SegmentTemplateFormat": { + "$ref": "#/definitions/DashSegmentTemplateFormat" + }, + "SuggestedPresentationDelaySeconds": { + "type": "integer" + }, + "UtcTiming": { + "$ref": "#/definitions/DashUtcTiming" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "DashPeriodTrigger": { + "enum": [ + "AVAILS", + "DRM_KEY_ROTATION", + "SOURCE_CHANGES", + "SOURCE_DISRUPTIONS", + "NONE" + ], + "type": "string" + }, + "DashSegmentTemplateFormat": { + "enum": [ + "NUMBER_WITH_TIMELINE" + ], + "type": "string" + }, + "DashUtcTiming": { + "additionalProperties": false, + "properties": { + "TimingMode": { + "$ref": "#/definitions/DashUtcTimingMode" + }, + "TimingSource": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "type": "object" + }, + "DashUtcTimingMode": { + "enum": [ + "HTTP_HEAD", + "HTTP_ISO", + "HTTP_XSDATE", + "UTC_DIRECT" + ], + "type": "string" + }, + "DrmSystem": { + "enum": [ + "CLEAR_KEY_AES_128", + "FAIRPLAY", + "PLAYREADY", + "WIDEVINE" + ], + "type": "string" + }, + "Encryption": { + "additionalProperties": false, + "properties": { + "ConstantInitializationVector": { + "maxLength": 32, + "minLength": 32, + "pattern": "^[0-9a-fA-F]+$", + "type": "string" + }, + "EncryptionMethod": { + "$ref": "#/definitions/EncryptionMethod" + }, + "KeyRotationIntervalSeconds": { + "maximum": 31536000, + "minimum": 300, + "type": "integer" + }, + "SpekeKeyProvider": { + "$ref": "#/definitions/SpekeKeyProvider" + } + }, + "required": [ + "EncryptionMethod", + "SpekeKeyProvider" + ], + "type": "object" + }, + "EncryptionContractConfiguration": { + "additionalProperties": false, + "properties": { + "PresetSpeke20Audio": { + "$ref": "#/definitions/PresetSpeke20Audio" + }, + "PresetSpeke20Video": { + "$ref": "#/definitions/PresetSpeke20Video" + } + }, + "required": [ + "PresetSpeke20Audio", + "PresetSpeke20Video" + ], + "type": "object" + }, + "EncryptionMethod": { + "additionalProperties": false, + "properties": { + "CmafEncryptionMethod": { + "$ref": "#/definitions/CmafEncryptionMethod" + }, + "TsEncryptionMethod": { + "$ref": "#/definitions/TsEncryptionMethod" + } + }, + "type": "object" + }, + "EndpointErrorCondition": { + "enum": [ + "STALE_MANIFEST", + "INCOMPLETE_MANIFEST", + "MISSING_DRM_KEY", + "SLATE_INPUT" + ], + "type": "string" + }, + "FilterConfiguration": { + "additionalProperties": false, + "properties": { + "End": { + "format": "date-time", + "type": "string" + }, + "ManifestFilter": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + }, + "Start": { + "format": "date-time", + "type": "string" + }, + "TimeDelaySeconds": { + "maximum": 1209600, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "ForceEndpointErrorConfiguration": { + "additionalProperties": false, + "properties": { + "EndpointErrorConditions": { + "items": { + "$ref": "#/definitions/EndpointErrorCondition" + }, + "type": "array" + } + }, + "type": "object" + }, + "HlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "LowLatencyHlsManifestConfiguration": { + "additionalProperties": false, + "properties": { + "ChildManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "FilterConfiguration": { + "$ref": "#/definitions/FilterConfiguration" + }, + "ManifestName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ManifestWindowSeconds": { + "type": "integer" + }, + "ProgramDateTimeIntervalSeconds": { + "type": "integer" + }, + "ScteHls": { + "$ref": "#/definitions/ScteHls" + }, + "Url": { + "type": "string" + } + }, + "required": [ + "ManifestName" + ], + "type": "object" + }, + "PresetSpeke20Audio": { + "enum": [ + "PRESET_AUDIO_1", + "PRESET_AUDIO_2", + "PRESET_AUDIO_3", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "PresetSpeke20Video": { + "enum": [ + "PRESET_VIDEO_1", + "PRESET_VIDEO_2", + "PRESET_VIDEO_3", + "PRESET_VIDEO_4", + "PRESET_VIDEO_5", + "PRESET_VIDEO_6", + "PRESET_VIDEO_7", + "PRESET_VIDEO_8", + "SHARED", + "UNENCRYPTED" + ], + "type": "string" + }, + "Scte": { + "additionalProperties": false, + "properties": { + "ScteFilter": { + "items": { + "$ref": "#/definitions/ScteFilter" + }, + "maxItems": 100, + "minItems": 0, + "type": "array" + } + }, + "type": "object" + }, + "ScteDash": { + "additionalProperties": false, + "properties": { + "AdMarkerDash": { + "$ref": "#/definitions/AdMarkerDash" + } + }, + "type": "object" + }, + "ScteFilter": { + "enum": [ + "SPLICE_INSERT", + "BREAK", + "PROVIDER_ADVERTISEMENT", + "DISTRIBUTOR_ADVERTISEMENT", + "PROVIDER_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_PLACEMENT_OPPORTUNITY", + "PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY", + "DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY", + "PROGRAM" + ], + "type": "string" + }, + "ScteHls": { + "additionalProperties": false, + "properties": { + "AdMarkerHls": { + "$ref": "#/definitions/AdMarkerHls" + } + }, + "type": "object" + }, + "Segment": { + "additionalProperties": false, + "properties": { + "Encryption": { + "$ref": "#/definitions/Encryption" + }, + "IncludeIframeOnlyStreams": { + "type": "boolean" + }, + "Scte": { + "$ref": "#/definitions/Scte" + }, + "SegmentDurationSeconds": { + "maximum": 30, + "minimum": 1, + "type": "integer" + }, + "SegmentName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "TsIncludeDvbSubtitles": { + "type": "boolean" + }, + "TsUseAudioRenditionGroup": { + "type": "boolean" + } + }, + "type": "object" + }, + "SpekeKeyProvider": { + "additionalProperties": false, + "properties": { + "DrmSystems": { + "items": { + "$ref": "#/definitions/DrmSystem" + }, + "maxItems": 4, + "minItems": 1, + "type": "array" + }, + "EncryptionContractConfiguration": { + "$ref": "#/definitions/EncryptionContractConfiguration" + }, + "ResourceId": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[0-9a-zA-Z_-]+$", + "type": "string" + }, + "RoleArn": { + "maxLength": 2048, + "minLength": 1, + "type": "string" + }, + "Url": { + "maxLength": 1024, + "minLength": 1, + "type": "string" + } + }, + "required": [ + "DrmSystems", + "EncryptionContractConfiguration", + "ResourceId", + "RoleArn", + "Url" + ], + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "type": "string" + }, + "Value": { + "type": "string" + } + }, + "type": "object" + }, + "TsEncryptionMethod": { + "enum": [ + "AES_128", + "SAMPLE_AES" + ], + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:CreateOriginEndpoint", + "iam:PassRole" + ] + }, + "delete": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint", + "mediapackagev2:DeleteOriginEndpoint" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "ChannelGroupName": { + "$ref": "resource-schema.json#/properties/ChannelGroupName" + }, + "ChannelName": { + "$ref": "resource-schema.json#/properties/ChannelName" + } + }, + "required": [ + "ChannelGroupName", + "ChannelName" + ] + }, + "permissions": [ + "mediapackagev2:ListOriginEndpoints" + ] + }, + "read": { + "permissions": [ + "mediapackagev2:GetOriginEndpoint" + ] + }, + "update": { + "permissions": [ + "mediapackagev2:TagResource", + "mediapackagev2:UntagResource", + "mediapackagev2:ListTagsForResource", + "mediapackagev2:UpdateOriginEndpoint", + "iam:PassRole" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "type": "string" + }, + "ChannelGroupName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ChannelName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "ContainerType": { + "$ref": "#/definitions/ContainerType" + }, + "CreatedAt": { + "format": "date-time", + "type": "string" + }, + "DashManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "DashManifests": { + "items": { + "$ref": "#/definitions/DashManifestConfiguration" + }, + "type": "array" + }, + "Description": { + "maxLength": 1024, + "minLength": 0, + "type": "string" + }, + "ForceEndpointErrorConfiguration": { + "$ref": "#/definitions/ForceEndpointErrorConfiguration" + }, + "HlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "HlsManifests": { + "items": { + "$ref": "#/definitions/HlsManifestConfiguration" + }, + "type": "array" + }, + "LowLatencyHlsManifestUrls": { + "items": { + "type": "string" + }, + "type": "array" + }, + "LowLatencyHlsManifests": { + "items": { + "$ref": "#/definitions/LowLatencyHlsManifestConfiguration" + }, + "type": "array" + }, + "ModifiedAt": { + "format": "date-time", + "type": "string" + }, + "OriginEndpointName": { + "maxLength": 256, + "minLength": 1, + "pattern": "^[a-zA-Z0-9_-]+$", + "type": "string" + }, + "Segment": { + "$ref": "#/definitions/Segment" + }, + "StartoverWindowSeconds": { + "maximum": 1209600, + "minimum": 60, + "type": "integer" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "readOnlyProperties": [ + "/properties/Arn", + "/properties/CreatedAt", + "/properties/DashManifestUrls", + "/properties/HlsManifestUrls", + "/properties/LowLatencyHlsManifestUrls", + "/properties/ModifiedAt", + "/properties/LowLatencyHlsManifests/*/Url", + "/properties/HlsManifests/*/Url" + ], + "required": [ + "ChannelGroupName", + "ChannelName", + "OriginEndpointName" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2", + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::MediaPackageV2::OriginEndpoint" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-organizations-organization.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-organizations-organization.json deleted file mode 100644 index 844033a13a..0000000000 --- a/src/cfnlint/data/schemas/providers/us_west_2/aws-organizations-organization.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "additionalProperties": false, - "handlers": { - "create": { - "permissions": [ - "organizations:CreateOrganization", - "organizations:DescribeOrganization", - "iam:CreateServiceLinkedRole", - "organizations:ListRoots" - ] - }, - "delete": { - "permissions": [ - "organizations:DeleteOrganization", - "organizations:DescribeOrganization" - ] - }, - "list": { - "permissions": [ - "organizations:DescribeOrganization" - ] - }, - "read": { - "permissions": [ - "organizations:DescribeOrganization", - "organizations:ListRoots" - ] - }, - "update": { - "permissions": [ - "organizations:DescribeOrganization" - ] - } - }, - "primaryIdentifier": [ - "/properties/Id" - ], - "properties": { - "Arn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}", - "type": "string" - }, - "FeatureSet": { - "default": "ALL", - "enum": [ - "ALL", - "CONSOLIDATED_BILLING" - ], - "type": "string" - }, - "Id": { - "pattern": "^o-[a-z0-9]{10,32}$", - "type": "string" - }, - "ManagementAccountArn": { - "pattern": "^arn:aws.*:organizations::\\d{12}:account\\/o-[a-z0-9]{10,32}\\/\\d{12}", - "type": "string" - }, - "ManagementAccountEmail": { - "maxLength": 64, - "minLength": 6, - "pattern": "[^\\s@]+@[^\\s@]+\\.[^\\s@]+", - "type": "string" - }, - "ManagementAccountId": { - "pattern": "^\\d{12}$", - "type": "string" - }, - "RootId": { - "maxLength": 64, - "pattern": "^r-[0-9a-z]{4,32}$", - "type": "string" - } - }, - "readOnlyProperties": [ - "/properties/Id", - "/properties/Arn", - "/properties/ManagementAccountArn", - "/properties/ManagementAccountId", - "/properties/ManagementAccountEmail", - "/properties/RootId" - ], - "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations.git", - "tagging": { - "taggable": false - }, - "typeName": "AWS::Organizations::Organization" -} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-s3outposts-bucket.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-s3outposts-bucket.json new file mode 100644 index 0000000000..973a61ee87 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-s3outposts-bucket.json @@ -0,0 +1,290 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/BucketName", + "/properties/OutpostId" + ], + "definitions": { + "AbortIncompleteMultipartUpload": { + "additionalProperties": false, + "properties": { + "DaysAfterInitiation": { + "minimum": 0, + "type": "integer" + } + }, + "required": [ + "DaysAfterInitiation" + ], + "type": "object" + }, + "FilterAndOperator": { + "oneOf": [ + { + "additionalProperties": false, + "properties": { + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/FilterTag" + }, + "minItems": 1, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Tags" + ], + "type": "object" + } + ] + }, + "FilterPrefix": { + "type": "string" + }, + "FilterTag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "Rules": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Rule" + }, + "type": "array", + "uniqueItems": true + } + }, + "required": [ + "Rules" + ], + "type": "object" + }, + "Rule": { + "additionalProperties": false, + "anyOf": [ + { + "required": [ + "Status", + "AbortIncompleteMultipartUpload" + ] + }, + { + "required": [ + "Status", + "ExpirationDate" + ] + }, + { + "required": [ + "Status", + "ExpirationInDays" + ] + } + ], + "properties": { + "AbortIncompleteMultipartUpload": { + "$ref": "#/definitions/AbortIncompleteMultipartUpload" + }, + "ExpirationDate": { + "$ref": "#/definitions/iso8601UTC" + }, + "ExpirationInDays": { + "minimum": 1, + "type": "integer" + }, + "Filter": { + "additionalProperties": false, + "oneOf": [ + { + "required": [ + "Prefix" + ] + }, + { + "required": [ + "Tag" + ] + }, + { + "required": [ + "AndOperator" + ] + } + ], + "properties": { + "AndOperator": { + "$ref": "#/definitions/FilterAndOperator" + }, + "Prefix": { + "$ref": "#/definitions/FilterPrefix" + }, + "Tag": { + "$ref": "#/definitions/FilterTag" + } + }, + "type": "object" + }, + "Id": { + "maxLength": 255, + "type": "string" + }, + "Status": { + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^(?!aws:.*)([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + }, + "Value": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:=+\\/\\-@%]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "iso8601UTC": { + "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$", + "type": "string" + } + }, + "handlers": { + "create": { + "permissions": [ + "s3-outposts:CreateBucket", + "s3-outposts:PutBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + }, + "delete": { + "permissions": [ + "s3-outposts:DeleteBucket" + ] + }, + "list": { + "handlerSchema": { + "properties": { + "OutpostId": { + "$ref": "resource-schema.json#/properties/OutpostId" + } + }, + "required": [ + "OutpostId" + ] + }, + "permissions": [ + "s3-outposts:ListRegionalBuckets" + ] + }, + "read": { + "permissions": [ + "s3-outposts:GetBucket", + "s3-outposts:GetBucketTagging", + "s3-outposts:GetLifecycleConfiguration" + ] + }, + "update": { + "permissions": [ + "s3-outposts:PutBucketTagging", + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutLifecycleConfiguration" + ] + } + }, + "primaryIdentifier": [ + "/properties/Arn" + ], + "properties": { + "Arn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[^:]+:s3-outposts:[a-zA-Z0-9\\-]+:\\d{12}:outpost\\/[^:]+\\/bucket\\/[^:]+$", + "type": "string" + }, + "BucketName": { + "maxLength": 63, + "minLength": 3, + "pattern": "(?=^.{3,63}$)(?!^(\\d+\\.)+\\d+$)(^(([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])\\.)*([a-z0-9]|[a-z0-9][a-z0-9\\-]*[a-z0-9])$)", + "type": "string" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/LifecycleConfiguration" + }, + "OutpostId": { + "pattern": "^(op-[a-f0-9]{17}|\\d{12}|ec2)$", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array", + "uniqueItems": true + } + }, + "readOnlyProperties": [ + "/properties/Arn" + ], + "required": [ + "BucketName", + "OutpostId" + ], + "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3outposts.git", + "tagging": { + "cloudFormationSystemTags": true, + "permissions": [ + "s3-outposts:DeleteBucketTagging", + "s3-outposts:PutBucketTagging", + "s3-outposts:GetBucketTagging" + ], + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::S3Outposts::Bucket" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-portal.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-portal.json new file mode 100644 index 0000000000..9588a3f3dc --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-portal.json @@ -0,0 +1,311 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/AdditionalEncryptionContext", + "/properties/CustomerManagedKey" + ], + "definitions": { + "AuthenticationType": { + "enum": [ + "Standard", + "IAM_Identity_Center" + ], + "type": "string" + }, + "BrowserType": { + "enum": [ + "Chrome" + ], + "type": "string" + }, + "EncryptionContextMap": { + "additionalProperties": false, + "patternProperties": { + "^[\\s\\S]*$": { + "maxLength": 131072, + "minLength": 0, + "pattern": "^[\\s\\S]*$", + "type": "string" + } + }, + "type": "object" + }, + "InstanceType": { + "enum": [ + "standard.regular", + "standard.large", + "standard.xlarge" + ], + "type": "string" + }, + "PortalStatus": { + "enum": [ + "Incomplete", + "Pending", + "Active" + ], + "type": "string" + }, + "RendererType": { + "enum": [ + "AppStream" + ], + "type": "string" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "workspaces-web:CreatePortal", + "workspaces-web:GetPortal", + "workspaces-web:GetPortalServiceProviderMetadata", + "workspaces-web:AssociateBrowserSettings", + "workspaces-web:AssociateIpAccessSettings", + "workspaces-web:AssociateNetworkSettings", + "workspaces-web:AssociateTrustStore", + "workspaces-web:AssociateUserAccessLoggingSettings", + "workspaces-web:AssociateUserSettings", + "workspaces-web:ListTagsForResource", + "workspaces-web:TagResource", + "kms:CreateGrant", + "kms:GenerateDataKey", + "kms:Decrypt", + "kms:DescribeKey", + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:DeleteNetworkInterface", + "ec2:DeleteNetworkInterfacePermission", + "ec2:ModifyNetworkInterfaceAttribute", + "kinesis:PutRecord", + "kinesis:PutRecords", + "kinesis:DescribeStreamSummary", + "sso:CreateManagedApplicationInstance", + "sso:DescribeRegisteredRegions" + ] + }, + "delete": { + "permissions": [ + "workspaces-web:GetPortal", + "workspaces-web:DeletePortal", + "workspaces-web:DisassociateBrowserSettings", + "workspaces-web:DisassociateIpAccessSettings", + "workspaces-web:DisassociateNetworkSettings", + "workspaces-web:DisassociateTrustStore", + "workspaces-web:DisassociateUserAccessLoggingSettings", + "workspaces-web:DisassociateUserSettings", + "kms:Decrypt", + "kms:DescribeKey", + "sso:DeleteManagedApplicationInstance" + ] + }, + "list": { + "permissions": [ + "workspaces-web:ListPortals", + "kms:Decrypt", + "kms:DescribeKey" + ] + }, + "read": { + "permissions": [ + "workspaces-web:GetPortal", + "workspaces-web:GetPortalServiceProviderMetadata", + "workspaces-web:ListTagsForResource", + "kms:Decrypt", + "kms:DescribeKey" + ] + }, + "update": { + "permissions": [ + "workspaces-web:GetPortal", + "workspaces-web:GetPortalServiceProviderMetadata", + "workspaces-web:UpdatePortal", + "workspaces-web:AssociateBrowserSettings", + "workspaces-web:AssociateIpAccessSettings", + "workspaces-web:AssociateNetworkSettings", + "workspaces-web:AssociateTrustStore", + "workspaces-web:AssociateUserAccessLoggingSettings", + "workspaces-web:AssociateUserSettings", + "workspaces-web:DisassociateBrowserSettings", + "workspaces-web:DisassociateIpAccessSettings", + "workspaces-web:DisassociateNetworkSettings", + "workspaces-web:DisassociateTrustStore", + "workspaces-web:DisassociateUserAccessLoggingSettings", + "workspaces-web:DisassociateUserSettings", + "workspaces-web:ListTagsForResource", + "workspaces-web:TagResource", + "workspaces-web:UntagResource", + "kms:CreateGrant", + "kms:Encrypt", + "kms:GenerateDataKey", + "kms:Decrypt", + "kms:DescribeKey", + "ec2:CreateNetworkInterface", + "ec2:CreateNetworkInterfacePermission", + "ec2:DeleteNetworkInterface", + "ec2:DeleteNetworkInterfacePermission", + "ec2:ModifyNetworkInterfaceAttribute", + "kinesis:PutRecord", + "kinesis:PutRecords", + "kinesis:DescribeStreamSummary", + "sso:CreateManagedApplicationInstance", + "sso:DeleteManagedApplicationInstance", + "sso:DescribeRegisteredRegions", + "sso:GetApplicationInstance", + "sso:ListApplicationInstances" + ] + } + }, + "primaryIdentifier": [ + "/properties/PortalArn" + ], + "properties": { + "AdditionalEncryptionContext": { + "$ref": "#/definitions/EncryptionContextMap" + }, + "AuthenticationType": { + "$ref": "#/definitions/AuthenticationType" + }, + "BrowserSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "BrowserType": { + "$ref": "#/definitions/BrowserType" + }, + "CreationDate": { + "format": "date-time", + "type": "string" + }, + "CustomerManagedKey": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$", + "type": "string" + }, + "DisplayName": { + "maxLength": 64, + "minLength": 1, + "pattern": "^.+$", + "type": "string" + }, + "InstanceType": { + "$ref": "#/definitions/InstanceType" + }, + "IpAccessSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "MaxConcurrentSessions": { + "maximum": 5000, + "minimum": 1, + "type": "number" + }, + "NetworkSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "PortalArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "PortalEndpoint": { + "maxLength": 253, + "minLength": 1, + "pattern": "^[a-zA-Z0-9]?((?!-)([A-Za-z0-9-]*[A-Za-z0-9])\\.)+[a-zA-Z0-9]+$", + "type": "string" + }, + "PortalStatus": { + "$ref": "#/definitions/PortalStatus" + }, + "RendererType": { + "$ref": "#/definitions/RendererType" + }, + "ServiceProviderSamlMetadata": { + "maxLength": 204800, + "minLength": 0, + "pattern": "^.*$", + "type": "string" + }, + "StatusReason": { + "maxLength": 1024, + "minLength": 1, + "pattern": ".*", + "type": "string" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array" + }, + "TrustStoreArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "UserAccessLoggingSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "UserSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/BrowserType", + "/properties/CreationDate", + "/properties/PortalArn", + "/properties/PortalEndpoint", + "/properties/PortalStatus", + "/properties/RendererType", + "/properties/ServiceProviderSamlMetadata", + "/properties/StatusReason" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::WorkSpacesWeb::Portal" +} diff --git a/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-usersettings.json b/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-usersettings.json new file mode 100644 index 0000000000..42252e5db8 --- /dev/null +++ b/src/cfnlint/data/schemas/providers/us_west_2/aws-workspacesweb-usersettings.json @@ -0,0 +1,250 @@ +{ + "additionalProperties": false, + "createOnlyProperties": [ + "/properties/AdditionalEncryptionContext", + "/properties/CustomerManagedKey" + ], + "definitions": { + "CookieSpecification": { + "additionalProperties": false, + "properties": { + "Domain": { + "maxLength": 253, + "minLength": 0, + "pattern": "^(\\.?)(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\\.)*[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$", + "type": "string" + }, + "Name": { + "maxLength": 4096, + "minLength": 0, + "type": "string" + }, + "Path": { + "maxLength": 2000, + "minLength": 0, + "pattern": "^/(\\S)*$", + "type": "string" + } + }, + "required": [ + "Domain" + ], + "type": "object" + }, + "CookieSynchronizationConfiguration": { + "additionalProperties": false, + "properties": { + "Allowlist": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/CookieSpecification" + }, + "maxItems": 10, + "minItems": 0, + "type": "array" + }, + "Blocklist": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/CookieSpecification" + }, + "maxItems": 10, + "minItems": 0, + "type": "array" + } + }, + "required": [ + "Allowlist" + ], + "type": "object" + }, + "EnabledType": { + "enum": [ + "Disabled", + "Enabled" + ], + "type": "string" + }, + "EncryptionContextMap": { + "additionalProperties": false, + "patternProperties": { + "^[\\s\\S]*$": { + "maxLength": 131072, + "minLength": 0, + "pattern": "^[\\s\\S]*$", + "type": "string" + } + }, + "type": "object" + }, + "Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "maxLength": 128, + "minLength": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", + "type": "string" + }, + "Value": { + "maxLength": 256, + "minLength": 0, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + } + }, + "handlers": { + "create": { + "permissions": [ + "workspaces-web:CreateUserSettings", + "workspaces-web:GetUserSettings", + "workspaces-web:ListTagsForResource", + "workspaces-web:TagResource", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + }, + "delete": { + "permissions": [ + "workspaces-web:GetUserSettings", + "workspaces-web:DeleteUserSettings", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + }, + "list": { + "permissions": [ + "workspaces-web:ListUserSettings", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + }, + "read": { + "permissions": [ + "workspaces-web:GetUserSettings", + "workspaces-web:ListTagsForResource", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + }, + "update": { + "permissions": [ + "workspaces-web:UpdateUserSettings", + "workspaces-web:TagResource", + "workspaces-web:UntagResource", + "workspaces-web:GetUserSettings", + "workspaces-web:ListTagsForResource", + "kms:CreateGrant", + "kms:DescribeKey", + "kms:GenerateDataKey", + "kms:Decrypt" + ] + } + }, + "primaryIdentifier": [ + "/properties/UserSettingsArn" + ], + "properties": { + "AdditionalEncryptionContext": { + "$ref": "#/definitions/EncryptionContextMap" + }, + "AssociatedPortalArns": { + "insertionOrder": false, + "items": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + }, + "type": "array" + }, + "CookieSynchronizationConfiguration": { + "$ref": "#/definitions/CookieSynchronizationConfiguration" + }, + "CopyAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "CustomerManagedKey": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$", + "type": "string" + }, + "DeepLinkAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "DisconnectTimeoutInMinutes": { + "default": null, + "maximum": 600, + "minimum": 1, + "type": "number" + }, + "DownloadAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "IdleDisconnectTimeoutInMinutes": { + "default": null, + "maximum": 60, + "minimum": 0, + "type": "number" + }, + "PasteAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "PrintAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "Tags": { + "insertionOrder": false, + "items": { + "$ref": "#/definitions/Tag" + }, + "maxItems": 200, + "minItems": 0, + "type": "array" + }, + "UploadAllowed": { + "$ref": "#/definitions/EnabledType" + }, + "UserSettingsArn": { + "maxLength": 2048, + "minLength": 20, + "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$", + "type": "string" + } + }, + "readOnlyProperties": [ + "/properties/AssociatedPortalArns", + "/properties/UserSettingsArn" + ], + "required": [ + "CopyAllowed", + "DownloadAllowed", + "PasteAllowed", + "PrintAllowed", + "UploadAllowed" + ], + "tagging": { + "cloudFormationSystemTags": false, + "tagOnCreate": true, + "tagProperty": "/properties/Tags", + "tagUpdatable": true, + "taggable": true + }, + "typeName": "AWS::WorkSpacesWeb::UserSettings" +}