Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs(cfnspec): update CloudFormation documentation #23748

Merged
merged 1 commit into from
Jan 19, 2023
Merged

docs(cfnspec): update CloudFormation documentation #23748

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 28 additions & 28 deletions packages/@aws-cdk/cfnspec/spec-source/cfn-docs/cfn-docs.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16570,7 +16570,7 @@
"SnapshotId": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.",
"Tags": "The tags to apply to the volume during creation.",
"Throughput": "The throughput that the volume supports, in MiB/s.",
"VolumeType": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nDefault: `gp2`"
"VolumeType": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> Throughput Optimized HDD ( `st1` ) and Cold HDD ( `sc1` ) volumes can't be used as boot volumes. \n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nDefault: `gp2`"
}
},
"AWS::EC2::VolumeAttachment": {
Expand Down Expand Up @@ -35942,7 +35942,7 @@
"attributes": {},
"description": "A single IP address specification. This is used in the `RuleGroup.MatchAttributes` source and destination specifications.",
"properties": {
"AddressDefinition": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ."
"AddressDefinition": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ."
}
},
"AWS::NetworkFirewall::RuleGroup.CustomAction": {
Expand All @@ -35964,11 +35964,11 @@
"attributes": {},
"description": "The 5-tuple criteria for AWS Network Firewall to use to inspect packet headers in stateful traffic flow inspection. Traffic flows that match the criteria are a match for the corresponding stateful rule.",
"properties": {
"Destination": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .",
"Destination": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .",
"DestinationPort": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .",
"Direction": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.",
"Protocol": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.",
"Source": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .",
"Source": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .",
"SourcePort": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` ."
}
},
Expand Down Expand Up @@ -36750,7 +36750,7 @@
"Name": "The name of the endpoint.",
"SecurityGroupIds": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.",
"SubnetIds": "The ID of the subnets from which you access OpenSearch Serverless.",
"VpcId": "The ID of the VPC from which you access OpenSearch Serverless"
"VpcId": "The ID of the VPC from which you access OpenSearch Serverless."
}
},
"AWS::OpenSearchService::Domain": {
Expand Down Expand Up @@ -41577,42 +41577,42 @@
"AWS::RolesAnywhere::CRL": {
"attributes": {
"CrlId": "The unique primary identifier of the Crl",
"Ref": "The name of the CRL."
"Ref": "`Ref` returns `CrlId` ."
},
"description": "Creates a Crl.",
"description": "The state of the certificate revocation list (CRL) after a read or write operation.",
"properties": {
"CrlData": "x509 v3 Certificate Revocation List to revoke auth for corresponding certificates presented in CreateSession operations",
"Enabled": "The enabled status of the resource.",
"Name": "The customer specified name of the resource.",
"Tags": "A list of Tags.",
"CrlData": "The revocation record for a certificate, following the x509 v3 standard.",
"Enabled": "Indicates whether the certificate revocation list (CRL) is enabled.",
"Name": "The name of the certificate revocation list (CRL).",
"Tags": "A list of tags to attach to the CRL.",
"TrustAnchorArn": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for."
}
},
"AWS::RolesAnywhere::Profile": {
"attributes": {
"ProfileArn": "",
"ProfileArn": "The ARN of the profile.",
"ProfileId": "The unique primary identifier of the Profile",
"Ref": "The name of the Profile"
"Ref": "`Ref` returns `ProfileId` ."
},
"description": "Creates a Profile.",
"description": "Creates a *profile* , a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.\n\n*Required permissions:* `rolesanywhere:CreateProfile` .",
"properties": {
"DurationSeconds": "The number of seconds vended session credentials will be valid for",
"Enabled": "The enabled status of the resource.",
"ManagedPolicyArns": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.",
"Name": "The customer specified name of the resource.",
"RequireInstanceProperties": "Specifies whether instance properties are required in CreateSession requests with this profile.",
"RoleArns": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.",
"SessionPolicy": "A session policy that will applied to the trust boundary of the vended session credentials.",
"Tags": "A list of Tags."
"DurationSeconds": "Sets the maximum number of seconds that vended temporary credentials through [CreateSession](https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-create-session.html) will be valid for, between 900 and 3600.",
"Enabled": "Indicates whether the profile is enabled.",
"ManagedPolicyArns": "A list of managed policy ARNs that apply to the vended session credentials.",
"Name": "The name of the profile.",
"RequireInstanceProperties": "Specifies whether instance properties are required in temporary credential requests with this profile.",
"RoleArns": "A list of IAM role ARNs. During `CreateSession` , if a matching role ARN is provided, the properties in this profile will be applied to the intersection session policy.",
"SessionPolicy": "A session policy that applies to the trust boundary of the vended session credentials.",
"Tags": "A list of tags to attach to the profile."
}
},
"AWS::RolesAnywhere::TrustAnchor": {
"attributes": {
"Ref": "`Ref` returns `TrustAnchorId` .",
"TrustAnchorArn": "The ARN of the trust anchor.",
"TrustAnchorId": ""
"TrustAnchorId": "The unique primary identifier of the TrustAnchor"
},
"description": "Creates a TrustAnchor.",
"description": "The state of the trust anchor after a read or write operation.",
"properties": {
"Enabled": "Indicates whether the trust anchor is enabled.",
"Name": "The name of the trust anchor.",
Expand All @@ -41622,15 +41622,15 @@
},
"AWS::RolesAnywhere::TrustAnchor.Source": {
"attributes": {},
"description": "Object representing the TrustAnchor type and its related certificate data.",
"description": "The trust anchor type and its related certificate data.",
"properties": {
"SourceData": "A union object representing the data field of the TrustAnchor depending on its type",
"SourceType": "The type of the TrustAnchor."
"SourceData": "The data field of the trust anchor depending on its type.",
"SourceType": "The type of the trust anchor."
}
},
"AWS::RolesAnywhere::TrustAnchor.SourceData": {
"attributes": {},
"description": "A union object representing the data field of the TrustAnchor depending on its type",
"description": "The data field of the trust anchor depending on its type.",
"properties": {
"AcmPcaArn": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .",
"X509CertificateData": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` ."
Expand Down