Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: update L1 CloudFormation resource definitions #30438

Merged
merged 5 commits into from
Jun 5, 2024

Conversation

aws-cdk-automation
Copy link
Collaborator

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-autoscaling
│ └ resources
│    └[~] resource AWS::AutoScaling::AutoScalingGroup
│      └ properties
│         └ NotificationConfiguration: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    └[~] resource AWS::EC2::CustomerGateway
│      └ properties
│         └[+] BgpAsnExtended: number (immutable)
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Addon
│      ├ properties
│      │  └[+] PodIdentityAssociations: Array<PodIdentityAssociation>
│      └ types
│         └[+] type PodIdentityAssociation
│           ├  documentation: A pod identity to associate with an add-on.
│           │  name: PodIdentityAssociation
│           └ properties
│              ├ServiceAccount: string (required)
│              └RoleArn: string (required)
├[~] service aws-mediaconnect
│ └ resources
│    └[~] resource AWS::MediaConnect::Flow
│      └ types
│         └[~] type Source
│           └ properties
│              ├ MaxLatency: - integer (default=2000)
│              │             + integer
│              └ MinLatency: - integer (default=2000)
│                            + integer
├[~] service aws-mediapackagev2
│ └ resources
│    └[~] resource AWS::MediaPackageV2::OriginEndpoint
│      ├ properties
│      │  └[+] DashManifests: Array<DashManifestConfiguration>
│      └ types
│         ├[+] type DashManifestConfiguration
│         │ ├  documentation: <p>Retrieve the DASH manifest configuration.</p>
│         │ │  name: DashManifestConfiguration
│         │ └ properties
│         │    ├ManifestName: string (required)
│         │    ├ManifestWindowSeconds: integer
│         │    ├FilterConfiguration: FilterConfiguration
│         │    ├MinUpdatePeriodSeconds: integer
│         │    ├MinBufferTimeSeconds: integer
│         │    ├SuggestedPresentationDelaySeconds: integer
│         │    ├SegmentTemplateFormat: string
│         │    ├PeriodTriggers: Array<string>
│         │    ├ScteDash: ScteDash
│         │    ├DrmSignaling: string
│         │    └UtcTiming: DashUtcTiming
│         ├[+] type DashUtcTiming
│         │ ├  documentation: <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p>
│         │ │  name: DashUtcTiming
│         │ └ properties
│         │    ├TimingMode: string
│         │    └TimingSource: string
│         └[+] type ScteDash
│           ├  documentation: <p>The SCTE configuration.</p>
│           │  name: ScteDash
│           └ properties
│              └AdMarkerDash: string
├[~] service aws-securityhub
│ └ resources
│    ├[+] resource AWS::SecurityHub::ConfigurationPolicy
│    │ ├  name: ConfigurationPolicy
│    │ │  cloudFormationType: AWS::SecurityHub::ConfigurationPolicy
│    │ │  documentation: The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.
│    │ │  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│    │ ├ properties
│    │ │  ├Name: string (required)
│    │ │  ├Description: string
│    │ │  ├ConfigurationPolicy: Policy (required)
│    │ │  └Tags: Map<string, string>
│    │ ├ attributes
│    │ │  ├Arn: string
│    │ │  ├Id: string
│    │ │  ├CreatedAt: string
│    │ │  ├UpdatedAt: string
│    │ │  └ServiceEnabled: boolean
│    │ └ types
│    │    ├type Policy
│    │    │├  documentation: An object that defines how Security Hub is configured.
│    │    ││  name: Policy
│    │    │└ properties
│    │    │   └SecurityHub: SecurityHubPolicy
│    │    ├type SecurityHubPolicy
│    │    │├  documentation: An object that defines how AWS Security Hub is configured.
│    │    ││  name: SecurityHubPolicy
│    │    │└ properties
│    │    │   ├EnabledStandardIdentifiers: Array<string>
│    │    │   ├ServiceEnabled: boolean
│    │    │   └SecurityControlsConfiguration: SecurityControlsConfiguration
│    │    ├type SecurityControlsConfiguration
│    │    │├  documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy.
│    │    ││  name: SecurityControlsConfiguration
│    │    │└ properties
│    │    │   ├DisabledSecurityControlIdentifiers: Array<string>
│    │    │   ├EnabledSecurityControlIdentifiers: Array<string>
│    │    │   └SecurityControlCustomParameters: Array<SecurityControlCustomParameter>
│    │    ├type SecurityControlCustomParameter
│    │    │├  documentation: An object of security control and control parameter value that are included in a configuration policy.
│    │    ││  name: SecurityControlCustomParameter
│    │    │└ properties
│    │    │   ├Parameters: Map<string, ParameterConfiguration>
│    │    │   └SecurityControlId: string
│    │    ├type ParameterConfiguration
│    │    │├  documentation: An object that provides the current value of a security control parameter and identifies whether it has been customized.
│    │    ││  name: ParameterConfiguration
│    │    │└ properties
│    │    │   ├ValueType: string (required)
│    │    │   └Value: ParameterValue
│    │    └type ParameterValue
│    │     ├  documentation: An object that includes the data type of a security control parameter and its current value.
│    │     │  name: ParameterValue
│    │     └ properties
│    │        ├Boolean: boolean
│    │        ├Double: number
│    │        ├Enum: string
│    │        ├EnumList: Array<string>
│    │        ├Integer: integer
│    │        ├IntegerList: Array<integer>
│    │        ├String: string
│    │        └StringList: Array<string>
│    ├[+] resource AWS::SecurityHub::FindingAggregator
│    │ ├  name: FindingAggregator
│    │ │  cloudFormationType: AWS::SecurityHub::FindingAggregator
│    │ │  documentation: The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode.
│    │ ├ properties
│    │ │  ├RegionLinkingMode: string (required)
│    │ │  └Regions: Array<string>
│    │ └ attributes
│    │    ├FindingAggregatorArn: string
│    │    └FindingAggregationRegion: string
│    ├[+] resource AWS::SecurityHub::OrganizationConfiguration
│    │ ├  name: OrganizationConfiguration
│    │ │  cloudFormationType: AWS::SecurityHub::OrganizationConfiguration
│    │ │  documentation: The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator.
│    │ ├ properties
│    │ │  ├AutoEnable: boolean (required)
│    │ │  ├AutoEnableStandards: string
│    │ │  └ConfigurationType: string
│    │ └ attributes
│    │    ├OrganizationConfigurationIdentifier: string
│    │    ├Status: string
│    │    ├StatusMessage: string
│    │    └MemberAccountLimitReached: boolean
│    └[+] resource AWS::SecurityHub::PolicyAssociation
│      ├  name: PolicyAssociation
│      │  cloudFormationType: AWS::SecurityHub::PolicyAssociation
│      │  documentation: The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region.
│      ├ properties
│      │  ├ConfigurationPolicyId: string (required)
│      │  ├TargetId: string (required, immutable)
│      │  └TargetType: string (required, immutable)
│      └ attributes
│         ├AssociationStatus: string
│         ├AssociationType: string
│         ├AssociationStatusMessage: string
│         ├UpdatedAt: string
│         └AssociationIdentifier: string
└[~] service aws-securitylake
  └ resources
     ├[~] resource AWS::SecurityLake::Subscriber
     │ ├ properties
     │ │  └[-] Sources: Array<Source> (required)
     │ └ types
     │    ├[-] type AwsLogSource
     │    │ ├  documentation: Adds a natively supported AWS service as an Amazon Security Lake source. Enables source types for member accounts in required AWS Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an AWS service as a source, Security Lake starts collecting logs and events from it.
     │    │ │  name: AwsLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    ├[-] type CustomLogSource
     │    │ ├  documentation: Third-party custom log source that meets the requirements to be added to Amazon Security Lake . For more details, see [Custom log source](https://docs.aws.amazon.com//security-lake/latest/userguide/custom-sources.html#iam-roles-custom-sources) in the *Amazon Security Lake User Guide* .
     │    │ │  name: CustomLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    └[-] type Source
     │      ├  documentation: Sources are logs and events generated from a single system that match a specific event class in the Open Cybersecurity Schema Framework (OCSF) schema. Amazon Security Lake can collect logs and events from a variety of sources, including natively supported AWS services and third-party custom sources.
     │      │  name: Source
     │      └ properties
     │         ├AwsLogSource: AwsLogSource
     │         └CustomLogSource: CustomLogSource
     └[+] resource AWS::SecurityLake::SubscriberNotification
       ├  name: SubscriberNotification
       │  cloudFormationType: AWS::SecurityLake::SubscriberNotification
       │  documentation: Resource Type definition for AWS::SecurityLake::SubscriberNotification
       ├ properties
       │  └SubscriberArn: string (required, immutable)
       └ attributes
          └SubscriberEndpoint: string

Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
@aws-cdk-automation aws-cdk-automation added auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels Jun 3, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team June 3, 2024 13:44
@aws-cdk-automation aws-cdk-automation requested a review from a team June 3, 2024 13:45
@github-actions github-actions bot added the p2 label Jun 3, 2024
@TheRealAmazonKendra
Copy link
Contributor

@Mergifyio update

Copy link
Contributor

mergify bot commented Jun 3, 2024

update

✅ Branch has been successfully updated

Copy link
Contributor

mergify bot commented Jun 3, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation aws-cdk-automation added the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Jun 3, 2024
Copy link
Contributor

mergify bot commented Jun 3, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@TheRealAmazonKendra
Copy link
Contributor

@Mergifyio update

Copy link
Contributor

mergify bot commented Jun 5, 2024

update

✅ Branch has been successfully updated

Copy link
Contributor

mergify bot commented Jun 5, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: a262db4
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit 3ee5ce0 into main Jun 5, 2024
12 checks passed
@mergify mergify bot deleted the automation/spec-update branch June 5, 2024 19:07
Copy link
Contributor

mergify bot commented Jun 5, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

Leo10Gama pushed a commit to Leo10Gama/aws-cdk that referenced this pull request Jun 11, 2024
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-autoscaling
│ └ resources
│    └[~] resource AWS::AutoScaling::AutoScalingGroup
│      └ properties
│         └ NotificationConfiguration: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    └[~] resource AWS::EC2::CustomerGateway
│      └ properties
│         └[+] BgpAsnExtended: number (immutable)
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Addon
│      ├ properties
│      │  └[+] PodIdentityAssociations: Array<PodIdentityAssociation>
│      └ types
│         └[+] type PodIdentityAssociation
│           ├  documentation: A pod identity to associate with an add-on.
│           │  name: PodIdentityAssociation
│           └ properties
│              ├ServiceAccount: string (required)
│              └RoleArn: string (required)
├[~] service aws-mediaconnect
│ └ resources
│    └[~] resource AWS::MediaConnect::Flow
│      └ types
│         └[~] type Source
│           └ properties
│              ├ MaxLatency: - integer (default=2000)
│              │             + integer
│              └ MinLatency: - integer (default=2000)
│                            + integer
├[~] service aws-mediapackagev2
│ └ resources
│    └[~] resource AWS::MediaPackageV2::OriginEndpoint
│      ├ properties
│      │  └[+] DashManifests: Array<DashManifestConfiguration>
│      └ types
│         ├[+] type DashManifestConfiguration
│         │ ├  documentation: <p>Retrieve the DASH manifest configuration.</p>
│         │ │  name: DashManifestConfiguration
│         │ └ properties
│         │    ├ManifestName: string (required)
│         │    ├ManifestWindowSeconds: integer
│         │    ├FilterConfiguration: FilterConfiguration
│         │    ├MinUpdatePeriodSeconds: integer
│         │    ├MinBufferTimeSeconds: integer
│         │    ├SuggestedPresentationDelaySeconds: integer
│         │    ├SegmentTemplateFormat: string
│         │    ├PeriodTriggers: Array<string>
│         │    ├ScteDash: ScteDash
│         │    ├DrmSignaling: string
│         │    └UtcTiming: DashUtcTiming
│         ├[+] type DashUtcTiming
│         │ ├  documentation: <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p>
│         │ │  name: DashUtcTiming
│         │ └ properties
│         │    ├TimingMode: string
│         │    └TimingSource: string
│         └[+] type ScteDash
│           ├  documentation: <p>The SCTE configuration.</p>
│           │  name: ScteDash
│           └ properties
│              └AdMarkerDash: string
├[~] service aws-securityhub
│ └ resources
│    ├[+] resource AWS::SecurityHub::ConfigurationPolicy
│    │ ├  name: ConfigurationPolicy
│    │ │  cloudFormationType: AWS::SecurityHub::ConfigurationPolicy
│    │ │  documentation: The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.
│    │ │  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│    │ ├ properties
│    │ │  ├Name: string (required)
│    │ │  ├Description: string
│    │ │  ├ConfigurationPolicy: Policy (required)
│    │ │  └Tags: Map<string, string>
│    │ ├ attributes
│    │ │  ├Arn: string
│    │ │  ├Id: string
│    │ │  ├CreatedAt: string
│    │ │  ├UpdatedAt: string
│    │ │  └ServiceEnabled: boolean
│    │ └ types
│    │    ├type Policy
│    │    │├  documentation: An object that defines how Security Hub is configured.
│    │    ││  name: Policy
│    │    │└ properties
│    │    │   └SecurityHub: SecurityHubPolicy
│    │    ├type SecurityHubPolicy
│    │    │├  documentation: An object that defines how AWS Security Hub is configured.
│    │    ││  name: SecurityHubPolicy
│    │    │└ properties
│    │    │   ├EnabledStandardIdentifiers: Array<string>
│    │    │   ├ServiceEnabled: boolean
│    │    │   └SecurityControlsConfiguration: SecurityControlsConfiguration
│    │    ├type SecurityControlsConfiguration
│    │    │├  documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy.
│    │    ││  name: SecurityControlsConfiguration
│    │    │└ properties
│    │    │   ├DisabledSecurityControlIdentifiers: Array<string>
│    │    │   ├EnabledSecurityControlIdentifiers: Array<string>
│    │    │   └SecurityControlCustomParameters: Array<SecurityControlCustomParameter>
│    │    ├type SecurityControlCustomParameter
│    │    │├  documentation: An object of security control and control parameter value that are included in a configuration policy.
│    │    ││  name: SecurityControlCustomParameter
│    │    │└ properties
│    │    │   ├Parameters: Map<string, ParameterConfiguration>
│    │    │   └SecurityControlId: string
│    │    ├type ParameterConfiguration
│    │    │├  documentation: An object that provides the current value of a security control parameter and identifies whether it has been customized.
│    │    ││  name: ParameterConfiguration
│    │    │└ properties
│    │    │   ├ValueType: string (required)
│    │    │   └Value: ParameterValue
│    │    └type ParameterValue
│    │     ├  documentation: An object that includes the data type of a security control parameter and its current value.
│    │     │  name: ParameterValue
│    │     └ properties
│    │        ├Boolean: boolean
│    │        ├Double: number
│    │        ├Enum: string
│    │        ├EnumList: Array<string>
│    │        ├Integer: integer
│    │        ├IntegerList: Array<integer>
│    │        ├String: string
│    │        └StringList: Array<string>
│    ├[+] resource AWS::SecurityHub::FindingAggregator
│    │ ├  name: FindingAggregator
│    │ │  cloudFormationType: AWS::SecurityHub::FindingAggregator
│    │ │  documentation: The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode.
│    │ ├ properties
│    │ │  ├RegionLinkingMode: string (required)
│    │ │  └Regions: Array<string>
│    │ └ attributes
│    │    ├FindingAggregatorArn: string
│    │    └FindingAggregationRegion: string
│    ├[+] resource AWS::SecurityHub::OrganizationConfiguration
│    │ ├  name: OrganizationConfiguration
│    │ │  cloudFormationType: AWS::SecurityHub::OrganizationConfiguration
│    │ │  documentation: The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator.
│    │ ├ properties
│    │ │  ├AutoEnable: boolean (required)
│    │ │  ├AutoEnableStandards: string
│    │ │  └ConfigurationType: string
│    │ └ attributes
│    │    ├OrganizationConfigurationIdentifier: string
│    │    ├Status: string
│    │    ├StatusMessage: string
│    │    └MemberAccountLimitReached: boolean
│    └[+] resource AWS::SecurityHub::PolicyAssociation
│      ├  name: PolicyAssociation
│      │  cloudFormationType: AWS::SecurityHub::PolicyAssociation
│      │  documentation: The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region.
│      ├ properties
│      │  ├ConfigurationPolicyId: string (required)
│      │  ├TargetId: string (required, immutable)
│      │  └TargetType: string (required, immutable)
│      └ attributes
│         ├AssociationStatus: string
│         ├AssociationType: string
│         ├AssociationStatusMessage: string
│         ├UpdatedAt: string
│         └AssociationIdentifier: string
└[~] service aws-securitylake
  └ resources
     ├[~] resource AWS::SecurityLake::Subscriber
     │ ├ properties
     │ │  └[-] Sources: Array<Source> (required)
     │ └ types
     │    ├[-] type AwsLogSource
     │    │ ├  documentation: Adds a natively supported AWS service as an Amazon Security Lake source. Enables source types for member accounts in required AWS Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an AWS service as a source, Security Lake starts collecting logs and events from it.
     │    │ │  name: AwsLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    ├[-] type CustomLogSource
     │    │ ├  documentation: Third-party custom log source that meets the requirements to be added to Amazon Security Lake . For more details, see [Custom log source](https://docs.aws.amazon.com//security-lake/latest/userguide/custom-sources.html#iam-roles-custom-sources) in the *Amazon Security Lake User Guide* .
     │    │ │  name: CustomLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    └[-] type Source
     │      ├  documentation: Sources are logs and events generated from a single system that match a specific event class in the Open Cybersecurity Schema Framework (OCSF) schema. Amazon Security Lake can collect logs and events from a variety of sources, including natively supported AWS services and third-party custom sources.
     │      │  name: Source
     │      └ properties
     │         ├AwsLogSource: AwsLogSource
     │         └CustomLogSource: CustomLogSource
     └[+] resource AWS::SecurityLake::SubscriberNotification
       ├  name: SubscriberNotification
       │  cloudFormationType: AWS::SecurityLake::SubscriberNotification
       │  documentation: Resource Type definition for AWS::SecurityLake::SubscriberNotification
       ├ properties
       │  └SubscriberArn: string (required, immutable)
       └ attributes
          └SubscriberEndpoint: string
```
mazyu36 pushed a commit to mazyu36/aws-cdk that referenced this pull request Jun 22, 2024
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-autoscaling
│ └ resources
│    └[~] resource AWS::AutoScaling::AutoScalingGroup
│      └ properties
│         └ NotificationConfiguration: (documentation changed)
├[~] service aws-ec2
│ └ resources
│    └[~] resource AWS::EC2::CustomerGateway
│      └ properties
│         └[+] BgpAsnExtended: number (immutable)
├[~] service aws-eks
│ └ resources
│    └[~] resource AWS::EKS::Addon
│      ├ properties
│      │  └[+] PodIdentityAssociations: Array<PodIdentityAssociation>
│      └ types
│         └[+] type PodIdentityAssociation
│           ├  documentation: A pod identity to associate with an add-on.
│           │  name: PodIdentityAssociation
│           └ properties
│              ├ServiceAccount: string (required)
│              └RoleArn: string (required)
├[~] service aws-mediaconnect
│ └ resources
│    └[~] resource AWS::MediaConnect::Flow
│      └ types
│         └[~] type Source
│           └ properties
│              ├ MaxLatency: - integer (default=2000)
│              │             + integer
│              └ MinLatency: - integer (default=2000)
│                            + integer
├[~] service aws-mediapackagev2
│ └ resources
│    └[~] resource AWS::MediaPackageV2::OriginEndpoint
│      ├ properties
│      │  └[+] DashManifests: Array<DashManifestConfiguration>
│      └ types
│         ├[+] type DashManifestConfiguration
│         │ ├  documentation: <p>Retrieve the DASH manifest configuration.</p>
│         │ │  name: DashManifestConfiguration
│         │ └ properties
│         │    ├ManifestName: string (required)
│         │    ├ManifestWindowSeconds: integer
│         │    ├FilterConfiguration: FilterConfiguration
│         │    ├MinUpdatePeriodSeconds: integer
│         │    ├MinBufferTimeSeconds: integer
│         │    ├SuggestedPresentationDelaySeconds: integer
│         │    ├SegmentTemplateFormat: string
│         │    ├PeriodTriggers: Array<string>
│         │    ├ScteDash: ScteDash
│         │    ├DrmSignaling: string
│         │    └UtcTiming: DashUtcTiming
│         ├[+] type DashUtcTiming
│         │ ├  documentation: <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p>
│         │ │  name: DashUtcTiming
│         │ └ properties
│         │    ├TimingMode: string
│         │    └TimingSource: string
│         └[+] type ScteDash
│           ├  documentation: <p>The SCTE configuration.</p>
│           │  name: ScteDash
│           └ properties
│              └AdMarkerDash: string
├[~] service aws-securityhub
│ └ resources
│    ├[+] resource AWS::SecurityHub::ConfigurationPolicy
│    │ ├  name: ConfigurationPolicy
│    │ │  cloudFormationType: AWS::SecurityHub::ConfigurationPolicy
│    │ │  documentation: The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.
│    │ │  tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│    │ ├ properties
│    │ │  ├Name: string (required)
│    │ │  ├Description: string
│    │ │  ├ConfigurationPolicy: Policy (required)
│    │ │  └Tags: Map<string, string>
│    │ ├ attributes
│    │ │  ├Arn: string
│    │ │  ├Id: string
│    │ │  ├CreatedAt: string
│    │ │  ├UpdatedAt: string
│    │ │  └ServiceEnabled: boolean
│    │ └ types
│    │    ├type Policy
│    │    │├  documentation: An object that defines how Security Hub is configured.
│    │    ││  name: Policy
│    │    │└ properties
│    │    │   └SecurityHub: SecurityHubPolicy
│    │    ├type SecurityHubPolicy
│    │    │├  documentation: An object that defines how AWS Security Hub is configured.
│    │    ││  name: SecurityHubPolicy
│    │    │└ properties
│    │    │   ├EnabledStandardIdentifiers: Array<string>
│    │    │   ├ServiceEnabled: boolean
│    │    │   └SecurityControlsConfiguration: SecurityControlsConfiguration
│    │    ├type SecurityControlsConfiguration
│    │    │├  documentation: An object that defines which security controls are enabled in an AWS Security Hub configuration policy.
│    │    ││  name: SecurityControlsConfiguration
│    │    │└ properties
│    │    │   ├DisabledSecurityControlIdentifiers: Array<string>
│    │    │   ├EnabledSecurityControlIdentifiers: Array<string>
│    │    │   └SecurityControlCustomParameters: Array<SecurityControlCustomParameter>
│    │    ├type SecurityControlCustomParameter
│    │    │├  documentation: An object of security control and control parameter value that are included in a configuration policy.
│    │    ││  name: SecurityControlCustomParameter
│    │    │└ properties
│    │    │   ├Parameters: Map<string, ParameterConfiguration>
│    │    │   └SecurityControlId: string
│    │    ├type ParameterConfiguration
│    │    │├  documentation: An object that provides the current value of a security control parameter and identifies whether it has been customized.
│    │    ││  name: ParameterConfiguration
│    │    │└ properties
│    │    │   ├ValueType: string (required)
│    │    │   └Value: ParameterValue
│    │    └type ParameterValue
│    │     ├  documentation: An object that includes the data type of a security control parameter and its current value.
│    │     │  name: ParameterValue
│    │     └ properties
│    │        ├Boolean: boolean
│    │        ├Double: number
│    │        ├Enum: string
│    │        ├EnumList: Array<string>
│    │        ├Integer: integer
│    │        ├IntegerList: Array<integer>
│    │        ├String: string
│    │        └StringList: Array<string>
│    ├[+] resource AWS::SecurityHub::FindingAggregator
│    │ ├  name: FindingAggregator
│    │ │  cloudFormationType: AWS::SecurityHub::FindingAggregator
│    │ │  documentation: The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode.
│    │ ├ properties
│    │ │  ├RegionLinkingMode: string (required)
│    │ │  └Regions: Array<string>
│    │ └ attributes
│    │    ├FindingAggregatorArn: string
│    │    └FindingAggregationRegion: string
│    ├[+] resource AWS::SecurityHub::OrganizationConfiguration
│    │ ├  name: OrganizationConfiguration
│    │ │  cloudFormationType: AWS::SecurityHub::OrganizationConfiguration
│    │ │  documentation: The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator.
│    │ ├ properties
│    │ │  ├AutoEnable: boolean (required)
│    │ │  ├AutoEnableStandards: string
│    │ │  └ConfigurationType: string
│    │ └ attributes
│    │    ├OrganizationConfigurationIdentifier: string
│    │    ├Status: string
│    │    ├StatusMessage: string
│    │    └MemberAccountLimitReached: boolean
│    └[+] resource AWS::SecurityHub::PolicyAssociation
│      ├  name: PolicyAssociation
│      │  cloudFormationType: AWS::SecurityHub::PolicyAssociation
│      │  documentation: The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region.
│      ├ properties
│      │  ├ConfigurationPolicyId: string (required)
│      │  ├TargetId: string (required, immutable)
│      │  └TargetType: string (required, immutable)
│      └ attributes
│         ├AssociationStatus: string
│         ├AssociationType: string
│         ├AssociationStatusMessage: string
│         ├UpdatedAt: string
│         └AssociationIdentifier: string
└[~] service aws-securitylake
  └ resources
     ├[~] resource AWS::SecurityLake::Subscriber
     │ ├ properties
     │ │  └[-] Sources: Array<Source> (required)
     │ └ types
     │    ├[-] type AwsLogSource
     │    │ ├  documentation: Adds a natively supported AWS service as an Amazon Security Lake source. Enables source types for member accounts in required AWS Regions, based on the parameters you specify. You can choose any source type in any Region for either accounts that are part of a trusted organization or standalone accounts. Once you add an AWS service as a source, Security Lake starts collecting logs and events from it.
     │    │ │  name: AwsLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    ├[-] type CustomLogSource
     │    │ ├  documentation: Third-party custom log source that meets the requirements to be added to Amazon Security Lake . For more details, see [Custom log source](https://docs.aws.amazon.com//security-lake/latest/userguide/custom-sources.html#iam-roles-custom-sources) in the *Amazon Security Lake User Guide* .
     │    │ │  name: CustomLogSource
     │    │ └ properties
     │    │    ├SourceName: string
     │    │    └SourceVersion: string
     │    └[-] type Source
     │      ├  documentation: Sources are logs and events generated from a single system that match a specific event class in the Open Cybersecurity Schema Framework (OCSF) schema. Amazon Security Lake can collect logs and events from a variety of sources, including natively supported AWS services and third-party custom sources.
     │      │  name: Source
     │      └ properties
     │         ├AwsLogSource: AwsLogSource
     │         └CustomLogSource: CustomLogSource
     └[+] resource AWS::SecurityLake::SubscriberNotification
       ├  name: SubscriberNotification
       │  cloudFormationType: AWS::SecurityLake::SubscriberNotification
       │  documentation: Resource Type definition for AWS::SecurityLake::SubscriberNotification
       ├ properties
       │  └SubscriberArn: string (required, immutable)
       └ attributes
          └SubscriberEndpoint: string
```
@aws-cdk-automation
Copy link
Collaborator Author

Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.

@aws aws locked as resolved and limited conversation to collaborators Jul 25, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. p2 pr/needs-maintainer-review This PR needs a review from a Core Team Member pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants